Zcash

We express our gratitude to the Zcash team for the collaborative engagement that enabled the execution of this dApp Security Assessment.

ChainSafe is a blockchain R&D firm focused on interoperable, open-source tooling. WebZjs clients are typically web and browser-based wallet developers building Zcash support into dApps or extensions.

The system users should acknowledge all the risks summed up in the risks section of the report

Documentation quality

• Clear Quickstart: The README concisely covers installation (@chainsafe/webzjs-wallet), one-time WASM/thread-pool initialization, wallet creation, account setup, and syncing—making onboarding straightforward.

• Key Warnings Highlighted: Important caveats (call init functions exactly once, use a gRPC-web proxy, known WASM instantiation hiccups, and un-audited status) are prominently called out.

• Build & Dev Instructions: Step-by-step commands for building both the Snap and Web-Wallet, plus Docker hints for the proxy, reduce setup friction.

• Areas to Improve:

• • Add a brief “Architecture” summary (e.g. Snap ↔ Web-Wallet ↔ gRPC-web proxy ↔ Lightwalletd) to orient new readers.

  • Include a short “Troubleshooting” list (common gRPC CORS errors, WASM load failures) so users can self-diagnose.

  • Link to a minimal example repo or CodeSandbox demonstrating end-to-end usage (wallet create → sync → sign).

Code quality

• Clear RPC Handler Structure: onRpcRequest cleanly routes methods with superstruct validation, keeping entrypoints well organized.

• Robust Input Validation Utilities: validatePrivateKey and hexStringToUint8Array enforce strict hex format and lengths, reducing parsing errors.

• Centralized WASM Initialization: initialiseWasm wraps base64 checks and syncs into one function, preventing duplicate or faulty WASM loads.

• TypeScript & Typing Discipline: Well-typed SignPcztParams, SetBirthdayBlockParams, and use of Promise<...> signatures across RPC modules improves maintainability.

• Safe State Management: getSnapState/setSnapState use snap_manageState consistently, avoiding direct JSON mutation.

• Areas to improve

• • Dialog Content Sanitization & Context: Enhance snap_dialog dialogs to include origin/account details and escape any user-supplied text to prevent UI injection or spoofing.

  • DRY Hex Validation in **signPczt**: Replace Buffer.from(..., 'hex') with the existing hexStringToUint8Array + length check to leverage its strict checks.

  • Manifest Least-Privilege: Remove or narrowly caveat the unused endowment:rpc permission so the Snap isn’t over-privileged.

  • Consistent Error Handling: Wrap all RPC methods in try/catch with user-friendly error messages to avoid uncaught exceptions crashing the Snap.

  • Origin Whitelisting: Add runtime checks in onRpcRequest to enforce allowedOrigins, ensuring only trusted UIs can invoke sensitive methods.

The Snap bridges MetaMask to Zcash’s shielded ecosystem. It handles BIP-44 entropy from MetaMask, derives Unified Spending & Viewing Keys, and performs PCZT signing inside MetaMask’s secure sandbox.

Core Components:

• RPC Handlers (onRpcRequest): Exposes methods like getViewingKey, signPczt, getSeedFingerprint, and state getters/setters.

• Key Management: Fetches 256-bit Zcash entropy via snap_getBip44Entropy, validates & converts it to a seed, and uses @chainsafe/webzjs-keys for HD derivation.

• Dialog Flows: Prompts users via snap_dialog for every sensitive action (signing, key export, birthday-block input), leveraging MetaMask’s UI components.

• State Storage: Persists user settings (e.g. custom sync heights) through snap_manageState with safe get/update operations.

• WASM Initialization: Inlines and initializes webzjs_keys_bg.wasm via initSync, ensuring cryptographic routines run efficiently in the Snap’s sandbox.

• Integration Points:

• Front-end dApp calls ethereum.request({ method: 'wallet_invokeSnap', params: [...] }) to trigger Snap methods.

• MetaMask enforces permissions (dialogs, state, entropy, webassembly) as declared in snap.manifest.json.

• WebWallet handles chain synchronization separately in the browser context, not inside the Snap.

This system design ensures that all Zcash-specific cryptography and signing happen securely within MetaMask, while network sync and UI rendering occur in the unprivileged web layer.

The scope of the project includes the following :

Assets in Scope