Skip to content

Latest commit

 

History

History
346 lines (265 loc) · 18.5 KB

README.md

File metadata and controls

346 lines (265 loc) · 18.5 KB

Canto audit details

❗️Awarding Note for Wardens, Judges, and Lookouts: If you want to claim your awards in $ worth of CANTO, you must follow the steps outlined in the audit channel before the audit ends; otherwise you'll be paid out in USDC.

Overview

Introduction to Canto Blockchain

Canto Blockchain is a high-performance platform designed for decentralized finance (DeFi) applications. Its primary goal is to enhance the safety and efficiency of financial services through decentralization, providing greater transparency and accessibility. Canto supports features such as automated market makers (AMM), lending and borrowing platforms, and smart contracts. The platform continually evolves with active participation from its user and developer community.

Canto's Tech Stack

Canto's technical foundation consists of the following key components:

  • Cosmos SDK: This is a modular blockchain framework that allows developers to easily build custom blockchains. Cosmos SDK includes various modules to expand blockchain functionalities and supports the Inter-Blockchain Communication (IBC) protocol for interoperability with other blockchains.

  • Ethermint: Ethermint enables Ethereum-compatible blockchains to run on top of Cosmos SDK and CometBFT. It fully supports the Ethereum Virtual Machine (EVM), allowing smart contracts from Ethereum to be executed on the Canto blockchain.

  • CometBFT (Tendermint): This is a Byzantine Fault Tolerant (BFT) consensus engine known for its high security and throughput. CometBFT provides fast transaction finality and supports extensive interoperability among different blockchains.

Purpose of the Code Audit

The audit will focus on the upgrade of the Canto and Ethermint blockchain applications from Cosmos SDK v0.45.x to v0.50.x, as well as the associated updates in ibc-go v8 and CometBFT v0.38.x.

The primary goal is to identify any issues where previously functioning features may no longer work, malfunction, or introduce new vulnerabilities due to SDK bumps, interface changes, incorrect migration settings, or dependencies on the new versions of Cosmos SDK, ibc-go, and CometBFT.

The Ethermint module within Canto, which provides EVM compatibility, has also been updated to reflect changes in the dependencies.

Key dependency changes:

Audit Repository

The code audit for Canto includes the review of key components that have undergone significant updates. The repository for this audit is structured as follows:

2024-05-canto
├── canto_main
└── ethermint_main
  • canto_main: This directory contains the Canto Appchain, which is built on Cosmos SDK. The Canto Appchain forms the core blockchain infrastructure supporting various financial applications. It utilizes a modular architecture and supports IBC to enhance scalability and interoperability.
  • ethermint_main: This directory contains the Ethermint blockchain, which provides Ethereum compatibility. Ethermint enables the use of Ethereum's smart contracts and tools on the Canto blockchain and has been updated to reflect changes in its dependencies to remain compatible with the latest versions of the underlying technologies.

Links

  • Previous audits:

Scoping Q & A

General questions

Question Answer
ERC20 used by the protocol None
Test coverage Canto
./app: 64.7% files, 36.9% statements
./x: 75.6% files, 15% statements
Ethermint
./app: 100% files, 71.5% statements
./x: 83.8% files, 19.9 statements
ERC721 used by the protocol None
ERC777 used by the protocol None
ERC1155 used by the protocol None
Chains the protocol will be deployed on OtherCanto, mainnet

External integrations (e.g., Uniswap) behavior in scope:

Question Answer
Enabling/disabling fees (e.g. Blur disables/enables fees) No
Pausability (e.g. Uniswap pool gets paused) No
Upgradeability (e.g. Uniswap gets upgraded) No

EIP compliance checklist

N/A

Additional context

Main invariants

N/A

Attack ideas (where to focus for bugs)

Areas of Concern

  • SDK Bumps and Interface Changes

    • Ensure compatibility with Cosmos-SDK v0.50.x and identify any breaking changes from v0.45.x.
    • Check for updated or deprecated APIs and interfaces in the Cosmos-SDK that may affect current functionality.
  • IBC-go v8 Updates

    • Verify that inter-blockchain communication (IBC) functionalities remain intact and secure with the new version.
    • Identify any new features or changes in ibc-go v8 that require modifications in the existing implementation.
  • CometBFT v0.38.x Updates

    • Assess the impact of CometBFT updates on consensus mechanisms and blockchain performance.
    • Evaluate the changes in configuration settings and ensure they are correctly applied during the upgrade.
  • Migration Settings

    • Ensure that migration scripts and processes are correctly implemented to transition from the older versions to the new versions without data loss or corruption.
    • Validate that state transitions and data migrations do not introduce inconsistencies or vulnerabilities.
  • Dependencies and Module Updates

    • Check for any new dependencies introduced with the updates and ensure they are correctly integrated.
    • Review the Ethermint module within Canto for EVM compatibility and assess the changes made to accommodate the new versions of dependencies.
    • Ensure that all external libraries and modules are updated to their compatible versions to prevent any conflicts or security issues.
  • Functionality Testing

    • Conduct thorough testing of all previously functioning features to confirm they work as expected after the upgrade.
    • Identify any features that malfunction or do not work post-upgrade and determine the root cause.
  • Security Assessment

    • Perform a security audit to uncover any new vulnerabilities introduced by the upgrades.
    • Ensure that security patches and updates in the new versions are correctly applied to maintain the integrity of the blockchain.
  • Documentation and Support

    • Update all relevant documentation to reflect the changes and new configurations required for the upgraded versions.
    • Ensure that support teams are informed about the changes and are prepared to handle any issues that may arise from the upgrade.

By focusing on these areas, the audit aims to ensure a smooth transition to the updated versions while maintaining the functionality, performance, and security of the Canto and Ethermint blockchain applications.

Background Information

The current parameters and state of Canto v7 can be reviewed on Polkachu. For details on new and changed parameters, as well as module settings in v8, refer to the v8 upgrade handler code. The primary references for the upgrade include:

Canto App

Scope

File SLOC Test Coverage
app/app.go 1480 69.2%
app/ante/ante.go 64 0%
app/ante/handler_options.go 149 0%
app/upgrades/v8/upgrades.go 69 82.4%
x/csr/keeper/keeper.go 65 100%
x/csr/keeper/msg_server.go 38 75%
x/csr/module.go 170 60%
x/erc20/keeper/keeper.go 65 100%
x/erc20/keeper/msg_server.go 627 95.3%
x/erc20/module.go 159 47.1%
x/govshuttle/keeper/keeper.go 84 0%
x/govshuttle/keeper/msg_server.go 54 0%
x/govshuttle/module.go 152 0%
x/epochs/keeper/keeper.go 43 83.3%
x/epochs/keeper/abci.go 66 100%
x/epochs/module.go 183 44.1%
x/inflation/keeper/keeper.go 77 66.7%
x/inflation/keeper/hooks.go 141 90.2%
x/inflation/module.go 187 45.7%
x/coinswap/keeper/keeper.go 375 81.2%
x/coinswap/keeper/msg_server.go 175 9.4%
x/coinswap/module.go 167 45.2%
x/onboarding/ibc_middleware.go 76 62.5%
x/onboarding/keeper/keeper.go 102 66.7%
x/onboarding/keeper/msg_server.go 38 75%
x/onboarding/keeper/ibc_callbacks.go 170 93.8%
x/onboarding/module.go 152 43.8%
go.mod 260
Total 5388

Overview of Changes

app

modules

NOTE

  • x/onboarding module is a feature-driven of the ibc. So, need to ensure that features don't behave differently compared to canto v7, as the version of the ibc-go bump up.
  • as the versions of different modules in go.mod are upgraded, need to ensure that there are no security issues.

Ethermint

Scope

File SLOC Test Coverage
app/app.go 1094 74.7%
app/ante/ante.go 177 74.5%
app/ante/handler_options.go 109 61.5%
app/upgrades.go 143 56.1%
server/start.go 768 0%
server/util.go 169 0%
rpc/backend/sign_tx.go 168 70.4%
rpc/backend/node_info.go 359 50.7%
rpc/namespaces/ethereum/eth/filters/api.go 653 0%
rpc/namespaces/ethereum/eth/filters/filter_system.go 340 0%
x/feemarket/types/msg.go 5 0%
x/feemarket/keeper/keeper.go 137 87.1%
x/feemarket/keeper/msg_server.go 35
x/feemarket/autocli.go 48 100%
x/feemarket/module.go 174 56.2%
x/evm/types/msg.go 487 65.1 %
x/evm/keeper/keeper.go 398 91.2%
x/evm/keeper/msg_server.go 170 88.9%
x/evm/autocli.go 74 100%
x/evm/module.go 193 48.6%
go.mod 256
Total 5957

Overview of Changes

app

rpc

  • as go-ethereum versions go up, the implementation of funcs used internally may have changed

modules

All trusted roles in the protocol

N/A

Describe any novel or unique curve logic or mathematical models implemented in the contracts:

N/A

Running tests

To run local testnet

First:

  • Install go (version must be >= 1.21 to avoid this bug)
  • Install jq
  • Make sure go environment is set up correctly
export PATH=$PATH:$HOME/go/bin
git clone https://github.com/code-423n4/2024-05-canto
cd 2024-05-canto

# for Canto-main
cd canto-main
make install
./init.sh

# for Ethermint-main
cd ethermint-main
make install
./init.sh

To run unit tests

cd canto-main
make test

To run simulation (fuzz test)

# canto needs to be installed and initialized ahead of simulations
cd canto-main
make test-sim-nondeterminism
make test-sim-custom-genesis-fast
make test-sim-import-export
make test-sim-after-import
make test-sim-custom-genesis-multi-seed
make test-sim-multi-seed-short
make test-sim-benchmark-invariants

Test coverage

cd canto-main
go test ./... -coverprofile=coverage.out
go tool cover -html=coverage.out -o coverage.html
open coverage.html

Miscellaneous

Employees of Canto and employees' family members are ineligible to participate in this audit.