DOP (Data Ownership Protocol)

We express our gratitude to the DOP (Data Ownership Protocol) team for the collaborative engagement that enabled the execution of this Smart Contract Security Assessment.

The Data Ownership Protocol (DOP) is a groundbreaking privacy-centric system on Ethereum L1 that utilizes zero-knowledge proofs to ensure adaptable transparency.

The system users should acknowledge all the risks summed up in the risks section of the report

The Data Ownership Protocol (DOP) is a groundbreaking privacy-centric system on Ethereum L1 that utilizes zero-knowledge proofs to ensure adaptable transparency. DOP allows users and DApps to securely store and transact assets while maintaining control over their data, providing a means to selectively disclose token holdings and transaction histories. The protocol supports private transactions involving any ERC-20 token or NFT via a 0zk address system, where asset details remain hidden until users choose to decrypt them back to public addresses.

DOP integrates with a Merkle Tree framework to track and validate UTXOs, ensuring privacy and preventing double-spending. It also employs a token blocklist to exclude incompatible tokens and a list of sanctioned addresses to enhance security. The protocol generates revenue through fees for encryption, transferring, and decryption of assets, all aimed at fostering a secure, private, and efficient blockchain environment.

The files in the scope:

• Commitments.sol - Manages the secure and private storage of cryptographic commitments using a Merkle Tree structure. It allows for adding new leaves to the tree, automatically transitioning to a new tree when needed, and maintaining a history of tree roots for verification purposes.

• DOPLogic.sol - This contract serves as the core processing unit for the Data Ownership Protocol (DOP), handling the cryptographic and transactional logic necessary for the protocol’s operation. It manages encryption and decryption fees, the integrity of transactions, and interactions with the blockchain’s state, such as Merkle root validations and the handling of fees to the treasury.

• DOPSmartWallet.sol - Acts as a private smart wallet for the Data Ownership Protocol, handling encrypted transactions and interactions within the protocol. It integrates complex functionalities like creating commitments, encrypting tokens, and managing private transactions with snark proofs, playing a critical role in maintaining user privacy and transaction integrity.

• Globals.sol - Defines constants, errors, and data structures used across the Data Ownership Protocol (DOP). It includes the SNARK scalar field used in cryptographic calculations, various error messages for contract interactions, and standard addresses like the verification bypass address. Additionally, it sets up complex structures for encryption, token management, and SNARK-based proofs, vital for the protocol's functionality.

• PoseidonT3.sol - Provides a cryptographic hash function using the Poseidon algorithm, specifically for inputs of two elements.

• PoseidonT4.sol - Similar to PoseidonT3.sol, this library implements the Poseidon hash function but for three-element inputs.

• Protection.sol -  Manages a list of sanctioned addresses to enhance security within the Data Ownership Protocol. This interface provides functionality to check if an address is sanctioned, aiding in regulatory compliance and risk management.

• Snark.sol - Provides cryptographic operations for SNARKs, facilitating secure and efficient zero-knowledge proof verifications in the Data Ownership Protocol. It supports operations like negation, addition, scalar multiplication of G1 points, and pairing checks for G2 points, crucial for verifying the integrity and authenticity of proofs within the system.

• TokenBlocklist.sol - Manages a blocklist of tokens deemed incompatible with the Data Ownership Protocol. This contract allows for adding and removing tokens from the blocklist, ensuring that only compatible assets are used within the system.

• Verifier.sol - Manages the verification of SNARK proofs for transactions within the Data Ownership Protocol, utilizing various cryptographic tools provided by the Snark library. This contract stores and retrieves verification keys and ensures that each transaction adheres to the protocol's privacy and security standards.

• IDOPSessionAdapter.sol - Defines an interface for session adapters within the Data Ownership Protocol. It specifies a method for accepting or rejecting sessions based on a predefined magic value.

• INativeAssetWrapper.sol - An interface for wrapping and unwrapping native blockchain assets like ETH into a tokenized form (e.g., WETH). It extends the ERC20 standard to allow deposit and withdrawal operations, facilitating the use of native assets in the encrypted and transactional environment of the DOP.

• Relayer.sol - Functions as a multicall contract enabling batched operations and relaying within the Data Ownership Protocol, handling everything from token encryption and transfer to executing complex transaction sets. It ensures that actions are performed atomically and efficiently, reducing transaction costs and complexity for users.

• Treasury.sol - Serves as the financial hub for the Data Ownership Protocol, managing and safeguarding the protocol's treasury funds. It supports basic treasury operations such as transferring ETH and ERC20 tokens under strict access control to ensure funds are handled securely.

Privileged roles

• DOPSmartWallet.sol:

• • owner:

  • • Can add or remove tokens from the blocklist. This role is crucial for maintaining the integrity and functionality of the protocol by managing which tokens can be encrypted.

    • Can set and update verification keys tailored to specific configurations of nullifiers and commitments.

    • Can change treasury addresses, modify protection lists, adjust fees, enable decryption, and update safety vectors.

• Relayer.sol:

• • onlySelfIfExecuting:

  • • Implies a mechanism to restrict certain actions to the contract itself or during specific execution states, enhancing security and control over batch operations.

• Treasury.sol:

• • TRANSFER_ROLE:

  • • Designated roles that can execute fund transfers, ensuring controlled access to treasury assets.

The total Documentation Quality score is 9 out of 10.

• Functional requirements are detailed.

• • Project overview is detailed

  • All roles in the system are described.

  • Use cases are described and detailed.

  • For each contract, all futures are described.

  • All interactions are described.

• Technical description is limited.

• • Run instructions are not provided.

  • Technical specification is provided.

  • The NatSpec documentation is sufficient.

The total Code Quality score is 10 out of 10.

• The development environment is configured.

Code coverage of the project is 95.45% (branch coverage).

• Deployment and basic user interactions are covered with tests.

• Negative cases coverage are partially missed.

• Interactions by several users are tested.

Upon auditing, the code was found to contain 0 critical, 0 high, 0 medium, and 1 low severity issues, leading to a security score of 10 out of 10.

All identified issues are detailed in the “Findings” section of this report.

The comprehensive audit of the customer's smart contract yields an overall score of 9.7. This score reflects the combined evaluation of documentation, code quality, test coverage, and security aspects of the project.

The scope of the project includes the following smart contracts from the provided repository:

Contracts in Scope