September 2020 Assessment

Trail of Bits Assessment

From September 14th through September 25th, 2020, Trail of Bits assessed commit hash (d35ef465)[https://github.com/trailofbits/x-audit-blockstack-core/commit/d35ef465e9fa2ce327a181117f8ca7933b9df075] of the BlockStack repository engaging two engineers over one person-week.

Goals

• Is there a way for a malicious miner or participant to game the system?
• Are there sufficient incentives in the PoB and PoX protocols to ensure fairness?
• Can a malicious node deny service to the system?
• Is the VRF implementation correct?
• Are rewards distributed fairly?

Coverage

• Manually reviewed SIP-001 and SIP-007
• Manually reviewed the VRF implementation
• Manually reviewed the sortition, burnchain, and Stacks chainstate databases
• Manually reviewed the PoX smart contract
• Reviewed the results from running Clippy, Cargo Audit, and Siderophile over the codebase
• Fuzz tested the VRF implementation using a fuzzer adapted from Algorand's VRF implementation

Properties Evaluated

• The SIPs specify that stacking participants can either post their protocol messages to the burn chain, or they can post them to the Stacks chain (with slightly different protocol deadlines). Investigated whether there is potential for “schizophrenia” or confused deputies if a participant posts contradictory messages to both chains at the same time
• Is communication between peer-to-peer nodes guaranteed to have data integrity?
• What incentivizes p2p nodes to participate in the gossip protocol?
• Can a malicious actor flood the network with peers that never relay messages and thereby break the gossip protocol?
• Are user-stipulated transaction processing modes correctly respected?
• Does a leader randomly select between chain tips of equal length as claimed in SIP-001?
• Is the Stacks chain's volume-per-epoch limit correctly enforced?
• Do clients correctly independently verify the result of random choices produced by the VRF?
• Are miners properly incentivized to transmit their reward commitments?