Description

The vigilante's btcslasher component is used to construct and broadcast slashing transactions to Bitcoin. These slashing transactions are intended to be used to punish finality providers (and their delegators) for equivocating or selective slashing.

In the vigilante, there is a TODO comment in the sendSlashingTx() function that states the intention to implement a confirmation check on the slashing transaction. This check would ensure that the slashing transaction is included into the Bitcoin canonical chain.

Without this check, if a reorg occurs at the right time, the slashing transaction would not be included in the canonical chain. This would allow a malicious finality provider (and their delegators) to avoid being slashed.

Impact

Note that the vigilante is currently not being used. It is a component that will be used in the future during Phase 2, when the Babylon mainnet launches.

Since triggering a reorg at will is a costly endeavor, we concluded that the likelihood of this issue being exploited is low. However, since slash avoidance is a critical-severity issue, we chose high impact.

Recommendations

Add a check to sendSlashingTx() that waits for an appropriate amount of blocks to confirm the transaction. If a reorg occurs in this time, the function should rebroadcast the transaction. This process should be repeated until the transaction is confirmed.

Remediation

Tracked by https://github.com/babylonchain/vigilante/issues/229↗.