Blossom Network Upgrade and Wallet Security Audits

Three separate audit reports of Electric Coin Company software have been completed. The first two target the Zcash Improvement Proposals (ZIPs) for the Blossom network upgrade, scheduled for activation this fall. The other targets the mobile reference wallet SDK. 

Blossom

We engaged Coinspect and NCC Group to perform security assessments of the original ZIPs that formed the Blossom (NU2) network upgrade. The improvements under investigation were: “Split Founders’ Reward” (ZIP 207) and “Shorter Block Target Spacing” (ZIP 208).

We interpret from these reports that both vendors reached similar conclusions about the security of decreased block spacing. In Zcash, a transaction is currently considered finalized with 10 or more confirmations. These reports show that effective finality can be achieved with the same level of safety sooner for a given mined transaction but not with linear improvement. The decreased time to finality and network throughput would be improved by this change at the cost of increasing minimum system requirements to verify all transactions. This feature will progress to implementation.

Subsequent to this security audit, but based primarily on other factors, we have decided to drop support for ZIP 207 and not implement it in the Blossom upgrade, and we have no plans to implement it in the future.

For more details, see the full reports: 

Mobile Wallet

The reference wallet SDK architecture underwent a point-in-time external security assessment using the testing services of Bishop Fox. Since the reference wallet software is not yet ready for production use, the assessment was limited in time and scope to architectural issues and a brief implementation review.

The findings indicated that we needed better vulnerability detection in our upstream dependencies for the SDK, which has now been added. The connection between SDK and lightwalletd still needs encryption and authentication for production deployments.

The intended deployment of this software is such that integrators will likely need to figure out how to secure those connections for their production uses. To support ecosystem security, we will be pursuing research on some options to suggest to implementers.

For more details, see the full report.