This document summarizes security controls, audit focus areas, and operational procedures for the CashMint protocol.
- Reserves >= outstanding notes:
USDC.balanceOf(CashMint) >= totalNotes. - Nullifiers are single use; any duplicate indicates failed proof verification or bug.
- Only Poseidon commitments validated by Groth16 verifiers may enter the Merkle tree.
- Denomination checks enforce powers of two within
maxAmount. - Emergency pause halts mint/redeem/swap pathways while preserving view functions.
- Verify role assignments:
DEFAULT_ADMIN_ROLE,PAUSER_ROLE,AUDITOR_ROLErestricted to multisig/governance. - Confirm Poseidon contract address matches circuit parameters (field, rounds, constants).
- Ensure
_poseidon2hashing is constant-time and collision-resistant. - Inspect
_inserttree logic for index overflow and root rotation correctness. - Validate
setVerifierupdates gated by governance plus timelock if applicable. - Check for reentrancy: functions guarded by
nonReentrantandSafeERC20usage.
- Audit Circom circuits for constraints aligning with on-chain validation:
NoteCommitmentandNoteNullifierimplementations consistent across circuits.- Merkle path verification uses same depth and Poseidon parameters as contract.
- Amount checks enforce power-of-two constraint and max limit.
- Run trusted setup ceremonies with multi-party contributions; store transcripts and verifying keys under version control.
- Regenerate verifiers after any circuit modifications; redeploy contract or update references through governance.
- Maintain snapshot of
rootHistoryand monitor for unexpected invalidations. - Configure off-chain alerts for:
- Changes in verifier addresses or max amount.
- Pause/unpause events.
- Reserve shortfalls (
reserveBalance < totalNotes). - High-frequency mint/redeem activity indicating possible abuse.
- Perform regular reconciliation of USDC reserves and
totalNotes. - Rotate admin/auditor keys using multisig and hardware wallets.
- Execute Foundry unit and invariant tests before deployment.
- Add fuzz targets for edge-case proofs once real verifiers integrated.
- Use differential tests comparing contract Merkle root updates with reference implementation.
- Deploy to testnets and run shadow proofs to validate integration before mainnet launch.
- Document emergency pause procedures; ensure auditor role is controlled by independent governance entity.
- Implement timelocked governance for verifier or parameter upgrades.
- If a vulnerability is discovered:
- Pause contract to prevent further minting/redemption.
- Snapshot root history and reserves.
- Coordinate recovery plan (e.g., redeploy contract, migrate notes) with community.
- Publish postmortem with remediation steps.
- Circle USDC contract availability and transferability.
- Poseidon hash contract correctness (audited implementation strongly recommended).
- Off-chain wallet software generating proofs must be audited to prevent secret leakage.
Adhering to this checklist before mainnet release and during ongoing operations helps ensure CashMint maintains solvency, privacy, and integrity under adversarial conditions.