misaradmin/synor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
synor/docs/SECURITY_AUDIT_SCOPE.md
Gulshan Yadav b22c1b89f0 feat: Phase 7 production readiness improvements 
- Add SYNOR_BOOTSTRAP_PEERS env var for runtime seed node configuration
- Implement secrets provider abstraction for faucet wallet key security
  (supports file-based secrets in /run/secrets for production)
- Create WASM crypto crate foundation for web wallet (Ed25519, BIP-39)
- Add DEPLOYMENT.md guide for testnet deployment
- Add SECURITY_AUDIT_SCOPE.md for external security audit preparation
- Document seed node deployment process in synor-network

Security improvements:
- Faucet now auto-detects /run/secrets for secure key storage
- CORS already defaults to specific origins (https://faucet.synor.cc)
- Bootstrap peers now configurable at runtime without recompilation
2026-01-08 07:21:14 +05:30

7.7 KiB
Raw Blame History

Synor Blockchain Security Audit Scope

This document defines the scope for external security audits of the Synor blockchain.

1. Overview

Project: Synor - High-throughput blockDAG with quantum-resistant cryptography Language: Rust (core), TypeScript (web wallet) Audit Priority: High (pre-mainnet requirement)

Key Innovations to Audit

  • GHOSTDAG consensus with PHANTOM ordering
  • Hybrid Ed25519 + Dilithium3 post-quantum signatures
  • WASM-based smart contract VM
  • Custom UTXO model with parallel validation

2. Audit Scope by Priority

2.1 Critical Priority (Must Audit)

Cryptographic Primitives (crates/synor-crypto/)

Component File Focus Areas
Keypair generation src/keypair.rs Entropy sources, secure randomness
Ed25519 signatures src/signature.rs Signature malleability, validation
Dilithium3 PQC src/dilithium.rs Parameter validation, side-channel resistance
Hybrid signatures src/hybrid.rs Composition correctness, fallback behavior
Address derivation src/address.rs Bech32m encoding, checksum validation
Key encryption src/lib.rs AES-256-GCM, Argon2 parameters

Specific Concerns:

  • Verify Dilithium3 implementation matches FIPS 204 draft
  • Check for timing side-channels in signature verification
  • Validate entropy sources on different platforms

Consensus (crates/synor-consensus/)

Component File Focus Areas
GHOSTDAG src/ghostdag.rs K-cluster selection, anticone calculation
Ordering src/ordering.rs Topological sort, merge set computation
Block validation src/validation.rs PoW verification, timestamp checks
Difficulty adjustment src/difficulty.rs DAA window, manipulation resistance
Finality src/finality.rs Finality depth, reorg resistance

Specific Concerns:

  • GHOSTDAG K parameter (K=18) sufficient for 10 BPS?
  • DAA vulnerability to timestamp manipulation
  • Selfish mining / withholding attack resistance

DAG Structure (crates/synor-dag/)

Component File Focus Areas
Block storage src/store.rs Hash collision handling
Parent selection src/relations.rs Tip selection algorithm
Blue score src/blue_score.rs Score computation correctness

2.2 High Priority

Smart Contract VM (crates/synor-vm/)

Component File Focus Areas
WASM executor src/executor.rs Sandbox escape, memory isolation
Gas metering src/gas.rs Metering accuracy, DoS prevention
Host functions src/host.rs Input validation, state access
Memory management src/memory.rs Bounds checking, overflow

Specific Concerns:

  • WASM sandbox escape vulnerabilities
  • Gas exhaustion attacks
  • Host function privilege escalation
  • Stack overflow in recursive contracts

Transaction Processing (crates/synor-types/)

Component File Focus Areas
Transaction structure src/transaction.rs Signature verification order
UTXO management src/utxo.rs Double-spend prevention
Script validation src/script.rs Opcode security

2.3 Medium Priority

Network Layer (crates/synor-network/)

Component File Focus Areas
P2P protocol src/service.rs Message validation, DoS vectors
Peer reputation src/reputation.rs Ban bypass, sybil resistance
Rate limiting src/rate_limit.rs Token bucket implementation
Sync protocol src/sync/ Malicious peer handling

Specific Concerns:

  • Eclipse attack resistance
  • Network partition detection accuracy
  • Gossipsub topic amplification

Storage (crates/synor-storage/)

Component File Focus Areas
Block storage src/block_store.rs Corruption recovery
UTXO set src/utxo_store.rs Consistency guarantees
Pruning src/pruning.rs Data availability after prune

2.4 Lower Priority

RPC API (crates/synor-rpc/)

Component Focus Areas
JSON-RPC handlers Input validation, injection
WebSocket Connection limits, memory exhaustion
Rate limiting Bypass prevention

Governance (crates/synor-governance/)

Component Focus Areas
DAO voting Vote weight manipulation
Treasury Withdrawal limits, timelocks
Proposals Execution safety

Node Application (apps/synord/)

Component Focus Areas
Configuration Secrets handling
Service orchestration Race conditions
CLI wallet Key storage security

3. Out of Scope

The following are not in scope for the initial audit:

  • Third-party dependencies (covered by cargo-audit)
  • Web wallet frontend (separate web security audit)
  • DevOps/infrastructure security
  • Physical security of node operators
  • Social engineering vectors

4. Threat Model

4.1 Adversary Capabilities

Level Description Mitigations Expected
L1 Remote attacker, no stake Network protocol security
L2 Minority miner (<33% hashrate) Consensus security
L3 Majority miner (>50% hashrate) Finality guarantees
L4 Quantum computer access Dilithium3 signatures
L5 Nation-state (future) Quantum + classical resistance

4.2 Key Security Properties

  1. Consensus Safety: No conflicting finalized blocks
  2. Liveness: Transactions confirm within reasonable time
  3. Censorship Resistance: No single entity can block transactions
  4. Key Security: Private keys protected from extraction
  5. Quantum Resistance: Secure against future quantum computers

5. Prior Work & References

Consensus

  • PHANTOM/GHOSTDAG papers (Sompolinsky & Zohar)
  • Kaspa implementation reference
  • DAGKnight improvements

Cryptography

  • FIPS 204 (Dilithium) draft specification
  • Ed25519 (RFC 8032)
  • Bech32m (BIP-350)
  • Argon2 (RFC 9106)

Smart Contracts

  • WASM specification
  • Wasmtime security model

6. Deliverables Expected

  1. Full Report: Detailed findings with severity ratings

  2. Executive Summary: Non-technical overview

  3. Findings by Category:

    • Critical (immediate action required)
    • High (fix before mainnet)
    • Medium (fix within 30 days)
    • Low (best practice improvements)
    • Informational (suggestions)

  4. Proof of Concepts: For any exploitable vulnerabilities

  5. Remediation Verification: Re-check after fixes

7. Audit Timeline

Phase Duration Description
Kickoff 1 day Scope review, access setup
Crypto Audit 2 weeks synor-crypto, synor-consensus
VM Audit 1 week synor-vm, contract security
Network Audit 1 week synor-network, P2P protocols
Report 1 week Findings documentation
Remediation 2 weeks Fix implementation
Verification 3 days Re-audit of fixes

Total: ~7 weeks

8. Contact & Resources

Repository Access

  • Main repo: github.com/g1-technologies/synor (private until audit)
  • Test vectors: docs/test-vectors/
  • Architecture docs: docs/architecture/

Points of Contact

  • Technical Lead: [To be assigned]
  • Security Lead: [To be assigned]

Development Environment

  • Rust 1.75+
  • wasm32-unknown-unknown target
  • All tests: cargo test --workspace
  • Benchmarks: cargo bench --workspace

9. Previous Audits

None (first external audit)

10. Changelog

Date Version Changes
2026-01-08 1.0 Initial scope document

Prepared for Phase 7: Production Readiness