Listener misconduct and market expectations are out of scope
The scope of this audit was defined as the PDPVerifier and SimplePDPService, plus associated dependency contracts. However, the PDPVerifier can be used with any listener, not just the SimplePDPService — the listener is freely specified by the proof-set owner. An external off-chain agent, defined as the market, is responsible for ensuring that the proof-set owner uses the PDPVerifier correctly.
This correctness includes obvious constraints like specifying a listener that is trusted by the market, but it also includes less obvious constraints like ensuring that there are no duplicate or spurious roots in the proof set, that only one proof set exists per root so that the owner cannot reroll the challenge seed with multiple proof sets, or that the listener cannot allow the proof-set owner to control the execution and reenter the PDPVerifier at any time. (Since that can lead to, for example, a modification or deletion of the root set in the middle of the listener logic.)
So, although these constraints were carefully documented, the documentation does not appear to be a complete formal enumeration of these constraints — complete such that any implementation that satisfies all of the constraints can be considered safe without a further audit. The threat surface of the overall system can only be characterized completely in an audit that includes the entire system.
Because of this, we strongly recommend an end-to-end audit that includes the market, the SimplePDPService and all other listeners the market may allow, and this PDPVerifier contract. Without this comprehensive audit, differences in the interpretation of responsibilities between smaller audits of individual components may cause issues like these to remain unfound.