Introduction
We express our gratitude to the WATERFALL team for the collaborative engagement that enabled the execution of this Security Assessment.
Waterfall Protocol is a high-performance, scalable, Proof-of-Stake smart contract platform. It addresses blockchain's scalability, security, and decentralization challenges by leveraging Directed Acyclic Graph (DAG) technology for parallel block production. Key features include low transaction fees, EVM compatibility, and a highly decentralized network with minimal hardware requirements for nodes.
| title | content |
|---|---|
| Platform | Waterfall |
| Language | Golang |
| Tags | Layer 1, BlockDAG |
| Timeline | 22/04/2024 - 24/06/2024 |
| Methodology | Blockchain Protocol and Security Analysis Methodology→ |
Review Scope | |
|---|---|
| Repository | https://gitlab.waterfall.network/waterfall/protocol/coordinator→ |
| Commit | 9b3570c351d927004e4c5da26f908fda5f6ce65a |
| Repository | https://gitlab.waterfall.network/waterfall/protocol/gwat→ |
| Commit | 6782049b74c92e58a8ca077a3015ec67dc7ef943 |
Review Scope
- Commit
- 9b3570c351d927004e4c5da26f908fda5f6ce65a
- Commit
- 6782049b74c92e58a8ca077a3015ec67dc7ef943
Audit Summary
The system users should acknowledge all the risks summed up in the risks section of the report
Document Information
This report may contain confidential information about IT systems and the intellectual property of the Customer, as well as information about potential vulnerabilities and methods of their exploitation.
The report can be disclosed publicly after prior consent by another Party. Any subsequent publication of this report shall be without mandatory consent.
Document | |
|---|---|
| Name | Layer 1 Protocol Code Review and Security Analysis Report for WATERFALL |
| Audited By | Sofiane Akermoun, Nino Lipartiia |
| Approved By | Sofiane Akermoun |
| Website | https://waterfall.network/→ |
| Changelog | 03/06/2024 - Preliminary Report |
| Changelog | 24/06/2024 - Final Report |
Document
- Name
- Layer 1 Protocol Code Review and Security Analysis Report for WATERFALL
- Audited By
- Sofiane Akermoun, Nino Lipartiia
- Approved By
- Sofiane Akermoun
- Website
- https://waterfall.network/→
- Changelog
- 03/06/2024 - Preliminary Report
- Changelog
- 24/06/2024 - Final Report
System Overview
Waterfall is a Layer 1 solution derived from Prysm and Go-Ethereum, implementing consensus and execution clients in line with the Ethereum 2.0 architecture. This foundation is enhanced with several features to improve scalability and decentralization.
Key innovations include the implementation of BlockDag logic in the execution client, which allows for parallel block production. Moreover, the adoption of an optimistic consensus mechanism expedites the process by furnishing blocks with a high likelihood of finalization.
Executive Summary
Documentation quality
Source code documentation draws from both Geth and Prysm projects, ensuring a strong foundational understanding and continuity within the project.
Waterfall-specific features and changes are meticulously documented, emphasizing the platform's unique aspects.
The in-code documentation of features falls short of providing comprehensive insights into the codebase.
There's a noticeable lack of comprehensive documentation available on the project's website, hindering accessibility and understanding for stakeholders.
Building instructions are insufficient, posing challenges for developers and node operators seeking to engage with the platform effectively.
The absence of adequate documentation in English presents a significant barrier to wider adoption and collaboration.
The Waterfall team has indicated their intention to significantly enhance the documentation prior to the public release of the code.
Code quality
The project inherits strong code quality from Geth and Prysm, forming a sturdy foundation for development.
Adequate test coverage, which could benefit from enhancement.
The presence of numerous lint warnings suggests areas where refinement is needed to align with coding best practices.
Unresolved TODO comments and "implement me" panics.
Notable residue code underscores the importance of thorough review and cleanup to optimize performance and maintainability.
The Waterfall team has conveyed their intent to improve code quality and elevate the overall standard of the codebase before its public release.
Architecture quality
Waterfall derives its architecture from Prysm and Go-Ethereum, aligning its consensus and execution clients with the Ethereum 2.0 framework.
An innovative architectural design in the execution client replaces the traditional blockchain structure with BlockDAG, enhancing scalability.
The consensus client architecture is grounded in blockchain technology, ensuring the system's robustness and integrity.
The integration of an optimistic consensus mechanism showcases well-designed and effectively implemented advancements.
Findings
Code ― | Title | Status | Severity | |
|---|---|---|---|---|
| F-2024-1616 | Critical Vulnerabilities in Go Standard Library | fixed | Critical | |
| F-2024-3346 | Bypassing Execution Layer During Validator Exit | fixed | High | |
| F-2024-2188 | Inherited Issues from Go-Ethereum | fixed | Medium | |
| F-2024-3522 | Incorrect Event Emitted During Token Operations | fixed | Low | |
| F-2024-3521 | Divergence from ERC-721 Standard in Token Implementation | accepted | Low | |
| F-2024-3344 | Inadequate Sender Validation in Deposit Transaction Processing | accepted | Low | |
| F-2024-3227 | Insufficiencies in Light Client Implementation | fixed | Low | |
| F-2024-3084 | Utilization of Non-Supported Fork Choice Storage Mechanism | fixed | Low | |
| F-2024-2993 | Inherited Issues from Prysm | fixed | Low | |
| F-2024-2256 | Compatibility Concerns Arising from Outdated EVM Implementation | fixed | Low |
Appendix 1. Severity Definitions
Severity | Description |
|---|---|
Critical | Vulnerabilities that can lead to a complete breakdown of the blockchain network's security, privacy, integrity, or availability fall under this category. They can disrupt the consensus mechanism, enabling a malicious entity to take control of the majority of nodes or facilitate 51% attacks. In addition, issues that could lead to widespread crashing of nodes, leading to a complete breakdown or significant halt of the network, are also considered critical along with issues that can lead to a massive theft of assets. Immediate attention and mitigation are required. |
High | High severity vulnerabilities are those that do not immediately risk the complete security or integrity of the network but can cause substantial harm. These are issues that could cause the crashing of several nodes, leading to temporary disruption of the network, or could manipulate the consensus mechanism to a certain extent, but not enough to execute a 51% attack. Partial breaches of privacy, unauthorized but limited access to sensitive information, and affecting the reliable execution of smart contracts also fall under this category. |
Medium | Medium severity vulnerabilities could negatively affect the blockchain protocol but are usually not capable of causing catastrophic damage. These could include vulnerabilities that allow minor breaches of user privacy, can slow down transaction processing, or can lead to relatively small financial losses. It may be possible to exploit these vulnerabilities under specific circumstances, or they may require a high level of access to exploit effectively. |
Low | Low severity vulnerabilities are minor flaws in the blockchain protocol that might not have a direct impact on security but could cause minor inefficiencies in transaction processing or slight delays in block propagation. They might include vulnerabilities that allow attackers to cause nuisance-level disruptions or are only exploitable under extremely rare and specific conditions. These vulnerabilities should be corrected but do not represent an immediate threat to the system. |
Severity
- Critical
Description
- Vulnerabilities that can lead to a complete breakdown of the blockchain network's security, privacy, integrity, or availability fall under this category. They can disrupt the consensus mechanism, enabling a malicious entity to take control of the majority of nodes or facilitate 51% attacks. In addition, issues that could lead to widespread crashing of nodes, leading to a complete breakdown or significant halt of the network, are also considered critical along with issues that can lead to a massive theft of assets. Immediate attention and mitigation are required.
Severity
- High
Description
- High severity vulnerabilities are those that do not immediately risk the complete security or integrity of the network but can cause substantial harm. These are issues that could cause the crashing of several nodes, leading to temporary disruption of the network, or could manipulate the consensus mechanism to a certain extent, but not enough to execute a 51% attack. Partial breaches of privacy, unauthorized but limited access to sensitive information, and affecting the reliable execution of smart contracts also fall under this category.
Severity
- Medium
Description
- Medium severity vulnerabilities could negatively affect the blockchain protocol but are usually not capable of causing catastrophic damage. These could include vulnerabilities that allow minor breaches of user privacy, can slow down transaction processing, or can lead to relatively small financial losses. It may be possible to exploit these vulnerabilities under specific circumstances, or they may require a high level of access to exploit effectively.
Severity
- Low
Description
- Low severity vulnerabilities are minor flaws in the blockchain protocol that might not have a direct impact on security but could cause minor inefficiencies in transaction processing or slight delays in block propagation. They might include vulnerabilities that allow attackers to cause nuisance-level disruptions or are only exploitable under extremely rare and specific conditions. These vulnerabilities should be corrected but do not represent an immediate threat to the system.
Appendix 2. Scope
The scope of the project includes the following components from the provided repository:
Scope Details | |
|---|---|
| Repository | https://gitlab.waterfall.network/waterfall/protocol/coordinator→ |
| Commit | 9b3570c351d927004e4c5da26f908fda5f6ce65a, 6782049b74c92e58a8ca077a3015ec67dc7ef943 |
| Whitepaper | https://waterfall.network/wp-content/uploads/2023/09/Whitepaper.pdf→ |
Scope Details
- Commit
- 9b3570c351d927004e4c5da26f908fda5f6ce65a, 6782049b74c92e58a8ca077a3015ec67dc7ef943
Components in Scope
coordinator
security related issues reported in prysm after v2.1.1
validator module
beacon-chain/core module
beacon-chain/blockchain module
beacon-chain/rpc module
beacon-chain/state module
beacon-chain/p2p module
beacon-chain/powchain module
beacon-chain/forkchoice module
beacon-chain/sync module
gwat
security related issues reported in geth after v1.10.11
core module
eth module
token module
validator module