Somnia

We express our gratitude to the Somnia team for the collaborative engagement that enabled the execution of this Blockchain Protocol Security Assessment.

Somnia is a high-performance Layer 1 blockchain designed for EVM compatibility. It utilizes a Practical Byzantine Fault Tolerance (PBFT) consensus mechanism and features a unique architecture that separates data dissemination from consensus.

The system users should acknowledge all the risks summed up in the risks section of the report

Documentation quality

• A detailed technical design document for the PBFT implementation was provided, outlining the architecture and deviations from the original academic paper.

• The repository's README.md file is minimal and lacks crucial information for new developers, such as a clear project overview, detailed build instructions, and guidance on running the test suites.

• While the code is well-structured with inline comments, the project would benefit from a more formal developer guide for onboarding.

Code quality

• The C++ codebase is modern and built from scratch, with a modular architecture that separates concerns into different manager classes.

• Static analysis revealed several areas for improvement, including initialization-order bugs, self-initialization, and inconsistent coding styles.

• The project uses the Bazel build system, providing a configured and reproducible development environment.

Architecture quality

• Scalability: The architecture separates high-throughput data dissemination from low-latency PBFT consensus, a design intended to support high performance at the execution layer.

• Decentralization: The system uses a delegated Proof-of-Stake model, where a committee of nodes is chosen each epoch to participate in consensus. Nodes not on the committee act as non-voting replicas.

• Performance: The PBFT implementation is optimized for low latency and includes a "fast path" commitment to reduce network round trips.

• Interoperability: The system is designed for EVM compatibility, with the consensus layer ordering opaque data that the execution layer interprets as Ethereum transactions.

• Resilience: Vulnerabilities affecting consensus safety and resource management were identified, including flawed vote aggregation, state poisoning vectors, and unbounded internal map growth. These gaps indicate areas requiring protocol-level hardening to ensure safety under Byzantine conditions.

Test coverage

• The project includes a comprehensive testing framework, featuring unit tests, integration tests on a 4-node network, a fuzzer for liveness testing, and a dedicated Byzantine test suite.

• While happy-path and some failure scenarios are covered, this audit identified critical negative cases (e.g., resource exhaustion, state divergence attacks) that were not previously covered by tests.

• The Byzantine test suite is a strong foundation but needs to be expanded to cover the attack vectors identified in this report.

Somnia is a high-performance Layer 1 Proof-of-Stake blockchain designed for EVM compatibility. Its architecture separates core blockchain functions into two distinct layers:

• Data Dissemination Layer: Individual validator nodes produce their own "data chains" and disseminate new blocks to their peers. A proof-of-availability mechanism, based on collecting signatures from peers, is used to validate the advancement of these chains.

• Consensus Layer: This layer uses a Practical Byzantine Fault Tolerance (PBFT) consensus protocol. Instead of ordering individual transactions, the PBFT network's role is to agree on the order of the latest "tip" hashes from the various data chains. This design allows the consensus mechanism to be low-throughput and optimized for low latency, while the data layer handles high-throughput transaction data.

Consensus is performed by a "committee" of validator nodes chosen each epoch based on their staked cryptocurrency.

Threat Model

This audit assumes a partially synchronous network with a validator committee of 3f+1 voting power, tolerating up to f Byzantine participants. Threats analyzed include:

• Consensus safety failures from equivocation or inconsistent PrePrepare propagation

• Liveness failures from DoS on timeout loops or invalid message floods

• Resource exhaustion through unbounded maps or bypassed signature checks

• Edge-case misconfigurations due to unsafe default parameters or flags

The scope of the project includes the following components from the provided repository:

Components in Scope

The audit focused exclusively on the core C++ implementation of the Somnia consensus protocol contained within the somnia/pbft/ directory.

In-Scope Files

• Headers (.h):

• • pbft_checkpoint_manager.h

  • pbft_committed_request_batch_manager.h

  • pbft_interface.h

  • pbft_node.h

  • pbft_node_context.h

  • pbft_node_manager_factory.h

  • pbft_parameters.h

  • pbft_persistent_state.h

  • pbft_received_request_manager.h

  • pbft_request_sender.h

  • pbft_round.h

  • pbft_round_manager.h

  • pbft_timeout_manager.h

  • pbft_types.h

  • pbft_view_manager.h

• Sources (.cc):

• • pbft_checkpoint_manager.cc

  • pbft_committed_request_batch_manager.cc

  • pbft_node.cc

  • pbft_received_request_manager.cc

  • pbft_request_sender.cc

  • pbft_round.cc

  • pbft_round_manager.cc

  • pbft_timeout_manager.cc

  • pbft_view_manager.cc

Core Protocol Review: A thorough review of the C++ implementation of the Practical Byzantine Fault Tolerance (PBFT) protocol.

Consensus Safety Analysis: Focused analysis of the view change mechanism, checkpointing, and round management to identify potential chain forks or liveness failures.

Security Assessment: A review of the code for common C++ vulnerabilities, resource exhaustion vectors, and logic flaws that could compromise the consensus protocol.

Assets in Scope