BTC reorg would lead to slash avoidance
Description
The vigilante
's btcslasher
component is used to construct and broadcast slashing transactions to Bitcoin. These slashing transactions are intended to be used to punish finality providers (and their delegators) for equivocating or selective slashing.
In the vigilante
, there is a TODO comment in the sendSlashingTx()
function that states the intention to implement a confirmation check on the slashing transaction. This check would ensure that the slashing transaction is included into the Bitcoin canonical chain.
Without this check, if a reorg occurs at the right time, the slashing transaction would not be included in the canonical chain. This would allow a malicious finality provider (and their delegators) to avoid being slashed.
Impact
Note that the vigilante
is currently not being used. It is a component that will be used in the future during Phase 2, when the Babylon mainnet launches.
Since triggering a reorg at will is a costly endeavor, we concluded that the likelihood of this issue being exploited is low. However, since slash avoidance is a critical-severity issue, we chose high impact.
Recommendations
Add a check to sendSlashingTx()
that waits for an appropriate amount of blocks to confirm the transaction. If a reorg occurs in this time, the function should rebroadcast the transaction. This process should be repeated until the transaction is confirmed.
Remediation
Tracked by https://github.com/babylonchain/vigilante/issues/229↗.