Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Babylon Genesis Chain>Discussion>Panic handling in ABCI++ handlers
GeneralOverview
Findings
Critical (10)
High (4)
Medium (4)
Low (7)
Informational (7)
DiscussionBabylon node module-wise reviewed parametersDependency management and vulnerability assessmentPanic handling in ABCI++ handlersBehavior of MissedBlocksCounter on consecutive windows
DesignModule: btclightclientModule: btccheckpointModule: checkpointingModule: epochingModule: finalityModule: incentiveModule: monitorModule: mintModule: btcstakingbtc-stakerstaking-expiry-checkerbtc-staking-tsVigilante reporterVigilante submitterVigilante monitor (BTC timestamping monitor)Vigilante BTC staking trackerCryptographyFinality providerCovenant emulatorModule: staking-queue-clientstaking-api-servicebabylon-staking-indexersimple-staking
Audit ResultsAssessment Results
AddendumAddendumNonce reuse in adaptor signatures allows recovering signing key testsKey recovery succeeding on output from a btc-delegations query test

Panic handling in ABCI++ handlers

During the audit process, we examined the use of panic statements within ABCI++ handlers such as BeginBlock and EndBlock. Panic statements were employed in various error-handling procedures; however, this is not typically considered a best practice in Cosmos SDK--based chains. The reason is that, in the case of ABCI++ handlers, panic statements are not recovered. Consequently, when a panic statement is executed, the node process terminates, which can lead to the entire chain being halted. This is viewed as another potential DOS vector.

However, the Babylon team is aware of this and has clarified that the use of panic statements within ABCI++ handlers is intentional. In most of the node code, the Babylon team prefers to fail fast rather than continue operating in an incorrect state. Therefore, if the Babylon team's assumptions are violated or the data model is incorrect, a panic is triggered.

Zellic © 2025Back to top ↑