SECURITY AUDIT FOR KADCAST – DUSK NETWORKING PROTOCOL
Our goal in Blaize.Security is to secure blockchain ecosystems, working on all levels. Lately, we have finished the security audit for Kadcast – the networking protocol of Dusk blockchain. We worked with the Rust implementation of the Kadcast protocol, ensuring the integrity and stability of the protocol, its compliance with the original specification, and absence of the security vulnerabilities in the codebase.
ABOUT THE PROJECT
Dusk is a modern blockchain focusing on privacy and confidentiality. Dusk created an ecosystem based on its own blockchain infrastructure. It includes several components for the confidential smart contracts and privacy features and leverages the ZK-tech and modern governance mechanisms.
Our audit focused on the verification of the security of the Kadcast – the Rust implementation of the networking protocol developed by the Dusk team. It is the protocol that enhances the communication between nodes of the network, speeds up the nodes’ discovery of new peers of the network, and improves the broadcasting within the network.
The primary objective was to identify and describe any security issues within the codebase and verify the compatibility with the original specification. Our audit scope included validation of the implementation itself, review of the business logic, system analysis of the protocol, in-deep review of the code line-by-line, and several rounds of testing with the application of different techniques.
The scheme for types dependencies of the Kadcast protocol we audited.
MAIN REQUIREMENTS
During our audit, we processed the Kadcast codebase via several streams of security reviews:
1) Review of the standard vulnerable areas, including but not limited to:
- Storage structure, stored data structure
- Public interfaces and restrictions
- Communication flow and interfaces between different modules
- Global settings of the protocol and local settings of each module, the default settings, and misconfiguration risks
- Modules co-dependencies and 3rd-party dependencies
- Denial-of-Service (DoS) attack surfaces
- Order-dependency and time-dependency of operations
- Validations of parameters of functions/methods/messages and return values
- Rust language-specific checks
and other potential vulnerabilities and attack vectors;
2) Protocol-specific checks – business logic decompositions to find loopholes, deadlocks, hidden backdoors, incorrect math and calculations, malicious code injections, and other flow-related issues;
This stage included the review of all main components of the protocol:
- data structures used for the Kadcast implementation
- messaging protocol and message structure, marshaling rules
- nodes processing (adding to the tree, refreshing, and eviction)
- review of the logic around the binary key generation and verification
- message broadcasting rules
And other key areas of the protocol
3) Comparison of the protocol to the original Kadcast specification against possible deviations
4) Several rounds of simulations and manual tests of the networking protocol with light clients; verification of compatibility with Dusk network node;
5) Our own internal security checklists, additionally verified during the testing stage.
SMART CONTRACT SECURITY AUDIT PROCEDURE
Our audit process encompassed manual and testing stages:
1.MANUAL AUDIT STAGE
- Manual line-by-line code review by 2 security auditors with crosschecks and validation from the security lead;
- Vulnerabilities analysis against several checklists, including internal Blaize.Security checklist;
- Business logic inspection;
- Protocol decomposition and components analysis with building interaction schemes and sequence diagrams;
- Storage usage review;
- Global protocol settings and local modules settings review
- Math operations and calculations analysis;
- Analysis of the interfaces and their restrictions, both public and internal (cross-module);
- Review of dependencies, 3rd parties, and integrations;
- Code quality, documentation, and consistency to best practices review.
2.TESTING STAGE
- Development of edge cases based on manual stage results;
- False positives validation;
- Integration tests for checking connections with 3rd parties;
- Manual exploratory tests over the locally deployed protocol;
- Checking the existing set of tests and performing additional unit testing;
Upon completion of the audit, we delivered a comprehensive smart contract security analysis report to the Dusk team. This report included:
- Identified risks
- Potential mitigations
- Detailed vulnerability assessments
- Recommendations for improvements
BLOCKCHAIN PROTOCOL AUDIT IS A TOOL TO ENHANCE THE LEVEL OF SECURITY FOR YOUR PROJECT. LEARN MORE ON BLAIZE WEBSITE.
AUDIT RESULT
The Blaize.Security team confirms that the Kadcast protocol has successfully passed the security audit. The security team noted the high code quality of the codebase, high functionality of each component, excellent work with resources, flexible configuration, and settings, and the availability of a certain number of native tests. However, auditors discovered several issues of different criticality levels.
During the audit, the security team discovered a few deviations from the Kadcast specification, a few missed edgecases in the idle nodes processing, a few best practices violations, and the ambiguous approach in reserved field processing in the messages header. All issues (except 2 informational issues connected to the best practices) were successfully resolved or verified by the Dusk team.
Additionally, the security team recommended adding more documentation, especially natspec comments. However, it should be noted, that the repository contains several readmes, and the implementation follows the original specification. Therefore the recommendation applies to low-level design decisions documenting.In conclusion, the Kadcast protocol implementation by the Dusk team demonstrated a high level of security, which was estimated by Blaize as Highly Secure scoring 9.8 out of 10. It should be noted that the Dusk team planned a few updates connected to the audit for the next major release. While these particular updates were verified by the security team, it is recommended to have a security review of the upgrade in case more features are added. From all points of view, our team confirms the security of the protocol.