A suite of scaling solutions providing environments with high-throughput, low-cost smart contracts, backed by industry-leading proving technology rooted in Ethereum.
Platform: Code4rena
Start Date: 03/08/2023
End Date: 10/08/2023
Period: 7 days
Status: Completed
Pot Size: $90,500 USDC
Participants: 36
Reporter: liveactionllama
Judge: 0xean
Id: 273
League: ETH
MiloTruck | 1/36 | $15,482.70 | 5 | 1 | 0 | 3 | 0 | Grade A | 0 | 0 |
dirk_y | 2/36 | $9,842.64 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 0 |
Daniel526 | 3/36 | $9,842.64 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 0 |
HE1M | 4/36 | $8,545.95 | 3 | 1 | 0 | 1 | 0 | Grade A | 0 | 0 |
KingNFT | 5/36 | $8,194.00 | 2 | 1 | 0 | 1 | 0 | 0 | 0 | 0 |
AkshaySrivastav | 6/36 | $4,429.19 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
hals | 7/36 | $2,457.24 | 3 | 0 | 0 | 1 | 0 | Grade B | 0 | Grade A |
ktg | 8/36 | $2,145.77 | 2 | 0 | 0 | 1 | 0 | Grade A | 0 | 0 |
Kow | 9/36 | $1,379.86 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
0xTheC0der | 10/36 | $1,379.86 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
Auditor per page
IMPORTANT NOTE: Prior to receiving payment from this audit you MUST become a Certified Contributor (successfully complete KYC). You do not have to become certified before submitting bugs. But you must successfully complete the certification process within 30 days of the audit end date in order to receive awards. This applies to all audit participants including wardens, teams, bot crews, judges, lookouts, and scouts.
For the Gas award pool the only concern is for gas usage related to voting, this does not include executing the proposal and the rest of its lifecycle since these are one-off operations.
Automated findings output for the audit can be found here within 24 hours of audit opening.
Note for C4 wardens: Anything included in the automated findings output is considered a publicly known issue and is ineligible for awards.
Arbitrum is a suite of scaling solutions providing environments with high-throughput, low-cost smart contracts, backed by industry-leading proving technology rooted in Ethereum. The Arbitrum DAO governs the Arbitrum One and Nova chains. The Security Council is responsible for making emergency response decisions when the community needs to address a critical security risk to the protocol. They are a 12 member council from independent organisations that hold the ability to conduct emergency actions to the Arbitrum chains. The 12 member council is separated into 2 cohorts which are elected alternatively every 6 months.
The codebase includes the subsystem of Arbitrum Governance that allows these cohorts to be managed and elected through an on-chain suite of smart contracts written in Solidity.
A summary of the statement of project can be found in the Arbitrum Governance forums.
As explained in the post, the Arbitrum Constitution already specifies the behaviour of the elections, it should be considered a bug if the implementation deviates from the Constitution in a way not documented in the forum statement above.
The elections share the same timelocks as the core governance flow.
They also use the Governance Action Contracts both in activation and in the ongoing flow.
Throughout the codebase, language of “contenders”, “nominees” and “members” is used:
In-depth documentation on the system can also be found in Security Council Manager as a source of truth , Security Council Election and Membership Management and Nominee vetting guidelines.
A technical deep dive session will be hosted on Twitter Spaces on Friday August 4th.
You can also join Arbitrum's discord server to learn more and join the on-going discussions.
List all files in scope in the table below (along with hyperlinks) -- and feel free to add notes here to emphasize areas of focus.
For line of code counts, we recommend using cloc.
All referenced code is frozen at commit hash c18de53820c505fc459f766c1b224810eaeaabc5.
| Contract | SLOC | Purpose |
|---|---|---|
| SecurityCouncilManager.sol | 326 | The source of true for the current state of all security councils. Initiates updates across chains, looks to the UpgradeExecRouteBuilder to build the payload for it. |
| SecurityCouncilNomineeElectionGovernor.sol | 298 | Delegates vote to select a short list of nominees from a long list of contenders. Introduces a vetting period to allow a trusted party to exclude/include contenders |
| SecurityCouncilNomineeElectionGovernorCountingUpgradeable.sol | 110 | counting module for the nominee governor |
| SecurityCouncilNomineeElectionGovernorTiming.sol | 67 | Timing functionality for the nominee election governor |
| SecurityCouncilMemberElectionGovernor.sol | 153 | Delegates vote for 6 candidates from the short list |
| SecurityCouncilMemberElectionGovernorCountingUpgradeable.sol | 186 | counting module for the member election governor |
| SecurityCouncilMemberRemovalGovernor.sol | 193 | Delegates vote to remove a candidate from the existing security council |
| ArbitrumGovernorVotesQuorumFractionUpgradeable.sol | 27 | Base functionality for counting only “votable” tokens |
| ElectionGovernor.sol | 34 | Shared functionality for election governors |
| UpgradeExecRouteBuilder.sol | 131 | Builds routes to target the upgrade executors on each chain |
| SecurityCouncilMemberSyncAction.sol | 95 | Action contract to update the members of the gnosis safe |
| SecurityCouncilMgmtUtils.sol | 30 | Shared array utils |
| Common.sol | 13 | Shared common data structures |
| L2SecurityCouncilMgmtFactory.sol | 197 | Deploys election contracts |
| GovernanceChainSCMgmtActivationAction.sol | 118 | Activates elections on Arbitrum One |
| L1SCMgmtActivationAction.sol | 52 | Activates elections on L1 Ethereum |
| NonGovernanceChainSCMgmtActivationAction.sol | 37 | Activates elections on Arbitrum Nova |
| SecurityCouncilMgmtUpgradeLib.sol | 79 | Shared utilities |
| KeyValueStore.sol | 19 | Stores values against a key (useful for external storage to avoid Actions from using state) |
| ActionExecutionRecord.sol | 19 | Stores a record that the action executed. |
There are multiple other contracts in the repo that correspond to the rest of Arbitrum's governance system. Those contracts are out of scope for the competition but are eligible for the Immunify bug bounty program.
- If you have a public code repo, please share it here: https://github.com/ArbitrumFoundation/governance - How many contracts are in scope?: 20 - Total SLoC for these contracts?: 2184 - How many external imports are there?: 16 - How many separate interfaces and struct definitions are there for the contracts within scope?: 13 - Does most of your code generally use composition or inheritance?: Inheritance - How many external calls?: 8 - What is the overall line coverage percentage provided by your tests?: 94% - Is this an upgrade of an existing system?: No - Check all that apply (e.g. timelock, NFT, AMM, ERC20, rollups, etc.): Timelock function, Use rollups, Multi-Chain, ERC-20 Token - Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?: Yes. - Please describe required context: They must understand the governance lifecycle flow of Arbitrum. They dont need in-depth knowledge, but a high level understanding. - Does it use an oracle?: No - Describe any novel or unique curve logic or mathematical models your code uses: None - Is this either a fork of or an alternate implementation of another project?: No - Does it use a side-chain?: No - Describe any specific areas you would like addressed: Read "Areas of concern" above - In the event of a DOS, could you outline a minimum duration after which you would consider a finding valid?: Any scenario where a malicious actor disrupts the system long enough to compromise the integrity of the elections. - Can you specify on which blockchains your smart contracts will be deployed?: Ethereum and Arbitrum. The timelocks have code associated with them to handle crosschain messages
To run the Security Council Election tests
git clone https://github.com/code-423n4/2023-08-arbitrum git submodule update --init --recursive cd governance foundryup make install make build make sc-election-test
To run code coverage
make coverage
To run gas benchmarks
make gas