Q1 2025 Web3 Security ReportAccess control failures led to $1.63 billion in losses
Discover report insights
  • Hacken
  • Audits
  • ssv-labs
  • [L1] SSV Network / SSV Node / Aug2024
SSV Labs logo

SSV Labs

Audit name:

[L1] SSV Network / SSV Node / Aug2024

Date:

Oct 2, 2024

Table of Content

Introduction
Audit Summary
System Overview
Risks
Findings
Appendix 1. Severity Definitions
Appendix 2. Scope
Disclaimer

Want a comprehensive audit report like this?

Introduction

We express our gratitude to the SSV Labs team for the collaborative engagement that enabled the execution of this Blockchain Protocol Security Assessment.

SSV Network is a decentralized infrastructure designed to enhance the security and decentralization of Ethereum's Proof of Stake (PoS) mechanism. By leveraging Distributed Validator Technology (DVT), the network enables multiple nodes to collaboratively manage a single Ethereum validator, thereby reducing risks and boosting fault tolerance. This distribution of validator duties across various operators helps eliminate single points of failure, enhancing the security and resilience of Ethereum staking

Document

NameBlockchain Protocol Review and Security Analysis Report for SSV Labs
Audited ByNino Lipartiia, Hamza Sajid
Approved ByLuciano Ciattaglia
Websitehttps://ssv.network/
Changelog05/09/2024 - Preliminary Report
Changelog15/10/2024 - Final Report
PlatformEthereum
LanguageGolang
TagsDistributed validator technology, MPC
Methodologyhttps://hackenio.cc/blockchain_methodology

  • Document

    Name
    Blockchain Protocol Review and Security Analysis Report for SSV Labs
    Audited By
    Nino Lipartiia, Hamza Sajid
    Approved By
    Luciano Ciattaglia
    Website
    https://ssv.network/
    Changelog
    05/09/2024 - Preliminary Report
    Changelog
    15/10/2024 - Final Report
    Platform
    Ethereum
    Language
    Golang
    Tags
    Distributed validator technology, MPC
    Methodology
    https://hackenio.cc/blockchain_methodology

Review Scope

Repositoryhttps://github.com/ssvlabs/ssv
Commit20dba00cb02f98e52124158ad36c0bb28839f8a4

Audit Summary

14Total Findings
13Resolved
0Accepted
1Mitigated

The system users should acknowledge all the risks summed up in the risks section of the report

Documentation quality

  • Protocol documentation is readily accessible via the official SSV Network website, facilitating easy reference for both developers and users.

  • Major updates to the protocol are documented through SSV Improvement Proposals (SIPs), ensuring transparency and providing clarity on changes.

  • The ssv-spec offers a comprehensive foundation and specification for the node codebase.

  • While the README file and building documentation are present, they are not fully up to date and may require further revision to reflect the latest developments.

Code quality

  • The project maintains a high standard of code quality across its components.

  • Comprehensive test coverage is in place, which enhances the project's reliability and stability.

  • Static code analysis has flagged several warnings that need to be addressed to ensure code robustness.

  • The codebase contains a notable number of unresolved TODO comments, highlighting areas that require additional attention.

Architecture quality

  • The project leverages the innovative Distributed Validator Technology, enhancing security and decentralization.

  • The ssv-spec repository supports the clarity and maintainability of the node codebase, serving as a robust foundation for its development.

  • The codebase maintains modularity, enhancing both maintainability and scalability.

  • The cluster size is currently limited to 4, 7, 10, or 13 operators, as specified in the implementation.

  • The node architecture is capable of supporting further scaling without necessitating a complete rewrite of the codebase.

System Overview

SSV Network is a decentralized infrastructure designed to optimize the operation of Ethereum validators by enabling distributed validator technology. The network is engineered to ensure security, fault tolerance, and decentralization.

  • Consensus Mechanism:   SSV Network employs the QBFT (Quorum Byzantine Fault Tolerance) consensus algorithm. This mechanism facilitates the collective management of a single validator by multiple operators, reducing the risk of a single point of failure and enhancing the overall security of the staking process.

  • Operator Cluster Coordination: The SSV protocol enables coordination among a cluster of operators who share control over a validator's key. This shared responsibility ensures that no single operator can compromise the validator, significantly improving the robustness and security of Ethereum staking.

  • Slashing Protection: SSV Network includes a robust slashing protection mechanism, designed to prevent double-signing and other activities that could lead to slashing. This feature is crucial for maintaining the integrity of validators and avoiding slashing incidents.

  • Ethereum Compatibility: SSV Network maintains compatibility with the Ethereum ecosystem, supporting the latest version (Deneb, as of the writing of this report).

Risks

The SSV node is heavily reliant on events emitted by the smart contract, which governs the operators and validators within the SSV Network. However, since the smart contract review falls outside the scope of this audit, the accuracy and reliability of these events cannot be fully verified in this context.

Findings

Code
Title
Status
Severity
F-2024-5438Vulnerabilities in External Go Dependencies
fixed

High
F-2024-5437Vulnerabilities in Go Standard Library
fixed

High
F-2024-5656Incomplete Validator Exit Logic Due to OwnValidator Oversight
fixed

Medium
F-2024-5608Erroneous Threshold Logic in Key Splitting Mechanism
fixed

Medium
F-2024-5833Deficient Validation of Operator Public Key Uniqueness
fixed

Low
F-2024-5790Build Failure Due to Outdated dnsutils Package
fixed

Low
F-2024-5505Deprecated Elliptic Curve Cryptography
fixed

Low
F-2024-5502Insufficient Processing of Operator Removal Events
mitigated

Low
F-2024-5697Outdated DKG Code Remnants
fixed

Observation
F-2024-5636Unresolved Operator and Validator Setup Logic
fixed

Observation
1-10 of 14 findings

Findings like these can secure your blockchain.

Appendix 1. Severity Definitions

Severity

Description

Critical
Vulnerabilities that can lead to a complete breakdown of the blockchain network's security, privacy, integrity, or availability fall under this category. They can disrupt the consensus mechanism, enabling a malicious entity to take control of the majority of nodes or facilitate 51% attacks. In addition, issues that could lead to widespread crashing of nodes, leading to a complete breakdown or significant halt of the network, are also considered critical along with issues that can lead to a massive theft of assets. Immediate attention and mitigation are required.

High
High severity vulnerabilities are those that do not immediately risk the complete security or integrity of the network but can cause substantial harm. These are issues that could cause the crashing of several nodes, leading to temporary disruption of the network, or could manipulate the consensus mechanism to a certain extent, but not enough to execute a 51% attack. Partial breaches of privacy, unauthorized but limited access to sensitive information, and affecting the reliable execution of smart contracts also fall under this category.

Medium
Medium severity vulnerabilities could negatively affect the blockchain protocol but are usually not capable of causing catastrophic damage. These could include vulnerabilities that allow minor breaches of user privacy, can slow down transaction processing, or can lead to relatively small financial losses. It may be possible to exploit these vulnerabilities under specific circumstances, or they may require a high level of access to exploit effectively.

Low
Low severity vulnerabilities are minor flaws in the blockchain protocol that might not have a direct impact on security but could cause minor inefficiencies in transaction processing or slight delays in block propagation. They might include vulnerabilities that allow attackers to cause nuisance-level disruptions or are only exploitable under extremely rare and specific conditions. These vulnerabilities should be corrected but do not represent an immediate threat to the system.

  • Severity

    Critical

    Description

    Vulnerabilities that can lead to a complete breakdown of the blockchain network's security, privacy, integrity, or availability fall under this category. They can disrupt the consensus mechanism, enabling a malicious entity to take control of the majority of nodes or facilitate 51% attacks. In addition, issues that could lead to widespread crashing of nodes, leading to a complete breakdown or significant halt of the network, are also considered critical along with issues that can lead to a massive theft of assets. Immediate attention and mitigation are required.

    Severity

    High

    Description

    High severity vulnerabilities are those that do not immediately risk the complete security or integrity of the network but can cause substantial harm. These are issues that could cause the crashing of several nodes, leading to temporary disruption of the network, or could manipulate the consensus mechanism to a certain extent, but not enough to execute a 51% attack. Partial breaches of privacy, unauthorized but limited access to sensitive information, and affecting the reliable execution of smart contracts also fall under this category.

    Severity

    Medium

    Description

    Medium severity vulnerabilities could negatively affect the blockchain protocol but are usually not capable of causing catastrophic damage. These could include vulnerabilities that allow minor breaches of user privacy, can slow down transaction processing, or can lead to relatively small financial losses. It may be possible to exploit these vulnerabilities under specific circumstances, or they may require a high level of access to exploit effectively.

    Severity

    Low

    Description

    Low severity vulnerabilities are minor flaws in the blockchain protocol that might not have a direct impact on security but could cause minor inefficiencies in transaction processing or slight delays in block propagation. They might include vulnerabilities that allow attackers to cause nuisance-level disruptions or are only exploitable under extremely rare and specific conditions. These vulnerabilities should be corrected but do not represent an immediate threat to the system.

Appendix 2. Scope

The scope of the project includes the following components from the provided repository:

Scope Details

Repositoryhttps://github.com/ssvlabs/ssv
Commit20dba00cb02f98e52124158ad36c0bb28839f8a4

The remediation check has been conducted based on commit hash 8297d92 , which reflects the status of each issue following this process. It is important to acknowledge that this commit may include changes made subsequent to the initial review commit, which were not part of the audit assessment.

Components in Scope

The scope consists of the full codebase of the SSV Node repository , including:

  • Cryptography and EKM

  • QBFT consensus

  • Networking

  • Storage

Assets in Scope

Dependencies - Dependencies
Cryptography - Cryptography
Code quality - Code quality
Consensus - Consensus
EKM - EKM
Operator - Operator
GoClient - GoClient
Event Handler - Event Handler
Docker - Docker

Disclaimer