Prysm

Off-Chain (Private)

Audited on 2021/05/11

No active critical issues

Summary

Quantstamp has reviewed the whole codebase of the Prysm ETH 2.0 client implementation. We have found a number of issues spanning all severity levels. Some of the high severity issues were resolved before completion of the review. Overall the code is well-written. There are many ways, however, in which it can be improved to follow best practices. For example, code clones are relatively common. Furthermore, despite being mostly self-documenting, inline code documentation is lacking. We have no doubt that it would be useful for future contributors. Despite being accompanied by the official ETH 2.0 documentation, the implementation is very nuanced and complex. The code does not always follow the specification (or it is not clear that it does). We found a number of issues that span both the specification and the implementation. Although we aggregated some of them in the "Adherence to Specification" section, they are of utmost importance and we highly recommend addressing each and every of them as if they were actual vulnerabilities. Finally, many pieces of the code lack unit tests, and hence, relatively low coverage. We highly recommend adding meaningful unit tests and improving the coverage to maximize code quality. **Update:** the team addressed almost all of the findings. Mapping between issues and solutions is present in [PR#6327](https://github.com/prysmaticlabs/prysm/issues/6327).

Project

Prysm

Issues (58)

	Low	Medium	High	Critical	Total
Not fixed	13	3	1	-	17
Fixed	29	9	3	-	41
Total	42	12	4	0	58

Prysm

Summary

Issues (58)

Insecure gRPC connection by defaultnot_fixed/high

DDoS attack vector through creating a mapping between public keys and validators’ IPsnot_fixed/medium

Lack of unit testsnot_fixed/medium

Second pre-image attack on Merkle Treesnot_fixed/medium

Boot nodes availability and centralization risksnot_fixed/low

Contract (1)