pTokens Bitcoin Bridge Security Audit Result
We are pleased to announce that Cryptonics has finished an extensive security audit of the pTokens Bitcoin to Ethereum bridge.
pTokens is a cross-blockchain solution developed by Provable Things, formerly know as Oraclize. The system allows assets from different blockchains to be moved to Ethereum, in order to make them available to Decentralized Finance (DeFi) applications. This is achieved by locking up assets on the original chain and minting the equivalent amount of representative pTokens on Ethereum. Assets can be moved back by burning tokens on Etherum and freeing up the equivalent assets on the original chain.
Cryptonics has been engaged by Provable Things to audit the codebase of the initial Bitcoin to Ethereum implementation prior to its mainnet release. The interactive audit process has gone through various rounds and we are pleased to publish the final audit result.
Codebase Audited
The pToken Bitcoin to Ethereum bridge is a two-way bridge designed to run in a trusted execution environment, such as Intel’s Secure Software Guard Extensions. It consists of a secure enclave containing Bitcoin and Ethereum light clients, transaction relayers, smart contracts to be deployed on Ethereum, and a series of tools and APIs. In its first release, the bridge is implemented as a single trusted relayer node. However, a decentralized implementation is in development for future release.
The audited code includes the following modules:
- pbtc-enclave: Enclave containing a Bitcoin light-client (implemented in Rust). This component has been re-factored into `core´ and `app´.
- pbtc-btc-syncer: BTC syncing tool, designed to keep up a feed of BTC block submissions to the enclave (implemented in JavaScript).
- pbtc-eth-syncer: ETH syncing tool, designed to keep up a feed of ETH blocks to the enclave (implemented in JavaScript).
- pbtc-eth-and-btc-block-getter: ETH & BTC latest-block getter. It gets the latest block from the ETH & BTC chains, formats them correctly to be accepted by the pBTC enclave, and finally saves them out to the paths supplied by the user (implemented in JavaScript).
- Pbtc-db-repl: Tool for managing the external database instance for the pBTC token (implemented in JavaScript).
- pbtc-deposit-address-generator: Generates p2sh BTC addresses derived from an ETH address hashed together with a nonce (implemented in Rust).
- pbtc-enclave-api: An API made for the BTC enclave in Node using an express server (implemented in JavaScript).
- pbtc-tx-broadcaster: pBTC Token transaction broadcasting tool (implemented in JavaScript).
- pbtc-eth-smart-contract: pBTC ERC-777 token smart contract (implemented in Solidity).
Audit Procedure and Result
The audit has been performed in several rounds by a team of auditors specializing in blockchain security and extensive experience in the programming languages employed. The Cryptonics audit procedure follows a strict methodology adapted to programming language specifics, which involves a series of steps, ranging from automated code scanning and manual line by line code reviews to high-level architecture and design reviews.
The audit team was in constant contact with the development team and issues encountered were discussed and any fixes supplied were re-audited. The final audit report contains a full history of issues discussed and fixed.
We have found the submitted code base of very good quality with excellent documentation. Test coverage is also very complete. Several issues were detected and we have found the team very receptive to suggestions for improvements. All issues encountered have been addressed by either fixing or mitigating them. In the case of some minor comments, the issues have been acknowledged as deliberate choices.
The final audit report can be downloaded from the Cryptionics Website and GitHub.
