๐ก๏ธSecurity & Audit
Last updated
Last updated
The Cosmos Millions Module has been audited by Oak Security prior to the launch of the protocol. The report has been published on May, 16th 2023. The issues found by the auditors have been successfully addressed.
You can read the full report below :
The approach used for the Draw Mechanism has some drawbacks and we are expecting members of the community to contribute in order to continuously improve on it.
Notably, one could argue that it is possible (even though very unlikely) to front-run the protocol by guessing the pseudo-random seed one or a few blocks ahead of a Pool Draw if some extreme circumstances are met (ex: no transaction in any of the blocks preceding the Draw).
In order to remove the incentive for anyone to guess the pseudo-random seed we've introduce a delay between Draws during which Deposits are not taken into account. This delay, which does not need to be large at all, is set to 5 minutes
(roughly 50-60 blocks) and render all front-running attacks virtually useless. Additional safety measures will be be taken in the next iterations.
We understand and acknowledge the significance of on-chain governance in the Cosmos ecosystem, and we are actively working towards supporting governance rights for Cosmos Millions depositors.
At the time of writing, depositors' deposits do not carry voting rights for the depositor, only Cosmos Millions validators remain capable of "accessing" this voting rights. Validator's votes will therefore be taken into account for Governance Proposals on the native chains.
This issue is notably faced by liquid staking protocols, and efforts are ongoing to solve it.
Additional rewards
Deposits in the protocol are not eligible to additional rewards (e.g. airdrop from new cosmos chains).
We expect these amounts to be significantly lower than the Prize Pools, it therefore does not seem to be an urgent issue to deal with at the moment.
We will however monitor the additional rewards' amount and assess the priority of creating a mechanism to distribute them according to Cosmos Millions philosophy (see finding 19 in the audit report).
Validators slashing
The audit recognizes this as a limitation and it is addressed by meticulously choosing validators that offer refunds in case of slashing events.
At any point, Validators on Cosmos Millions can be revoked or added via governance on the Lum Network. Users will have to manage their deposits manually as there is not yet an automated redelegation mechanism in place.
We intend to implement features to account for slashing in upcoming releases (see findings 1 and 2 in the audit report).