Lelantus Spark Code Audit Proposal by HashCloak by mikerahq

Goal: 19504 FIRO ($53831.04) Core
Proposal Seeking funding

Lelantus Spark is the next generation Lelantus protocol, jointly designed by Aram Jivanyan and Aaron Feickert. It improves upon the current Lelantus protocol by providing recipient privacy, fined selective disclosure and other user friendly improvements. Further, the authors have provided more formal security arguments, ensuring more confidence in the Lelantus Spark construction.

HashCloak has previously completed a cryptographic audit of the Lelantus Protocol. You can read the report here. Since then, the Firo team has been working on an implementation. This implementation is soon to be ready for an audit. As we audited the paper, we feel that we are in the best position to provide a code audit for the Firo ecosystem on their next generation privacy protocol.

About Us

HashCloak Inc is a R&D lab and consultancy focused on privacy, anonymity and scalability for blockchains and cryptocurrencies. Founded in 2019, the Toronto-based team is well-known for working on state of the art Ethereum projects such as Ethereum 2.0, Shyft Network and Althea, for pioneering optimistic rollups and bringing forth the first empirical analysis of Ethereum’s privacy guarantees and applications. Recent projects such as Meson, a mix network project, and an SoK on universal SNARKs, delved into areas such as Multi-Party Computation (MPC), anonymous networking, Private Information Retrieval (PIR), zero-knowledge proofs and the intersection of cryptography, game theory and finance.

Auditors

Mikerah Quintyne-Collins is an independent researcher and founder and CEO of HashCloak, a blockchain privacy R&D startup with a global team. Her research focuses on networking, validator privacy, and optimistic rollups. She organized Scaling Ethereum, a research workshop bringing together top Ethereum researchers to work on Ethereum’s most pressing scalability problems. Currently, she’s focused on privacy for blockchains, specifically mixers and mix networks for cryptocurrency transactions. Previously, she was part of the ChainSafe Systems team working on ETH2.0, namely the Lodestar Typescript client. She was awarded a Vitalik YOLO grant for her work on ETH2.0.

Manish Kumar is a Cryptography Security Researcher and Engineer at HashCloak. His broad area of research is in the field of Blockchain and Cryptography. Currently, his research focus is on the specific area of cryptography known as zero-knowledge proofs. Previously, he was a research intern at Persistence One where he was actively involved in research about blockchain technology.

Onur Inanc Dogryuol is a Cryptography Security Researcher and Engineer at HashCloak. His background is in Math and Cryptography. His reserach focus is in building and designing STARK-friendly cryptographic primitives. He is also a Cairo and Circom developer. Previously, he was a lead cryptography engineer at ZigZag Exchange, a STARK-powered exchange in the Starknet ecosystem, in he conducted research in using zero-knowledge proofs to build a scalable and privacy-preserving DEX.

Costs and Milestones

The overall costs of the audit will be $80K USD. We have added a 10% volatility insurance in Firo so, the total cost is $88K USD. As per our previous arrangement with the Firo team, we will be paid in a USD-denominated stablecoin. If there is a surplus of donations to this proposal, the surplus will be donated to the general Firo fund to increase their runway for important Firo-related work. As such, the Firo address posted is in order to meet the posting requirements on the FCS and any donations made to it will be going to the Core Firo team.

We propose the following payment schedule:

Milestone Tasks Week Fees
1
  1. Review the following documents:
    1. Lelantus Spark Audit Report
    2. Lelantus Spark
    Any documents that we feel that is relevant will be read as well.
  2. Start fuzzing using Honggfuzz and AFL++ using regtest testnet data
  3. Identify key areas of concern for the codebase
1-2 $32K
2
  • Start manual analysis with emphasis on the areas of concern brought up during the first week of the audit
  • Automated analysis using C++ static analysis tools for discovering new areas of concern
  • Delivery of initial report
2-4 $32K
3
  • Working with the Firo developers on rectifying any issues that may have arisen during the audit
  • Update the audit report
5-6 $16K
Total $80K

We expect the audit to take 4 weeks for the initial delivery of the report and 1 to 2 weeks for verifying and assisting the authors in rectifying issues.

The start date for the audit is flexible depending on when the Firo community would like the audit done.

Events
  • Proposal created 2022-09-16 06:05
  • Discourse topic post error; check application logs 2022-09-16 06:05
  • Status changed from 'idea' to 'Funding Required' 2022-09-16 07:26
  • Donation address generated 2022-09-16 07:26
  • Discourse topic post error; check application logs 2022-09-16 07:26
  • Funding target changed from '23783.783 FIRO' to '19504.0 FIRO' 2022-09-16 07:30
  • Discourse topic post error; check application logs 2022-09-16 07:30
Meta
firo
11 individual contribution(s) Details...

17430.21631909 FIRO Raised (2073.78368091 FIRO remaining)

0 FIRO Paid out (0.0%)

17430.21631909 FIRO Available for payout :-)

Donate

qr
a8w9D3eHxmWWgAAu6kga1jL5qkrYJAExz1
Transactions

  • Amount: 10.0 FIRO
  • TXID: beed79fa1c3584ec9398b68183c1656449e72db5f19fda298df05c6b7a16fac3
  • Blockheight: 542750
  • Confirmations: 3361

  • Amount: 113.12473168 FIRO
  • TXID: b5ec4ce7339beeb8589890863bbae35980763b7c127eb715b6904b6218d65dc3
  • Blockheight: 541231
  • Confirmations: 4880

  • Amount: 11.24997271 FIRO
  • TXID: 87480a6d2857d9aeff3a9cdc0bc768506c5027c02008822c77adb82f81373c5a
  • Blockheight: 541050
  • Confirmations: 5061

  • Amount: 112.49973076 FIRO
  • TXID: 066bf07f3f691b3b01fada41a6a292cd12beba02dd8466af93047293f99887a1
  • Blockheight: 541031
  • Confirmations: 5080

  • Amount: 34.37491792 FIRO
  • TXID: 03a968947203d88f2fb20d285c44bb7b46c148534f1005b2d1bc694a12a84847
  • Blockheight: 540853
  • Confirmations: 5258

  • Amount: 314.9992481 FIRO
  • TXID: 02717deb579d7d44a86cebf04ae2cf9e5a3986d9b8cab67d998f715012768dff
  • Blockheight: 540797
  • Confirmations: 5314

  • Amount: 493.96746158 FIRO
  • TXID: f6cbe9439e8086e997c337f9b55f724c1ead755ac77c15095a1bcb9069a55e2b
  • Blockheight: 540300
  • Confirmations: 5811

  • Amount: 5000.00006385 FIRO
  • TXID: 2bb4ab8e3a1f1241f9e139371a782fedc3e4a935364c95a8ca8bbb3d0e2ffaab
  • Blockheight: 540297
  • Confirmations: 5814

  • Amount: 5000.00019249 FIRO
  • TXID: f72223ea103a1b4aa785d0101fdc7b56f25d54c1ea6a990b22d44d511412f689
  • Blockheight: 540296
  • Confirmations: 5815

  • Amount: 2590.0 FIRO
  • TXID: d0cd12d3c71a2207c5b64de7ac4fab50ad043ea8064e501ca5ecf0e7114ebb77
  • Blockheight: 540295
  • Confirmations: 5816

  • Amount: 3750.0 FIRO
  • TXID: e099082e6220edd009adab3dff0ff27e8d8ae21e40e77f687f6d2e3cc2f61b8d
  • Blockheight: 539196
  • Confirmations: 6915