The Grin project has completed its second security audit, this time conducted by Coinspect. You can find their blog on the audit here and the full report with a table tracking each issue found can be accessed in the new grin-security repo.
- October 2018 - Security audit funding campaign begins
- December 2018 - Security audit funding campaign completed, 16 BTC goal is met
- February 2019 - Coinspect conducts audit
- February 2019 - CVE-2019-9195 is reported and fixed
- March - July 2019 - All findings are investigated and fixed
- August - September 2019 - Remediation verification period to ensure fixes are correct
- October 2019 - Publication of findings
During this time, in addition to addressing the issues discovered, a new RFC was implemented to further improve Grin’s security processes to improve response processes and timeliness among other things going forward. It is important to continue to evaluate Grin’s security by improving processes and conducting ongoing security audits as the community and codebase change over time.
One critical vulnerability was found which was promptly fixed and disclosed with CVE-2019-9195. Additionally five high risk, seven medium risk and one low risk issues were reported. All findings have now been verified to be fixed by Coinspect.
Most of the issues related to:
- Directory traversal and file handling
- Unsafe code in third-party libraries
- Improperly handled errors in Rust
- P2P connection logic
- Insufficient validation
These types of issues can lead to denials of service, data corruption and privilege escalation. Coinspect additionally identified some high-level issues including third-party dependencies, transaction pool/eviction policy, transaction processing time and transaction creation workflow to be future goals to improve Grin’s security. More details about these suggestions can be found in the full report.
All identified issues have been fixed. There are still some areas highlighted above and in the full report that can still be improved on as future work for Grin development.
Coinspect produced effective work with their findings and reporting, especially considering the challenges of coordinating this type of service with a decentralized community. Additionally the audit would not have been possible without the amazing donors that helped Grin reach the audit funding goal last December, the developers that followed through on important but tedious work and everyone else who gave their time and energy to give us a more secure Grin.
Hopefully the community that contributed to making this possible feels that this was a good use of resources and time, can share and iterate feedback from the process to make improvements and ultimately integrate what we have learned into future audits to continue the never-ending process of making Grin as secure as possible.