Assessment reportsPublic findings
Back to Zellic site
Assessment reports>IBC Eureka>Threat Model>Component: sp1-programs
GeneralOverview
Findings
Critical (3)
High (1)
Informational (1)
DiscussionCentralization risks and trust assumptionsOne app could be registered with multiple ports
Threat ModelComponent: cs-ics08-wasm-ethComponent: sp1-programsComponent: SP1ICS07TendermintComponent: ICS20TransferComponent: ICS26RouterComponent: EurekaHandler
Audit ResultsAssessment Results

Component: sp1-programs

Description

The SP1 programs are used to create proofs for the update, misbehavior, and membership functionality. The proofs are later used by the SP1ICS07Tendermint contract, which verifies them and performs certain actions. There are four different proof generators, and the verification of all of them is handled by the ibc_client_tendermint module.

The operator calls generate_proof in sp1-ics07-tendermint-prover for each of these four different proofs, which generates the proofs, and the returned output is either written to a file or printed to stdout.

Invariants

  • The proof generation must fail if the verification fails. For example, in case of updating the client, the function update_client calls the verify_header function, which verifies the proposed header.

  • Similarly, proof generation must fail if the verification of membership or misbehavior fails.

Test coverage

Cases covered

  • The end-to-end tests cover the proof generation for misbehaviour, membership, update_client, and the update_client and membership proof types.

Cases not covered

  • N/A.

Attack surface

The verification is handled by the ibc_client_tendermint module, hence the attack surface is minimized. We verified if any of the crucial variables remain unverified and did not find any such unverified variables.

Zellic © 2025Back to top ↑