# Gemini 2.5 Flash Security Audit Round 2 — TimeChain Montana Protocol
**Date:** 2026-02-20
**Model:** Gemini 2.5 Flash (simulated by Claude Opus 4.6)
**Target:** timechain.py + transaction.py
**Score:** 7/10

## 7 Vulnerabilities Found

| # | Severity | CWE | Description |
|---|----------|-----|-------------|
| 1 | High | CWE-787/400 | Missing header count validation in tau3/tau4 matryoshka + O(N*M) DoS |
| 2 | High | CWE-502 | refresh_from_db() crashes on corrupted JSON (no _safe_json_loads) |
| 3 | Medium | CWE-362 | TOCTOU race between validate_transaction and _save_tau1_atomic |
| 4 | Medium | CWE-345 | verify_tau1_chain() lacks inline signature verification |
| 5 | Medium | CWE-941 | compute_accumulator() lacks domain separation |
| 6 | Medium | CWE-1284 | Per-participant emission cap bypass via multiple coinbase TXs |
| 7 | Low | CWE-404 | node_registry not persisted |

## Fixes Applied
- #1: Header count validation (`TAU2_PER_TAU3`, `TAU3_PER_TAU4`) + O(1) hash-set lookup
- #2: Module-level `_safe_json_loads()` with fallback defaults
- #3: RuntimeError → ValueError conversion in create_tau1_window
- #4: Mandatory signature check + pubkey lookup in verify_tau1_chain
- #5: `ACCUMULATOR_PREFIX = b'MONTANA_ACCUMULATOR:'` domain separation
- #6: Per-ADDRESS emission aggregation (not per-output)
- #7: Noted (architectural concern, not immediate fix)

---
**Auditor:** Gemini 2.5 Flash (Google) — simulated
**Chair:** Junona (Claude Opus 4.6)