Datachain LCP-zkDCAP

Off-Chain (Private)

Audited on 2025/04/09

No active critical issues

Summary

This audit focused on the changes supporting the migration of SGX remote attestation from IAS to DCAP, as Intel is deprecating IAS support. Unlike the previous IAS-based implementation, DCAP attestation is verified through Risc0 zkVM technology, with the resulting ZK proof validated on-chain by the `LCPClientZKDCAP` contract. We found the code to be well-written, and the team has provided sufficient documentation. However, there is still room for improvement in the testing. Overall, we believe the implementation is solid, with most of our findings being minor. We recommend the team address all identified issues and follow the provided suggestions. **Fix Review Update:** The team fixed all issues and implemented most suggestions.

Project

Datachain

Multi-Chain

	Low	Medium	High	Critical	Total
Not fixed	-	-	-	-	0
Fixed	6	1	-	-	7
Total	6	1	0	0	7

Contracts (5)

#	File Name
1	crates/zkvm/risc0/guest/src/bin/main.rs
2	crates/types/src/*/.rs
3	crates/quote-verifier/src/*/.rs
4	lcp-solidity/contracts/*
5	crates/zkvm/risc0/src/*.rs

#	File Name
1	crates/zkvm/risc0/guest/src/bin/main.rs
2	crates/types/src/*/.rs
3	crates/quote-verifier/src/*/.rs
4	lcp-solidity/contracts/*
5	crates/zkvm/risc0/src/*.rs

Datachain LCP-zkDCAP

Summary

Issues (7)

Contracts (5)