Mainnet Milestone: Phoenix Audit

We are pleased to share the findings from the Phoenix audit, performed by experienced engineer Jules de Smit.

Jules has worked at important privacy-oriented protocols with experience in applied cryptography, Rust, and smart contract development. Jules currently works as an Applied Cryptographer at Matter Labs/ZK Sync, and has previously worked at Aleo, Scroll, and Dusk. He actually committed the first line of code to the Dusk codebase, so not only comes with years of experience in engineering and applied cryptography but is also well-acquainted with Dusk and our mission.

Phoenix is Dusk’s privacy-preserving transaction model, designed to facilitate confidential on-chain transactions. By leveraging zero-knowledge cryptography, it protects user data while maintaining compliance with regulatory requirements, making it ideal for institutional use-cases.

The Process

We contracted Jules due to his experience, both in applied cryptography and blockchain, and his familiarity with the Dusk protocol.

He reviewed Phoenix for:
1 - The correctness of the implementation regarding the specification of Phoenix
2 - Security vulnerabilities in the code

His goal was to ensure that Phoenix works as intended and the reality matched the blueprints, and to look for any issues in the code.

It was a thorough and detailed audit, with useful findings and improvements being found and implemented.

The Report

Phoenix was found to be “well-specified, and the code well-documented” and “from a static analysis perspective, the respective codebases have a clean bill of health”. The report also uncovered some valuable fixes and optimizations which the Dusk team implemented and/or responded to.

We are thankful to Jules for his thorough audit of Phoenix.

You can read the full reports here: Phoenix

You can find the Audit repository on Github. We will add reports here as they become available.