{"id":593,"date":"2023-11-16T15:04:21","date_gmt":"2023-11-16T13:04:21","guid":{"rendered":"https:\/\/ackeeblockchain.com\/blog\/?p=593"},"modified":"2024-07-11T15:30:16","modified_gmt":"2024-07-11T13:30:16","slug":"brahma-console-v2-audit-summary","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/brahma-console-v2-audit-summary\/","title":{"rendered":"Brahma: Console v2 audit summary"},"content":{"rendered":"<p><a href=\"https:\/\/www.brahma.fi\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Brahma Console<\/span><\/a><span style=\"font-weight: 400;\"> is a custody and DeFi execution environment built with <\/span><a href=\"https:\/\/ackee.xyz\/blog\/tag\/safe\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Safe<\/span><\/a><span style=\"font-weight: 400;\"> as custody rails, enabling granular access control with transaction policies and roles, as well as automated execution.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Brahma engaged Ackee Blockchain to perform a security review of the Brahma protocol\u2019s commit 3578883 with a total time donation of <\/span>8 engineering days in a period between September 25 and October 5, 2023.<\/p>\n<h2><b>METHODOLOGY<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">We began our review by using static analysis tools, namely <a href=\"https:\/\/getwake.io\/\" target=\"_blank\" rel=\"noopener\">Wake<\/a>. We then took a deep dive into the logic of the contracts. For testing and fuzzing, we involved Wake testing framework.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We prepared a fuzz test covering the whole project, which yielded the H1 and M1 issues.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">During the review, we paid special attention to:\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking and testing signature validation of all kinds<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking the possibility of manipulating registries<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking the possibility of replay attacks<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring the guards can not lead to DoS or be bypassed<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring access controls are not too relaxed or too strict<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">detecting possible reentrancies in the code<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">looking for common issues such as data validation.<\/span><\/li>\n<\/ul>\n<h2><b>SCOPE\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The audit was performed on the commit 3578883 and the scope was the following:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">AddressProvider.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">AddressProviderService.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Constants.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ExecutorPlugin.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PolicyValidator.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SafeDeployer.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SafeEnabler.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SafeModerator.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SafeModeratorOverridable.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">TransactionValidator.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ExecutorRegistry.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PolicyRegistry.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">WalletRegistry.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SafeHelper.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">TypeHashHelper.sol<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">For Revision 1.1 the review was done on the given commit: 4589ec4 and the scope was only the findings.\u00a0<\/span><\/p>\n<h2><b>FINDINGS<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Here we present our <\/span><span style=\"font-weight: 400;\">findings<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h3><b>Critical severity\u00a0<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">No critical severity issues were found.\u00a0<\/span><\/p>\n<h3><b>High severity\u00a0<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">H1: Console permanent denial of service<\/span><\/p>\n<h3><b>Medium severity<\/b><\/h3>\n<p><b>M1: <\/b><span style=\"font-weight: 400;\">_isGuardBeingRemoved check dysfunctional<\/span><\/p>\n<h3><b>Low severity<\/b><\/h3>\n<p><b>L1:<\/b><span style=\"font-weight: 400;\"> Console guard can be enabled with zero policy<\/span><\/p>\n<h3><b>Warning severity\u00a0<\/b><\/h3>\n<p><b>W1: <\/b><span style=\"font-weight: 400;\">Authorized addresses can not be deauthorized\u00a0<\/span><\/p>\n<p><b>W2: <\/b><span style=\"font-weight: 400;\">CallType different order than Safe Operation<\/span><\/p>\n<p><b>W3:<\/b><span style=\"font-weight: 400;\"> Registry addresses can not be changed<\/span><\/p>\n<h3><b>Informational severity\u00a0<\/b><\/h3>\n<p><b>I1: <\/b><span style=\"font-weight: 400;\">Outdated documentation<\/span><b>\u00a0<\/b><\/p>\n<h2><b>CONCLUSION<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Our review resulted in <\/span><b>7 findings<\/b><span style=\"font-weight: 400;\">, ranging from <\/span><i><span style=\"font-weight: 400;\">Info<\/span><\/i><span style=\"font-weight: 400;\"> to <\/span><i><span style=\"font-weight: 400;\">High<\/span><\/i><span style=\"font-weight: 400;\"> severity. The most severe one, discovered by the fuzz test, posed a possibility of denial of service (H1). Otherwise, the codebase is of high quality and is well-designed.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">At present, the H1 and M1 issues stand fixed by the Brahma team.<\/span><\/p>\n<p><b>We recommended Brahma to:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">update the documentation according to the new codebase<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">address all other reported issues.<\/span><\/li>\n<\/ul>\n<p><b>Ackee Blockchain\u2019s full <\/b><b><i>Brahma <\/i><\/b><b>audit report with a more detailed description of all findings and recommendations can be found <\/b><a href=\"https:\/\/github.com\/Ackee-Blockchain\/public-audit-reports\/blob\/master\/2023\/ackee-blockchain-brahma-console-v2-report.pdf\" target=\"_blank\" rel=\"noopener\"><b>here<\/b><\/a><b>.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We were delighted to audit<\/span><b> Brahma<\/b><span style=\"font-weight: 400;\"> and look forward to working with them again.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Brahma Console is a custody and DeFi execution environment built with Safe as custody rails, enabling granular access control with transaction policies and roles, as well as automated execution. Brahma engaged Ackee Blockchain to perform a security review of the Brahma protocol\u2019s commit 3578883 with a total time donation of 8 engineering days in a period between September 25 and October 5,&hellip;<\/p>\n","protected":false},"author":15,"featured_media":594,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,10,80],"tags":[21,136,24,101,68],"class_list":["post-593","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-audits","category-ethereum","category-solidity","tag-audit","tag-brahma","tag-ethereum","tag-safe","tag-solidity"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/11\/Brahma_BLOG-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/11\/Brahma_BLOG-600x600.png","author_info":{"display_name":"Aleksandra Yudina","author_link":"https:\/\/ackee.xyz\/blog\/author\/aleksandra-yudina\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/593","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=593"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/593\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/594"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=593"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=593"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=593"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}