Skip to content

fix: remediate 2026 Interfold contracts security audit [skip-line-limit]#1727

Draft
hmzakhalid wants to merge 35 commits into
mainfrom
fix/contracts-security-audit-20260715
Draft

fix: remediate 2026 Interfold contracts security audit [skip-line-limit]#1727
hmzakhalid wants to merge 35 commits into
mainfrom
fix/contracts-security-audit-20260715

Conversation

@hmzakhalid

@hmzakhalid hmzakhalid commented Jul 15, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • remediates 16 confirmed code findings from the 2026-07-15 contracts audit
  • requires final DKG and decryption proofs in the protocol; skip_proof_aggregation is a ciphernode-only test/CI flag, defaults off, and supplies mock-only non-empty placeholders while production verifiers remain mandatory
  • uses clean pre-deployment state and APIs: no migration sentinels, compatibility fallbacks, or legacy slash routes
  • regenerates the C-03 DecryptionAggregator verifier through the circuit tooling; no generated verifier was hand-edited
  • does not include the audit report or audit PoC report/test

Security and protocol decisions to review

  • H-01: when fee and slash tokens match, slash proceeds first fill the requester's original-payment shortfall and the remainder goes to currently active honest nodes. When the tokens differ, the requester receives the slash asset as priority compensation without claiming value equivalence. Same-token residual with no active honest nodes goes to the snapshotted treasury.
  • M-03: eligibility settings remain governable. A setting change advances the policy version, resets the aggregate active count, and makes cached operators fail closed until permissionless refresh.
  • M-04: each E3 snapshots its lifecycle dependencies. Previously used slashing managers remain authorized across rotation so in-flight E3s can finish; governance must explicitly revoke an old manager only after its E3s, proposals, and routes are terminal.
  • M-08: bonding-token rotation remains fail-closed until the old token's obligations are fully drained. For the licence token this includes the registry's complete old-token balance, so unsolicited dust must also be cleared before rotation.

Fixed findings

Critical

High

Medium

Low

Validation

  • Hardhat: 505 passing, 2 intentionally pending
  • Rust workspace library tests: 237 passing across the two largest ZK helper/prover suites, with the full workspace library run green
  • ciphernode source-aligned integration in proof-skip mode: 3 passing, 2 intentionally ignored
  • SDK build and tests: 7 passing
  • Noir: formatting green, 154 tests passing
  • generated DKG/decryption verifier consistency: green
  • upgrade storage-layout validation: green against reviewed committed baselines
  • size gate: Interfold 24,058 bytes (518 bytes EIP-170 headroom); both final aggregator verifiers 23,980 bytes
  • contract lint: 0 errors, 4 pre-existing warnings
  • template and CRISP contract compilation: green

Issue resolution

Closes #1708
Closes #1709
Closes #1710
Closes #1711
Closes #1712
Closes #1714
Closes #1716
Closes #1717
Closes #1718
Closes #1719
Closes #1720
Closes #1721
Closes #1722
Closes #1723
Closes #1724
Closes #1726

@vercel

vercel Bot commented Jul 15, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
crisp Error Error Jul 17, 2026 12:20pm
interfold-dashboard Ready Ready Preview, Comment Jul 17, 2026 12:20pm
interfold-docs Ready Ready Preview, Comment Jul 17, 2026 12:20pm

Request Review

@hmzakhalid hmzakhalid changed the title fix: remediate 2026 Interfold contracts security audit fix: remediate 2026 Interfold contracts security audit [skip-line-limit] Jul 15, 2026
@hmzakhalid hmzakhalid closed this Jul 15, 2026
@hmzakhalid hmzakhalid reopened this Jul 15, 2026
@hmzakhalid
hmzakhalid force-pushed the fix/contracts-security-audit-20260715 branch from 7303a5f to 740286a Compare July 15, 2026 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment