Search

HAECHI Audit is now KALOS (read more)

We have secured over $60b worth of crypto assets across 400+ global crypto projects — L1/L2 projects, defi protocols, P2E games, and bridges — notably 1inch, SushiSwap, Badger DAO, SuperRare, Klaytn and Chainsafe.

 Blogs & Analysis

Search
Article realeased on Dec 14, 2022

Introduction

Royalty Fee Limit of NFT Marketplace Bypass via EIP-2981
Article realeased on Dec 8, 2022
According to the Audit Report (https://solana.com/solana-security-audit-2019.pdf) issued by Kudelski Security in 2019, rBPF Virtual Machine was not an audit scope, and no audits for rBPF were seen after that.
So, among the attack surfaces that exist in Solana, I thought it was the point where zero day vulnerabilities can be found with the highest probability, and I document what I had learned before looking for bugs.

Introduction

The Extended Berkeley Packet Filter (eBPF) was originally created to filter and monitor packets in the kernel.
Solana rBPF Vulnerability Case Study
Article realeased on Nov 29, 2022

Introduction

Moonbeam is a Polkadot-based Parachain that provides EVM compatibility.
It is ranked 1st in TVL among Polkadot Parachain, and the moonbeam team is interested in security enough to set a bug bounty of $1,000,000 in immunefi.
So, while I was analyzing Moonbeam for vulnerabilities, I saw an update that happened recently on the Moonbeam Network.
I am writing this article for DAPP developers in the Moonbeam ecosystem, considering that this update may adversely affect the DAPPs that exist in the Moonbeam ecosystem.

What Happened at Moonbeam Governance

On September 21, 2022, on Moonbeam Governance, the Moonbeam Council submitted a Proposal to upload the following three new precompile contracts to the mainnet, which was passed and updated on the mainnet. (link)
Batch
Call-Permit
Why the Moonbeam’s new pre-compile contract can create side-effect on its ecosystem
Article realeased on Nov 23, 2022

Account on the Solana.

Let’s skim over the Account struct of Solana. There are 4 fields consisting Account struct.
The 'lamports' field keeps track of the account's balance, and the 'rent epoch' field gives the next epoch number for which the account owes rent. When the account is a program (smart contract), the 'executable' field is set.
Before delving into the ‘data’ and ‘owner’ fields, keep the following in mind:
Every Account should be owned by a program account.
Solana Introductory Security Considerations
Article realeased on Nov 16, 2022
We first go over some details about the attack that’s not related to the main vulnerability.
where the initial capital came from
DFX Finance Attack Overview
Article realeased on Oct 26, 2022
Article realeased on Oct 21, 2022

Introduction

Wyvern v2.2 is a set of smart contracts that are used for asset exchange.
It was used by OpenSea for a long time, even though they moved on to Seaport few months ago.
In this article, we discuss the three known vulnerabilities of Wyvern v2.2 and how to patch them.
The codebase is in https://github.com/ProjectWyvern/wyvern-ethereum. The three vulns are:
DoS via Uninitialized Implementation, found in October 2019
Order Hashing Vulnerability, found in Q1 2022
ArrayUtils Memory Corruption, found in September 2022
Wyvern v2.2 1-day Vulnerabilities
Article realeased on Oct 14, 2022

Introduction

On August 3rd, security researchers Jinu and Allen found a vulnerability in THORChain TSS module, and submitted it via ImmuneFi. A malicious node operator (with a small number of malicious nodes) could launch DoS and blame other innocent node operator for it.

Understanding TSS & Usage

First, we need to understand what TSS actually is. Basically, a group of operators will each have their share of the ECDSA private key, and with enough people they can sign a message without revealing their share. THORChain used this to sign outbound transactions.
The cryptography inside TSS has been improving in terms of efficiency, security, and other properties over the years. The paper https://eprint.iacr.org/2021/060 presents a method where if the TSS signing fails, the system can find out which signer had caused the failure.
This is called “Identifiable Abort” - and this is great as now the system can penalize the signer who caused the failure. For example, they can remove the rewards for block generation.
THORChain Bug Disclosure
Article realeased on Sep 20, 2022

Audit Reports

Search
Report realeased on Oct 25, 2022

About Luxon - CrystalStaking Protocol

MemorialCrystal Token
The contract implements ERC1155 Token, and the owner (Owner) can change the information of ERC1155 Token and airdrop and mint to any user.
CrystalStaking
Users can staking the issued MemorialCrystal token and receive reward tokens for the duration of the staking. Reward tokens are periodically supplied to the contract by the admin.

Purpose of this report

This report was prepared to audit the security of the Crypstalstaking contracts developed by the Luxon team. HAECHI AUDIT conducted the audit focusing on whether the system created by the Luxon team is soundly implemented and designed as specified in the published materials, in addition to the safety and security of the Crystalstaking.
In detail, we have focused on the following
Project availability issues like Denial of Service.
Storage variable access control.
[Audit Report] Luxon - CrystalStaking
Report realeased on Oct 21, 2022

About MarbleX - NFT Marketplace Protocol

The NFT Marketplace works as follows. There’s an Order structure that contains the information on the order placed. This includes, among other things, maker/taker of the order, exchange address, payment token address, price information, fee information, listing time and expiration time, and the salt for preventing duplicate hashes. The execution of NFT transfers are handled in a much more general way in Wyvern 2.2. It allows the buyer and the seller to decide on a contract call parameters, i.e. the target of the call, the call method (call or delegatecall) and the calldata. To decide on the calldata, both the buyer and the seller decide on their idea on the calldata and the bitmap on which bits can be changed by the other. With some memory manipulation, the contract computes the final calldata based on the two order structures of buyer and seller and executes the contract. To verify that the orders are approved by the buyer or seller, either the appropriate ECDSA signatures should be provided, or they have to call the contract for approvals, or they have to call the contract themselves. In this project, the Klaytn format of signing hashes was applied.
[Audit Report] MarbleX - NFT Marketplace
Report realeased on Oct 20, 2022

About xGRND Staking

The project is an implementation of the ERC-4626 tokenized vault. The user can deposit the asset token and receive the reward-bearing token(xGRND) accordingly. The contract owner can deposit the reward and set the reward period and reward rate. By default, the reward period is set to 8 hours(28800 seconds), which means that every 8 hours the contract emits rewards. The emitted reward is distributed to users pro rata their deposit amount of asset token.
Users who deposit the asset token into the contract can request to withdraw their tokens. The withdrawal request is enqueued to the contract’s mapping. To receive the enqueued asset token, users have to wait until the unstaking period is passed. After the unstaking period, the user can call the collectGrnd function. The function transfers the user’s token and dequeue withdrawal requests from the mapping.
The contract owner has the privilege to set reward rate and period, furthermore, withdraw rewards. The contract can be paused or unpaused by the contract owner and is upgradeable using a proxy pattern.

Purpose of this report

This report was prepared to audit the security of the xGRND staking contract developed by the Superwalk team. HAECHI AUDIT conducted the audit focusing on whether the system created by the Superwalk team is soundly implemented and designed as specified in the published materials, in addition to the safety and security of the staking contract.
In detail, we have focused on the following
Correctness of reward calculation.
Correctness of period calculation.
Storage variable access control.
Adequate implementation of ERC4626 spec.
[Audit Report] SuperWalk - xGRND Staking
Report realeased on Sep 23, 2022
Report realeased on Sep 19, 2022

About Luxon Protocol

Airdrop
The contracts in scope of audit are implementation of Airdrop and Gacha systems. The project team set the user’s address and token ID, amount before the airdrop(AirdropUser.sol). Based on the information set by the project team, the Gacha Ticket is distributed to the user(AirdropGachaTicket.sol). The Gacha Ticket is an ERC1155 token implementation(GachaTicket.sol) and the user can use this ticket to make use of the Gacha system.
Gacha
By burning the Gacha ticket, the user can mint a character that has a random ID value. The tier information(GachaData.sol) set by the project team makes the character’s tier in proportion to tier information(GachaMachineByGachaTicket.sol). The character NFT(ERC721) based on the character ID(LCT.sol) is minted to the user.
Pausable
The project team has the privilege to pause the Gacha process. If the state of the contract is in Inspection, users can not use the Gacha feature(LuxOnService.sol).

Purpose of this report

This report was prepared to audit the security of the Airdrop and Gacha system-related contracts developed by the Luxon team. HAECHI AUDIT conducted the audit focusing on whether the system created by the Luxon team is soundly implemented and designed as specified in the published materials, in addition to the safety and security of the Airdrop and Gacha implementation.
In detail, we have focused on the following
Unintended behavior on the process of Airdrop.
[Audit Report] Luxon - Airdrop & Gacha
Report realeased on Sep 6, 2022

About Sygma

Sygma is a bridge which can be used to send assets over different blockchains. It can be used to transfer tokens in various standards like ERC20, ERC721, ERC1155. However, Sygma allows much more possibilities with its GenericHandler, which practically allows arbitrary function calls provided that the admin allows such calls with its whitelist and access control system. The system currently works between EVM-based blockchains.
The system works as follows. If a user wants to transfer some ERC20 from chainA to chainB, it first deposits the said ERC20 into the bridge contract of chainA. The contract will then lock the tokens in chainA, then emit an event which implies a deposit was created. The relayers, off-chain operators of the system, will listen to these events and will cooperate with each other to sign and send the appropriate transactions on the destination blockchain, which is chainB in this case.
To sign these transactions, the relayers use a cryptographic method known as Threshold Signatures, or Threshold ECDSA in this case. Using Threshold ECDSA technology, the relayers, which each hold a share of the full ECDSA private key, can sign appropriate transactions without ever knowing the full private key. Also, in the case of an abort, the system can identify the relayer which caused the abort, leading to a more safe system.
The smart contracts handle deposits by users and contract calls by the relayers. The bridge contract will receive these requests by users and relayers, and send them to the appropriate handler contracts. These contracts, which are divided by their usage (for example, the type of token it transfers) will handle the transfers, mints and burns as necessary.
There is also a fee handler, which deals with the fee logic, fee collection, and fee transfers. A fee oracle is used to get the required information to calculate the fees as well.
Our audit covers the Threshold Signature scheme implementation and the smart contracts, but the fee oracle and event listeners of the relayers are not a part of the scope. However, we did find some bugs in the event listeners, which we will share in our audit report below.

Purpose of this report

This report was prepared to audit the security of the Sygma bridge and related contracts developed by the Sygma team. HAECHI AUDIT conducted the audit focusing on whether the system created by the Sygma team is soundly implemented and designed as specified in the published materials, in addition to the safety and security of the bridge.
In detail, we have focused on the following -
Possibilities of Signature Replay
[Audit Report] Sygma(ChainBridge)

Team

We are a group of security researchers, cryptographers and whitehat hackers with global top-tier experiences in both web2 and web3.
Search

Website

 HAECHI LABS
KALOS Homepage

Contacts

 Email
 Twitter
Made with