During the development of the Penumbra protocol, Penumbra Labs had multiple audits performed covering:

• the cryptographic primitives used by the Penumbra protocol, audited by NCC Group in Summer 2022,
• the zero-knowledge circuits and protocol design, audited concurrently by zkSecurity and NCC Group in Summer 2023.

In 2024, we had four additional audits performed. The four additional audit reports we are sharing today are:

• An audit of Penumbra’s shielded pool, staking, and DEX components by Zellic
• An audit of Penumbra’s zero-knowledge circuits by Violet
• An additional audit of Penumbra’s zero-knowledge circuits by the Electric Coin Company
• An audit of Penumbra’s IBC (Inter-Blockchain Communication Protocol) implementation by Zellic

Zellic Application Audit

The application audit of the shielded pool, staking, and DEX components found 16 issues: 5 critical, 5 high, 3 medium, 2 low, and 1 informational finding.

The critical bugs included:

• incorrect handling of ICS-20 balances on timeouts,
• an issue with the handling of dummy spends that allowed minting of arbitrary funds,
• an issue with ICS-20 supply tracking,
• forgery of delegation tokens enabling an attacker to increase their voting power for governance actions, and
• colliding Position IDs that could enable an attacker to withdraw more reserves than initially provided to the chain.

All these bugs were remediated by the Penumbra Labs team except for the informational finding which was considered outside of the threat model.

You can read the full audit report here.

Violet Circuit Audit

Violet's circuit audit found 1 critical, 0 high, 0 medium, 0 low, and 3 informational findings. Violet uncovered a critical vulnerability that allowed attackers to claim their swap outputs at an incorrect clearing price. In Penumbra, swaps are batched and executed together once per block. Users claim the outputs of these swaps using BatchSwapOutputData, which contains the clearing prices for the swaps in that block. The bug allowed attackers to use BatchSwapOutputData from a different batch than the one in which their swap was executed. This bug was fixed by the Penumbra Labs team.

You can read the full audit report here.

Electric Coin Company Circuit Audit

After the completion of the first Zellic and Violet circuit audit as described above, for additional assurance, Penumbra Labs requested the Electric Coin Company (ECC) perform another audit of the circuits. ECC found 0 critical impact findings, 1 high impact finding, 2 low impact findings, 1 informational finding, and 2 findings of undetermined severity. The high impact finding related only to the design of a future version of Penumbra that integrated flow encryption and so no change was made for the initial mainnet release of Penumbra. The findings of undetermined severity referred to incomplete documentation, addressed in https://github.com/penumbra-zone/penumbra/pull/4485.

You can read the full audit report here.

Zellic IBC Audit

Penumbra Labs had Zellic also audit the Penumbra IBC crates. They found 0 critical, 3 high, 3 medium, 1 low impact, and 4 informational findings. Of the high severity issues, Zellic found bugs with ICS-20 timeout handling on ordered channels, upgrade handling, and overly permissive handshakes. The Penumbra Labs team has fixed each issue reported by Zellic. These changes will be shipped as part of a chain upgrade in the coming week.

You can read the full audit report here.

We thank all the audit teams for their assurance work to improve the security of the Penumbra protocol. If you find any issues with the Penumbra protocol, we welcome reports at security@penumbralabs.xyz.