Dione Protocol

We express our gratitude to the Dione Protocol team for the collaborative engagement that enabled the execution of this Security Assessment of the project's implementation.

The system users should acknowledge all the risks summed up in the risks section of the report

Odyssey Chain is a composite of three primary blockchains (Delta, Alpha, and Omega Chains), each fulfilling specific roles in asset creation, trading, and smart contract execution within the ecosystem.

Infi-Nets are modular networks that extend the core architecture, providing scalability and customization for different business requirements.

Parent Network: Acts as a central Infi-Net containing all validators, which includes those from every other Infi-Net, facilitating network-wide governance and coordination.

Delta Chain (D): Supports Ethereum Virtual Machine (EVM) compatible contracts, focusing on Solidity-based dApps, easing developer onboarding and integration.

Alpha Chain (A): Manages the issuance and exchange of Dione coins along with other digital assets, enabling the creation of tokens, NFTs, and stablecoins.

Omega Chain (O): Offers infrastructure for launching and customizing Infi-Nets, allowing for unique blockchain rules and logic definitions by developers.

Customization and Independence: Infi-Nets provide tools for developers to tailor virtual machines, tokenomics, validator requirements, and security settings, ensuring each network can operate as a standalone entity.

Network Efficiency: Validators can be part of multiple Infi-Nets, maintaining performance and compliance with each network's specific rules, thus preventing any single Infi-Net's issues from affecting others.

Private Networks and Efficiency: The Odyssey Chain's architecture supports the creation of private networks with specific validator rules, promoting efficient transaction processing and reduced network congestion.

This report presents an in-depth analysis and scoring of the customer's newly developed blockchain protocol project.

Initially, we encountered significant challenges with the previous code, including unnecessary layers, critical bugs, and errors introduced by earlier developers. These issues were so severe that we were unable to continue with their codebase. Consequently, this report is based on a completely new code generated from scratch, reflecting both the innovative approach and the rigorous standards now implemented.

Detailed scoring criteria can be referenced in the corresponding section of the Blockchain Protocol and Security Analysis Methodology →.

The total Documentation Quality score is 10 out of 10.

Repositories features clear and comprehensive documentation that effectively details the implemented changes. While the documentation is user-friendly and well-organized, it could be further improved by repairing three broken links and updating one outdated link in the odysseygo to ensure complete and accurate resource accessibility.

The total Code Quality score is 9 out of 10.

At the start of our audit on November 20, 2023, we encountered significant code quality issues within the odysseygo and coreth repositories. These issues ranged from documentation inconsistencies to compilation errors. Specifically:

• Both repositories exhibited numerous compilation errors. In coreth, unused imports and undefined constants were prevalent, while in odysseygo, interface implementation errors and syntax mistakes were common.

• Numerous unit and end-to-end tests were failing, indicating underlying issues within the codebase.

In response to our initial feedback, DioneProtocol temporarily halted the audit to rectify these deficiencies, leading to a significantly improved codebase built from a clean fork of the Avalanche repositories, with the latest updates integrated. This updated version demonstrated considerable improvements:

• No serious flaws or issues were found, indicating a significant enhancement in code stability and functionality.

• We successfully ran the testnet, verifying the intended code behavior, and executed end-to-end, unit, and fuzz tests effectively.

To further improve the codebase and ensure ongoing quality and security, we recommend:

• Establish a comprehensive CI pipeline to automate the detection and rectification of build failures, test suite issues, and linting problems.

• Set up continuous fuzzing for the existing fuzz tests to proactively identify and mitigate potential vulnerabilities and logic errors.

• Address all testing-related observations mentioned in this report to ensure comprehensive code quality and reliability.

Overall, we are satisfied with the quality of the repositories, recognising the significant strides made in improving the codebase's integrity and operational efficiency.

Architecture quality

The total Architecture Quality score is 10 out of 10.

The Odyssey Chain's design is strong and makes sense. The way it handles money, rewards, and fees is smart and doesn't have any big problems. Its use of validators and delegators, which are common in blockchain, works well and is similar to other successful projects. The method it uses to reach agreement, or consensus, is also well done. The overall design, which includes different types of networks, is well thought out. Any changes made to the original code fit in nicely and are well integrated, showing that the system's design is solid and well-planned.

Upon auditing, the code was found to contain 0 critical, 0 high, 1 medium, and 1 low severity issues, leading to a security score of 10 out of 10.

All identified issues are detailed in the “Findings” section of this report.

The comprehensive audit of the customer's blockchain protocol yields an overall score of 9.5. This score reflects the combined evaluation of documentation, code quality, architecture quality, and security aspects of the project.

The scope of the project includes the following components from the provided repository:

Assets in Scope