New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security & Code audits #1609

Open
lehnberg opened this Issue Sep 29, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@lehnberg
Collaborator

lehnberg commented Sep 29, 2018

This is a work in progress. Feedback / suggestions etc please provide in the comment field and I will update.


Introduction

As per 2.2 of Sep 25 Governance meeting, it is desired that Grin is undergoes thorough audits by third parties that are external to the project. The functionality of the protocol and applied cryptography should be reviewed, as well as the actual code of the implementation. Both academic or publicly funded researchers and institutions should be invited to participate, as well as private contractors.

Status as of Oct 19 2018

  • @Catheryne has taken the lead and is reaching out to potential auditors to enquire about interest and to obtain time/fee estimates (see below section).
  • Next scheduled discussion of topic is the Oct 23 Governance meeting @ 15:00 UTC.
  • Current open points:
    • How to engage auditors for the services agreement (contract), scope of work (SoW), and for invoicing (payment), particularly how to pay if they do NOT accept crypto. Because Grin does not have an entity / legal structure, these things are a bit of a challenge. Using a non-profit such as OSTIF as an intermediary is a potential solution, @Catheryne is investigating.
    • Fundraising for security audit, which currently has not raised any significant amounts.

Potential auditors and status

Firms

Name Accepts crypto? Requires legal entity to contract? Quote Description
NCC No Yes Notable projects are ZCash on CTs, Ripple, Google.
Kudelski Yes, but at a premium. Did audit of bulletproofs for Monero w/Quarkslab.
Quarkslab Waiting to hear back ~30 days @ $1650/day ($49.5k)
x-41-dsec No They recommended working with OSTIF as an intermediary organization, we're being intro'd. Scoping to provide an estimate. Recently completed an audit of theQRL (Quantum Resistant Ledger).
Coinspect Yes ~320 hours @$250 ($80k) for entire code base + cryptolib
TrailofBits
Least Authority
Commonwealth Crypto

Individuals

Name Institution Area Status
Dan Boneh Stanford Bulletproofs Does not have time to help
@bbuenz Stanford Bulletproofs would like to limit the scope to the implementation of Bulletproofs (using the libsecp library)
@cathieyun Interstellar, formally Chain Bulletproofs would like to limit the scope to the implementation of Bulletproofs (using the libsecp library)
Neha Narula MIT Audit best practices circulating it with her team to see who and what they might be able to help with
Mary Maller University College London if her work on zk-SNARKs would translate to helping audit Grin Replied she's not a developer and does not feel she has the skillset for audits.
Andrew Miller U of Illinois UC Dandelion Too busy
**Shailesh Bojja Venkatakrishnan U of Illinois UC Dandelion not too familiar with the actual code, so can't help
@gfanti Carnegie Mellon Dandelion Too busy, won't be able to help
@EthanHeilman Replied that he does like to do audits but no time these days.

Brief

When is the code estimated to be available for audit?

Current wide range is 2 weeks (aggressive) to 3 months (with lots of time).

What is the deadline for audits to be completed?

What parts of the project should be audited?

Current thinking: At least entire repo + supporting secp256k1 libs. Potentially base the audit based off of a branch of T4.

Are there any particular aspects to focus on?

For example DDoS, consensus, hidden inflation, privacy leaks, etc.

What's the deliverable?

How should the auditors present their findings?

What's the work process?

Perhaps developers doing an initial brief to auditors and hosting Q&As / walkthroughs?
Are the auditors providing progress updates?

How is the effort funded?

Crowd-fund campaign? Auditors paid in crypto? We raise a lump-sum, or break down audits to granular level? etc.

@Catheryne

This comment has been minimized.

Show comment
Hide comment
@Catheryne

Catheryne Oct 4, 2018

These are the folks from various universities whom I have contacted to date, for what, and status/comments on each:

  1. Dan Boneh (Stanford) for bulletproofs - he does not have time to help but did recommended @bbuenz and suggested NCC & TrailofBits. I contacted Benedikt, who said he was very busy and also didn't feel like he was the best person for the job.
  2. Neha Narula (MIT) for audit best practices. @Nerula replied that she's circulating it with her team to see who and what they might be able to help with
  3. Mary Maller (University College London) to see if her work on zk-SNARKs would translate to helping audit Grin. She replied she's not a developer and does not feel she has the skillset for audits.
  4. Andrew Miller (U of Illinois UC), Shailesh Bojja Venkatakrishnan (same univ), and Guilia Fanti (Carnegie Mellon) for Dandelion relay audit. Andrew replied he's jammed and recommended @EthanHeilman. I have not heard back from @gfanti or Shailesh despite multiple pings and so I assume they are not interested.
  5. @EthanHeilman. He replied that he does like to do audits but no time these days.

I also contacted these companies: TrailofBits, Kudelski Security, NCC Group, Coinspect. The only two I have heard back from are NCC and Coinspect:

  1. NCC. I was able to speak with them to talk about the work they've done and what our expectations are. They will be providing us a SOW (scope of work) with a time estimate and cost breakdown. They sent me various links of work they have done the past: notable projects are ZCash on CTs, Ripple, Google. They will back to me if they can take $ in crypto.
  2. Coinspect. We've traded emails answering various questions. They sent me an estimate of ~320 hours @$250 ($80k) to do the entire code base + cryptolib. If we can prioritize or narrow the scope, it would be helpful. They do accept crypto.

Also, because this audit will likely cost a fair penny, I've been socializing it with investors to see if there's interest in donating. I think it would be a good example for investors, especially those in the crypto space, to donate to open-source projects which not only help their portfolio companies but protect their investments.

Catheryne commented Oct 4, 2018

These are the folks from various universities whom I have contacted to date, for what, and status/comments on each:

  1. Dan Boneh (Stanford) for bulletproofs - he does not have time to help but did recommended @bbuenz and suggested NCC & TrailofBits. I contacted Benedikt, who said he was very busy and also didn't feel like he was the best person for the job.
  2. Neha Narula (MIT) for audit best practices. @Nerula replied that she's circulating it with her team to see who and what they might be able to help with
  3. Mary Maller (University College London) to see if her work on zk-SNARKs would translate to helping audit Grin. She replied she's not a developer and does not feel she has the skillset for audits.
  4. Andrew Miller (U of Illinois UC), Shailesh Bojja Venkatakrishnan (same univ), and Guilia Fanti (Carnegie Mellon) for Dandelion relay audit. Andrew replied he's jammed and recommended @EthanHeilman. I have not heard back from @gfanti or Shailesh despite multiple pings and so I assume they are not interested.
  5. @EthanHeilman. He replied that he does like to do audits but no time these days.

I also contacted these companies: TrailofBits, Kudelski Security, NCC Group, Coinspect. The only two I have heard back from are NCC and Coinspect:

  1. NCC. I was able to speak with them to talk about the work they've done and what our expectations are. They will be providing us a SOW (scope of work) with a time estimate and cost breakdown. They sent me various links of work they have done the past: notable projects are ZCash on CTs, Ripple, Google. They will back to me if they can take $ in crypto.
  2. Coinspect. We've traded emails answering various questions. They sent me an estimate of ~320 hours @$250 ($80k) to do the entire code base + cryptolib. If we can prioritize or narrow the scope, it would be helpful. They do accept crypto.

Also, because this audit will likely cost a fair penny, I've been socializing it with investors to see if there's interest in donating. I think it would be a good example for investors, especially those in the crypto space, to donate to open-source projects which not only help their portfolio companies but protect their investments.

@lehnberg lehnberg changed the title from [WIP] Task: Security & Code audits to Security & Code audits Oct 14, 2018

@Catheryne

This comment has been minimized.

Show comment
Hide comment
@Catheryne

Catheryne Oct 18, 2018

We need to figure out:

  • How to engage the firm(s) for the master services agreement (contract), scope of work (SoW), and for invoicing (payment), particularly how to pay if they do NOT accept crypto. Because Grin does not have an entity / legal structure, these things are a bit of a challenge. I'm trying to reach the non-profit OSTIF to see if they can help with both.
  • Fundraising for security audit. I have a few ideas that I'll propose at the next 10/23 governance meeting to see what the group thinks would work.

Update on audit firms:
I've added info and a few links from the work various firms have done to help in evaluating which firm(s) to choose. I don't have all the info/estimates from everyone yet and so I'll keep updating as I get info.

NCC

Do NOT take crypto. They also need an entity to work with.

Kudelski

DO take crypto but they add a 10% premium to their costs for all crypto payments. They seem quite busy at the moment and it takes multiple pings to get responses. Did audit of bulletproofs for Monero w/Quarkslab.

Quarkslab

Estimate ~30 days @ $1650/day ($49.5k). Waiting to hear back on whether they accept crypto. Did audit of bulletproofs for Monero w/Kudelski.

x-41-dsec

They are scoping to provide an estimate. Do NOT accept crypto. They recommended working with OSTIF (https://ostif.org/) as an intermediary organization - I asked for an intro to OSTIF. Recently completed an audit of theQRL (Quantum Resistant Ledger):

Also, update from a couple individuals:

  • @bbuenz (Stanford) @cathieyun (Interstellar, formally Chain). I asked if they would be willing to help out on signatures and MMR in addition. They'd like to limit the scope to the implementation of Bulletproofs range proofs (using the libsecp library).

  • Giulia is swamped and won't be able to help audit Dandelion, unfort.

  • Shailesh not too familiar with the actual code itself for Dandelion so can't help.

Catheryne commented Oct 18, 2018

We need to figure out:

  • How to engage the firm(s) for the master services agreement (contract), scope of work (SoW), and for invoicing (payment), particularly how to pay if they do NOT accept crypto. Because Grin does not have an entity / legal structure, these things are a bit of a challenge. I'm trying to reach the non-profit OSTIF to see if they can help with both.
  • Fundraising for security audit. I have a few ideas that I'll propose at the next 10/23 governance meeting to see what the group thinks would work.

Update on audit firms:
I've added info and a few links from the work various firms have done to help in evaluating which firm(s) to choose. I don't have all the info/estimates from everyone yet and so I'll keep updating as I get info.

NCC

Do NOT take crypto. They also need an entity to work with.

Kudelski

DO take crypto but they add a 10% premium to their costs for all crypto payments. They seem quite busy at the moment and it takes multiple pings to get responses. Did audit of bulletproofs for Monero w/Quarkslab.

Quarkslab

Estimate ~30 days @ $1650/day ($49.5k). Waiting to hear back on whether they accept crypto. Did audit of bulletproofs for Monero w/Kudelski.

x-41-dsec

They are scoping to provide an estimate. Do NOT accept crypto. They recommended working with OSTIF (https://ostif.org/) as an intermediary organization - I asked for an intro to OSTIF. Recently completed an audit of theQRL (Quantum Resistant Ledger):

Also, update from a couple individuals:

  • @bbuenz (Stanford) @cathieyun (Interstellar, formally Chain). I asked if they would be willing to help out on signatures and MMR in addition. They'd like to limit the scope to the implementation of Bulletproofs range proofs (using the libsecp library).

  • Giulia is swamped and won't be able to help audit Dandelion, unfort.

  • Shailesh not too familiar with the actual code itself for Dandelion so can't help.

@lehnberg

This comment has been minimized.

Show comment
Hide comment
@lehnberg

lehnberg Oct 19, 2018

Collaborator

Updated ticket to reflect updates above.

Collaborator

lehnberg commented Oct 19, 2018

Updated ticket to reflect updates above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment