-
Total Prize Pool: $140,000 in USDC
- HM awards: $103,900 in USDC
- Analysis awards: $5,800 in USDC
- QA awards: $2,900 in USDC
- Gas awards: $2,900 in USDC
- Judge awards: $15,000 in USDC
- Lookout awards: 9,000 in USDC
- Scout awards: $500 in USDC
-
Join C4 Discord to register
-
Submit findings using the C4 form
-
Starts March 6, 2024 20:00 UTC
-
Ends March 27, 2024 20:00 UTC
Note for C4 wardens: Anything included in this Publicly Known Issues section is considered a publicly known issue and is ineligible for awards.
- All code inside packages/protocol/contracts/team uses ERC20's
transferFrominstead ofsafeTransferFrom. This is known and acceptable. - All findings from our previous audit reports (see below) are ineligible for awards.
Taiko is a Based rollup. You can learn about Based rollups by following the links below:
- https://ethresear.ch/t/based-rollups-superpowers-from-l1-sequencing/15016
- https://taiko.mirror.xyz/7dfMydX1FqEx9_sOvhRt3V8hJksKSIWjzhCVu7FyMZU
This version of the Taiko protocol is also known as Based Contestable Rollup, or BCR. You can learn about BCR design using these links:
- https://taiko.mirror.xyz/Z4I5ZhreGkyfdaL5I9P0Rj0DNX4zaWFmcws-0CVMJ2A
- https://www.youtube.com/watch?v=A6ncZirXPfc
There are also a few documents in packages/protocol/docs that you can take a look at. We are working on converting them into our official documentation before the mainnet launch. Apologies that these files are not well-maintained, but I think they may provide some additional insights into BCR's design and/or implementation.
A built-in cross-layer communication mechanism is also included in the core protocol code to facilitate communication across multiple Taiko L2s and/or L3s. We call it multi-hop bridging. You can learn about the basic design here.
-
Whitepaper Update Notice: The current version of the Taiko whitepaper outlines the fundamental principles of our Base rollup design. Please note, however, that this document has not been updated recently, and as such, some of the details may not accurately reflect the latest developments in our project. While the whitepaper does provide a valuable overview of Taiko's core concepts, it does not include information on our Contestable Rollup features, which are a significant part of our evolving architecture.
-
Tokenomics Whitepaper Overview: For a straightforward explanation of how the Taiko token integrates within our protocol, refer to our tokenomics whitepaper. This document succinctly details the use of Taiko tokens as bonding mechanisms within the Taiko ecosystem, offering insight into our tokenomic strategy.
- Previous audits: An older version of the protocol has been audited by Sigma Prime (report). The corresponding bridge code has been audited by QuillAudits (report). Please see the list of changes between the audited version and the current v1.0.0 release.
- Documentation: https://docs.taiko.xyz
- Website: https://taiko.xyz
- Twitter: https://twitter.com/taikoxyz
- Discord: https://discord.gg/taikoxyz
Here are the improved and corrected sentences:
All files outside of packages/protocol/contracts are out of scope.
- Our vaults are designed to work with all ERC20, ERC1155, and ERC721 tokens, respectively.
- The AssignmentHook contract shall support any ERC20 tokens and Ether as proving fees.
- The core protocol supports only TaikoToken as bonds.
- Contracts in packages/protocol/contracts/team are expected to be deployed on Taiko L2 and only work with the
BridgedERC20token (not theTaikoToken) and a future Taiko NFT (ERC-721). TaikoL1,TaikoGovernor,TaikoTimelockController, andTaikoTokenwill be deployed on Ethereum;TaikoL2will be pre-deployed on Taiko L2 before genesis. All other contracts, includingAddressManager,SignalService,Bridge, all vaults and bridged tokens, will be deployed on both Ethereum and Taiko L2.- All contracts have an owner who can upgrade the contract code and perform certain special actions. There are also special named roles such as proposer, proposer_one, bridge_pauser that can call special functions. These named roles can be configured to be
address(0)to disable these functions. Please search foronlyFromNamedto locate these special roles. BridgedERC20has a special role called snapshooter; once set, this role can take snapshots.
- Launching a DoS attack on the core protocol.
- Exploiting bugs in Merkle proof verification logic.
- Exploiting potential bugs in multi-hop bridging, for example, use a multi-hop that contains a loop.
- Constructing bridge messages whose hashes collide.
- Continuously contesting valid proofs to delay block confirmation.
- Exhausting the L1 block proposing ring-buffer to halt the chain.
- Exploring bugs in L2's anchor transaction.
- If you have a public code repo, please share it here: https://github.com/taikoxyz/taiko-mono/tree/v1.0.0
- How many contracts are in scope?: 81
- Total SLoC for these contracts?: 7611
- How many external imports are there?: 52
- How many separate interfaces and struct definitions are there for the contracts within scope?: 85
- Does most of your code generally use composition or inheritance?: Composition
- How many external calls?: 17
- What is the overall line coverage percentage provided by your tests?: 79
- Is this an upgrade of an existing system?: False
- Check all that apply (e.g. timelock, NFT, AMM, ERC20, rollups, etc.): ERC20, ERC721, ERC1155, Rollup, SGX, Multi-Chain, Bridging
- Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?: False
- Please describe required context: you must understand how rollup works.
- Does it use an oracle?: No
- Describe any novel or unique curve logic or mathematical models your code uses: None
- Is this either a fork of or an alternate implementation of another project?: False
- Does it use a side-chain?: No
cd packages/protocol/
pnpm install
pnpm compile
pnpm testMake sure you're using the latest version of Slither (0.10.1).
cd packages/protocol/
slither .Employees of Taiko and employees' family members are ineligible to participate in this audit.