Aligned / aligned-layer

Aligned is a decentralized network that verifies Zero-Knowledge/validity proofs and posts the results to Ethereum. It is designed to provide high throughput, cheap proof verification with low latency.

Prize distribution and scoring

• Total Prize Pool: $100,000

• Primary Prize Pool: $95,000

• $5,000 of the prize pot is reserved for Low Severity findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.

  • 1st: $2.5k
  • 2nd: $1.25k
  • 3rd: $500
  • 4th: $375
  • 5th: $375

• Scoring described in the competition scoring page.

• Findings Severities described in detail on our docs page.

Severity Definitions

Please note that this competition has slightly different severity definitions including an additional critical severity.

Critical Severity Finding

A Critical Severity Finding is defined as a high impact issue with a high likelihood of being exploited, where the impact could result in:

1. Soundness failures:

   • An invalid proof is considered valid by the network of operators, provided the error is not caused by a bug in an external proving system used by Aligned.
   • A proof that is not verified by the network is considered verified in Ethereum.
   • An invalid public input associated with a valid proof is considered valid.

2. Unauthorized fund access:

   • Unauthorized withdrawal of funds from the ServiceManager or the Batcher.

3. Unauthorized upgrades:

   • Unauthorized upgrades of the network contracts.

High Severity Finding

A High Severity Finding is defined as a high impact issue with High or Medium likelihood of exploitation, resulting in:

1. Fund-related issues:

   • Unauthorized spending of funds from the ServiceManager or the Batcher (without having control of the Batcher).
     • Example: Triggering a payment for valid Aligned services that the user did not request.

2. User fund access:

   • Locking users from withdrawing funds.

3. Denial of Service (DoS) in any component of the network, including the Batcher, Operators, or Aggregator:

   • Batcher: Consistently creating batches of proofs that are rejected by the operator network, blocking all batch finalizations.
   • Operator: Creating tasks that consume all system resources, preventing the operator from processing additional tasks.
   • Aggregator: Creating tasks that consume all system resources, preventing the Aggregator from processing additional tasks.

4. Overspending issues:

   • Forcing the Batcher or Aggregator to overspend above expected limits for proof or batch verification.

5. Payment bypass:

   • Bypassing payments when submitting proofs, either as:
     • A Client interacting with the Batcher.
     • The Batcher interacting with the ServiceManager.

6. Verifier-related issues:

   • Unauthorized pausing of verifiers.
   • Disabled verifier proofs being considered valid by the operator network.

• Any lower likelihood of the above issues would be considered medium severity.

Documentation

• Documentation

Scope

• Repository: https://github.com/yetanotherco/aligned_layer/
• Commit: a0083e85434a8e1add2ded6b5b237c2b7114b3ac
• Total LOC: 49574
• Files:
  • aggregator/
  • batcher/
  • claim_contracts/
  • common/
  • config-files/
  • contracts/
  • core/
  • docker/
  • examples/
  • explorer/
  • metrics/
  • operator/
  • scripts/
  • telemetry_api/

Build Instructions

• Please note that any interaction with the code must be limited to the github and based on the instructions below.
• Build Instructions
• Basic POC

Out of scope

• Previous security reports
  • Fuzzing Labs
  • Least Authority
  • Consensys Diligence
  • Trail of Bits
• Expected behaviors such as trusted/untrusted roles and/or any accepted risks
  • Github Known Issues list

• Automated findings by Lightchaser
  • Aligned Report

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.