efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
montana/Русский/Совет/OpenAI/GPT5.2_TimeChain_Audit_2026-02-20.md

2.6 KiB
Raw Permalink Blame History

GPT-5.2 Security Audit — TimeChain Montana Protocol

Date: 2026-02-20 Model: GPT-5.2 (gpt-5.2) Target: timechain.py (1567 lines) Score: 1/10

TOP-5 Most Dangerous Attacks

  1. ML-DSA-65 signatures not verified during window acceptance — forge blocks, rewrite history
  2. Double-spend through non-atomic UTXO ↔ window operations — crash between apply and save
  3. Free re-emission through crash between add_outputs and time_bank_spent save
  4. Emission manipulation via float/NaN halving_coefficient + no global limit
  5. Head/state substitution through chain_state without connectivity verification

All 14 Vulnerabilities

# Severity CWE Description
1 Critical CWE-347 ML-DSA-65 signatures not verified anywhere during creation/acceptance
2 Critical CWE-362 Double-spend from non-atomic UTXO ↔ window operations
3 Critical CWE-354/682 Accumulator circular dependency (chain_accumulator in window_hash)
4 High/Critical CWE-20 Timestamp manipulation — MAX_TIMESTAMP_DRIFT_NS/MIN_TAU1_GAP_NS not enforced
5 Critical CWE-345 No chain connectivity verification on startup
6 Critical CWE-353 SQLite integrity_check doesn't protect against malicious edits
7 High CWE-295/345 register_node() without trust model
8 Medium/High CWE-20/347 Merkle tree lacks domain separation
9 Critical CWE-681/20 Emission: no global limit, float coefficient (NaN/inf)
10 Critical CWE-362/664 time_bank_spent updates non-atomic relative to save_tau2
11 High CWE-294/20 No replay protection for coinbase
12 High CWE-400 DoS via unlimited sizes (transactions, proofs, data_json)
13 Medium/High CWE-284/367 INSERT OR REPLACE in chain_state allows rollback/substitution
14 High CWE-682 Genesis accumulator logic inconsistency

Fixes Applied

All 14 vulnerabilities addressed in timechain.py rewrite:

  • Accumulator redesign: chain_accumulatorprev_accumulator (no circular dependency)
  • Atomic UTXO ↔ window operations (single SQLite transaction)
  • Timestamp validation (drift, monotonicity, minimum gap)
  • Emission safety (coefficient validation, total cap per τ₂)
  • Merkle domain separation (leaf/node prefixes, hex validation)
  • DoS limits (max transactions, proofs, coinbase per window)
  • Startup chain state verification
  • Strict signature verification (fail on unknown nodes)
  • Coinbase replay protection (INSERT OR IGNORE + tracking)

Auditor: GPT-5.2 (OpenAI) Chair: Junona (Claude Opus 4.6)