CertiK’s Audit of the Torus Distributed Key Generation Protocol

CertiK | Jul 22, 2020

Article's Poster

A series of thorough security assessments was carried out for Torus to audit and verify the Distributed Key Generation protocol.

What is Torus?

Torus is a user-friendly, secure, non-custodial key management system for DApps. The Distributed Key Generation protocol allows more nodes to participate in the process, which prevents a centralized point of failure.

The sole objective of the audit was to verifyTorus’ implementation of the DKG protocol against the provided specifications and scope:

  1. The audit work was scoped to a specific commit of the source code
  2. The code was verified against the specifications and literature provided by the client, which includes:

    Secure Distributed Key Generation for Discrete Log Based Cryptosystems

    Distributed Key Generation in the Wild

    AVS and PSS

  3. Particular files within the scope

  4. Node state transitions in each function were carefully verified against their specification
  5. Go programming best practices were enforced to improve general performance and minimize the chances of run-time panicking.

Digging Into the Audit

The overall goal of this code review was to help Torus protect their users by finding and fixing known vulnerabilities that could cause unauthorized access, loss of funds, cascading failure and/or other vulnerabilities. Alongside each security finding, potential remediations are suggested with best practices kept in mind.

The primary focus was to look at the messages processing functions of the package. Specifically, we analyzed how the keygen nodes are defined and how their state changes are triggered by messages.

We inspected every module within the scope to ensure that:

  1. The message routes the message to the correct processing function
  2. The functions process corresponding messages correctly according to the scope
  3. The messages are sent to the correct nodes

Summary and Revisions

In total we found one minor issue and other smaller shortcomings that Torus has already worked to remediate and update their codebase to maintain the highest commitment to security.

Overall we found that the module follows all the best practices and adheres to all the provided specifications. Moreover, other desirable properties of DKG include:

  1. Liveness: all wait states that a node enters are eventually satisfied
  2. Correctness: all honest nodes decide on the same value of selected sets of AVSS
  3. Efficiency: the overall DKG has uniformly bounded communication complexity
  4. Secrecy: no malicious nodes can compute the private key, otherwise it would break the discrete algorithm.

About CertiK

CertiK is a technology-led blockchain security company founded by Computer Science professors from Yale University and Columbia University built to prove the security and correctness of smart contracts and blockchain protocols.

CertiK’s mission of every audit is to apply different approaches and detection methods, ranging from manual, static, and dynamic analysis to ensure that the project is checked against known attacks and potential vulnerabilities. CertiK leverages a team of seasoned engineers and security auditors to apply testing methodologies and verifications on the project, in turn creating a more secure and robust software system.

CertiK has serviced more than 100 clients with high quality auditing and consulting services, ranging from stablecoins such as Binance’s BGBP and Paxos Gold to decentralized oracles such as Band Protocol and Tellor.