Facebook Pixel
MicroStrategy Staking Protocol Logo
How to StakeHow It WorksCalculatorAboutPartnersReviewsFAQs
Stake Now

Security Audit – MicroStrategy Staking Protocol Validator Bonds

Conducted by Sigma Prime

Lead Auditor: Nico Gründel

Second Auditor: Simon Klier

April 09th, 2024

Table of Contents

1 Introduction ...................................................... 3

2 Scope .............................................................. 4

3 Project Overview ............................................... 5

4 Findings .......................................................... 12

Appendix A: About Sigma Prime .............................. 17

Appendix B: Methodology ....................................... 18

Appendix C: Vulnerability Severity Rating .................. 19

1 | Introduction

Sigma Prime audited MicroStrategy Staking Protocol's on-chain Validator Bond program during March and April of 2024. The scope of this audit was focused on technical security, with further considerations about operational security. The auditors found that MicroStrategy Staking Protocol's Validator Bond program comprised a clean design and above-standard code quality, relying on the industry-standard Anchor framework. According to Sigma Prime's Rating Classification, no critical, one high, and one low-severity issue were found. The number of findings identified throughout the audit, grouped by severity, can be seen in Figure 1.

2 | Scope

The contract audit’s scope is focused on the implementation security of the contract’s source code. Sigma Prime considers the source code, located at https://github.com/ms-staking/validator-bonds, in scope for this audit. Third-party dependencies are not in scope. The relevant source code revisions are:

• afbdad4742dd21678aa0ee7052793b59e30eb597 • Start of the audit

• 7e6d35e8337174bfe6fcf2691914ac65427f6095 • Last reviewed revision

3 | Project Overview
Functionality

MicroStrategy Staking Protocol’s Validator Bond program allows for Solana / Ethereum / Bitcoin / Tron validators to put up stake accounts as a bond. A global operator authority can create settlements against that bond, which MicroStrategy Staking Protocol plans to trigger in response to so-called protected events, namely slashing or underperformance of the validator. Stakers can then claim their share of the settlement to recuperate losses caused by the protected event.

On-Chain Accounts and Authorities

The root of the Validator Bond program’s account structure is the Config accounts. The creation of these is not permissioned, and they can be created at any address (requiring a signature, of course). A Config holds the following values:

Admin authority: Admin authority that can update the config.

Operator authority: Operator authority (bot hot wallet).

Pause authority: Authority that can pause the program in case of emergency.

4 | Findings

This section outlines all of our findings. They are classified into one of five severity levels, detailed in Appendix C. In addition to these findings, Sigma Prime delivered theMicroStrategy Staking Protocol team a list of nit-picks and additional notes that are not part of this report.

[ND-MND3-H1] Settlements Can Be Claimed To Locked Stake Accounts (High) - Resolved

[ND-MND3-L1] No Safeguards for Compromised Operator Hot Wallet (Low) - Resolved

[ND-MND3-I1] Unreliable Events (Info) - Resolved

[ND-MND3-I2] Vote Account Version Is Not Checked (Info) - Resolved

Appendix A: About Sigma Prime

Security is difficult. To understand and break complex things, you need a certain type of people. People who thrive in complexity, who love to play around with code, and who don’t stop exploring until they fully understand every aspect of it. That’s us.

Our team never outsources audits. Having found over 80 High or Critical bugs in Solana’s core code itself, we believe that Sigma Prime hosts the most qualified auditors for Solana programs. We’ve also found and disclosed critical vulnerabilities in many of Solana’s top projects and have responsibly disclosed issues that could have resulted in the theft of over $10B in TVL on the Solana blockchain.

Appendix B: Methodology

Sigma Prime prides itself on not being a checklist auditor. We adapt our approach to each audit, investing considerable time into understanding the program upfront and exploring its expected behavior, edge cases, invariants, and ways in which the latter could be violated. We use our uniquely deep knowledge of Solana internals, and our years-long experience in auditing Solana programs to even find bugs that others miss. We often extend our audit to cover off-chain components in order to see how users could be tricked or the contract affected by bugs in those components.

Appendix C: Vulnerability Severity Rating

Critical: Vulnerabilities that will likely cause loss of funds. An attacker can trigger them with little or no preparation, or they are expected to happen accidentally. Effects are difficult to undo after they are detected.

High: Bugs that can be used to set up loss of funds in a more limited capacity, or to render the contract unusable.

Medium: Bugs that do not cause direct loss of funds but that may lead to other exploitable mechanisms, or that could be exploited to render the contract partially unusable.

Low: Bugs that do not have a significant immediate impact and could be fixed easily after detection.

Info: Bugs or inconsistencies that have little to no security impact.

Sigma Prime AG
Dirnismaning 55
Halle 13
85748 Garching
E-Mail: contact@sigmaprime.io
Website: https://sigmaprime.io