DarkFi v0.3 Alpha Hardening Reset

Introducing DarkFi Testnet v0.3 Alpha Hardening Reset.

After a week of running DarkFi Testnet v0.3 alpha, we received our first protocol exploit reports, kindly submitted by our friends at P2Pool through an informal audit.

Here’s a detailed summary of the findings and fixes:

1. DAO proposal input reuse (Severity: High)

A holder of a DAO proposal creation key could reuse their holdings to surpass the proposer threshold when submitting a proposal.

Fix: We introduced an ephemeral input nullifier hash in the corresponding ZK proof to ensure that each input is unique, preventing double-counting of holdings.

2. Bypassing token authority frozen status (Severity: Medium)

Token authority in DarkFi proves ownership over a specific token ID for non-native tokens. It allows holders to mint tokens or freeze further minting for that token.

Previously, minting required two calls: first, proving authority over the token ID, and second, minting the actual tokens. The link between the two calls relied on the Poseidon hash preimage resistance. While not directly exploitable, possession of the blind used in the authority proof could allow bypassing the frozen status using an alternative authority proof.

Fix: We now strictly constrain the minted coin in both calls. The authority proof verifies that the minted coin in the mint call matches the token ID it derives. Any mismatch or attempt to mint a frozen token will fail, even if the blind is exposed.

Network reset

These two exploits, along with other minor fixes, are detailed in the DarkFi repo.

Since the protocol has changed, we’ve reset the network to test the new version cleanly, without technical debt from previous runs.

Node Operators:

• Remove previous node database artifacts.

• Update your nodes. The drk client will automatically reset to the new block sequence while preserving your generated keys.

• Deployed contracts must be redeployed.

The first version of DarkFi Testnet v0.3 alpha saw rapid adoption, with a hashrate reaching 154.30 KH/s and 10 anonymous smart contracts deployed before the reset.

DarkFi explorer main page

DarkFi explorer contracts page

DarkFi explorer stats page blocks per graph diagram

DarkFi explorer main page transactions per block diagram

Enter the Dark Forest, with more security!

While the reset marks the end of the first testnet iteration, it also demonstrates the value of open source development and public testing. The issues identified through community review were discovered early, responsibly reported, and promptly fixed, strengthening the protocol before wider deployment.

We would like to thank the P2Pool team for their audit and responsible disclosure, as well as everyone who participated by running nodes, mining blocks, deploying contracts, and providing feedback. Every finding, contribution, and test helps move DarkFi closer to a secure and resilient network.

Want to contribute? Join us.

About the release: This is the testnet code of the DarkFi network. It is being provided _as is_. We encourage everyone to try out the testnet and find bugs. Please send us feedback on IRC or via Codeberg. To be clear: no guarantee, representation or warranty is being made, express or implied, as to the safety or correctness of the testnet code. No assurances are given the testnet will work as intended and users may experience delays, failures, errors, omissions, financial loss or loss of transmitted information. By electing to use the testnet you are doing so at your own risk. Neither the authors and contributors to the testnet code nor any member of the DarkFi community shall be held responsible or liable in any manner. You hereby release them from all liability or responsibility for any loss of whatsoever due to the foregoing factors. We do not condone illegal or unethical behaviour. Nothing in this post should be construed as investment advice or legal advice. All testnet code is licensed under AGPL3.