The last and most comprehensive step in Session's three-phase smart contract auditing process has commenced. As the migration to the Session Network approaches, audits are vital to ensure the security of Session Token’s smart contracts. In this most recent audit, no critical vulnerabilities were discovered, and all issues that were discovered have already been resolved.
Several freelance auditors were employed during phase one, followed by a full audit of the Session Token rewards contract by Cipher Seluths during the second phase in March. Now, Session has partnered with Zellic for the third phase of full audits. Zellic is a security research firm with deep expertise in blockchain security and cryptography with a very strong reputation for detailed and thorough security assessments. Previously, they have audited projects such as Solana, SushiSwap, and Cosmos.
Zellic conducts security audits using a structured approach which includes both automated and manual assessments. While the methods and focus areas differ for each project, their time is primarily dedicated to an extensive manual review of the entire codebase. For each issue identified, Zellic evaluates and assigns an impact rating based on their view of the severity of the risk and the probability of the exploit.
There are five impact ratings, but two findings with the same rating may differ in importance based on soft factors, like threat models, business needs, and so on. Findings are either assessed as Critical, High, Medium, Low and Informational. The audit discovered 5 findings in total, ranging from High to Informational.
High
Two findings were assessed as having high severity. Both are now resolved.
H-01: A vulnerability which could allow an attacker to perform arbitrary updates to the rewards balance. This could lead to manipulation of rewards and financial losses.
This finding was resolved by implementing a minimum waiting period before updating the BLS signature after the execution of the serviceNodeAdd function, rather than allowing an immediate update.
H-02: Possibility of a rogue key attack by the owner of the contract, resulting in a signature that is signed only by them seen as valid.
This finding was resolved by verifying proof-of-possession for all aggregate key modifications to ensure the entity requesting the changes owns the private key being used to sign.
Medium
One finding was assessed as having medium severity. It is now resolved.
M-01: Security of BLS signatures is undermined because the mapping function is always applied to an input generated by the keccak256 function.
This issue was resolved by ensuring that the mapToG2 function adheres strictly to the construction described in the paper or by implementing a more recent construction method (as defined here).
Low
One finding was assessed as having low severity. It is now resolved.
L-01: Security of BLS signatures is undermined because our implementation had misalignment with the assumption of a random oracle function that is found in the original BLS paper.
The finding was resolved by adjusting the construction output to uniformly distribute values with a negligible bias similarly to the hash_to_field function (defined here).
Informational
One finding was assessed as informational, meaning that it did not pose a legitimate security threat, but rather could cause unexpected behaviours. It is now resolved.
Next Steps
Session originally enlisted the services of Zellic some time ago, and immediately began resolving the vulnerabilities identified by their team once a preliminary report was received. This blog provides an overview of the final report, which confirms that each of Zellic’s findings were properly resolved. All of the code which was audited is now live in a testnet environment, and a list of the pull requests linked to each fix can be found here.
There may be some small follow-up collaborations with Zellic as further elements of the network are stress-tested throughout the testnet.
View the full report from Zellic here.