{"id":896,"date":"2024-08-02T13:16:02","date_gmt":"2024-08-02T11:16:02","guid":{"rendered":"https:\/\/ackee.xyz\/blog\/?p=896"},"modified":"2024-08-07T15:20:15","modified_gmt":"2024-08-07T13:20:15","slug":"rhinestone-module-registry-audit-summary","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/rhinestone-module-registry-audit-summary\/","title":{"rendered":"Rhinestone Module Registry Audit Summary"},"content":{"rendered":"<p><span style=\"font-weight: 400;\"><a href=\"https:\/\/rhinestone.wtf\/\" target=\"_blank\" rel=\"noopener\">Rhinestone<\/a> is dedicated to transforming smart accounts into an open platform for innovation. They aim to create a secure and interoperable ecosystem of modules, fostering permissionless smart account innovation and enabling developers to build powerful onchain products with seamless UX.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The <a href=\"https:\/\/blog.rhinestone.wtf\/a-foundational-layer-to-modular-account-abstraction-e7b21ae56034\" target=\"_blank\" rel=\"noopener\">Module Registry<\/a> is a foundational layer of Rhinestone\u2019s tech stack. Its primary function is to enforce standards and security guarantees for users and developers by storing onchain security assertions made by independent auditors. The registry provides a scalable and trustless system for solving smart account security and enabling an open module ecosystem that is account vendor-agnostic, thanks to <a href=\"https:\/\/erc7579.com\/\" target=\"_blank\" rel=\"noopener\">ERC-7579<\/a>.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Rhinestone engaged Ackee Blockchain to perform a security review of the Rhinestone Module Registry for a total of 7 engineering days in a period between April 10 and April 19, 2024.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">METHODOLOGY<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">We began our review by using static analysis tools, namely <\/span><a href=\"https:\/\/getwake.io\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Wake<\/span><\/a><span style=\"font-weight: 400;\"> in companion with <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=AckeeBlockchain.tools-for-solidity\" target=\"_blank\" rel=\"noopener\">Tools for Solidity<\/a> VS Code extension. We then took a deep dive into the logic of the contracts. For testing and fuzzing, we have involved Wake testing framework.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">During the review, we paid special attention to:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking module deployment can not be misused,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">detecting possible reentrancies in the code,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking possible front-running,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">checking for denial of service attacks,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring access controls are not too relaxed or too strict,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">looking for common issues such as data validation.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">SCOPE<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The audit has been performed on the commit <code class=\"codehl\">6f5e84a<\/code> and the exact scope was the following files:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/Attestation.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/AttestationManager.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/ModuleManager.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/ResolverManager.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/SchemaManager.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/SignedAttestation.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/TrustManager.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/core\/TrustManagerExternalAttesterList.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/AttestationLib.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/Helpers.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/ModuleDeploymentLib.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/ModuleTypeLib.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/StubLib.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/lib\/TrustLib.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/Common.sol\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/DataTypes.sol<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">.\/Registry.sol\u00a0<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">FINDINGS<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Here we present our findings.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Critical severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">No critical severity issues were found.\u00a0<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">High severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">H1: <code class=\"codehl\">threshold = 1<\/code> optimization DoS<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Medium severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">M1: Arbitrary call on factory<\/span><\/p>\n<p><span style=\"font-weight: 400;\">M2: Attesters are not de-duplicated<\/span><\/p>\n<p><span style=\"font-weight: 400;\">M3: <code class=\"codehl\">registerModule<\/code> front-running<\/span><\/p>\n<p><span style=\"font-weight: 400;\">M4: <code class=\"codehl\">trustAttesters<\/code> downcast<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Low severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">L1: Resolver one-step ownership transfer<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Warning severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">W1: Deployment and attestation denial of service<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W2: Inconsistent revert errors<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W3: EIP-712 compliance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W4: <code class=\"codehl\">findTrustedAttesters<\/code> revert on no attesters<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W5: <code class=\"codehl\">trustAttesters<\/code> zero address validation<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W6: Inconsistent data validation<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W7: <code class=\"codehl\">TrustLib<\/code> high-order bits not cleared<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Information severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">I1: Multiple interfaces<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I2: Inconsistent parameter naming<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I3: Duplicated code<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I4: Modifier placement<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I5: Missing NatSpec documentation<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I6: <code class=\"codehl\">_storeAttestation<\/code> false comment<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I7: <code class=\"codehl\">NewTrustedAttesters<\/code> event\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">CONCLUSION<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Our review resulted in 20 findings ranging from Info to High severity.<\/span><\/p>\n<p><b>Ackee Blockchain recommends Rhinestone to:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">remove the optimization for <code class=\"codehl\">threshold = 1<\/code>,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">separate the factory logic to the neutral contract,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">resolve the risk of front-running,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">implement two-step ownership transfer,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">address all other reported issues.<\/span><\/li>\n<\/ul>\n<p><b>Ackee Blockchain\u2019s full Rhinestone audit report with a more detailed description of all findings and recommendations can be found <a href=\"https:\/\/github.com\/rhinestonewtf\/registry\/tree\/main\/audits\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We were delighted to audit Rhinestone and look forward to working with them again.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rhinestone is dedicated to transforming smart accounts into an open platform for innovation. They aim to create a secure and interoperable ecosystem of modules, fostering permissionless smart account innovation and enabling developers to build powerful onchain products with seamless UX. The Module Registry is a foundational layer of Rhinestone\u2019s tech stack. Its primary function is to enforce standards and security guarantees for&hellip;<\/p>\n","protected":false},"author":17,"featured_media":898,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,10,103],"tags":[89,141,101,104],"class_list":["post-896","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-audits","category-ethereum","category-wake","tag-audit-summary","tag-rhinestone","tag-safe","tag-wake"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/08\/rhinestone.wtf-2-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/08\/rhinestone.wtf-2-600x600.png","author_info":{"display_name":"Stepan Sonsky","author_link":"https:\/\/ackee.xyz\/blog\/author\/stepan\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=896"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/896\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/898"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}