Security Review of Ethereum Beacon Clients

The beacon chain is the backbone of the Ethereum's evolution towards a proof-of-stake-based scalable network. Beacon clients are the applications implementing the services required to operate the beacon chain, namely validators, beacon nodes, and slashers. Security defects in beacon clients could lead to loss of funds, consensus rules violation, network congestion, and other inconveniences. We reported more than 35 issues to the beacon client developers, including various security improvements, specification inconsistencies, missing security checks, exposure to known vulnerabilities. None of our findings appears to be high-severity. We covered the four main beacon clients, namely Lighthouse (Rust), Nimbus (Nim), Prysm (Go), and Teku (Java). We looked for bugs in the logic and implementation of the new security-critical components (BLS signatures, slashing, networking protocols, and API) over a 3-month project that followed a preliminary analysis of BLS signatures code. We focused on Lighthouse and Prysm, the most popular clients, and thus the highest-value targets. Furthermore, we identify protocol-level issues, including replay attacks and incomplete forward secrecy. In addition, we reviewed the network fingerprints of beacon clients, discussing the information obtainable from passive and active searches, and we analyzed the supply chain risk related to third-party dependencies, providing indicators and recommendations to reduce the risk of backdoors and unpatchable vulnerabilities. Our results suggest that despite intense scrutiny by security auditors and independent researchers, the complexity and constant evolution of a platform like Ethereum requires regular expert review and thorough SSDLC practices.