Token-2022 Confidential
Detects Token-2022 confidential transfer vulnerabilities.
Token-2022 Confidential
Overview
The Token-2022 confidential transfer detector identifies security issues with confidential transfers, including missing zero-knowledge proof verification, state transition errors, insufficient encrypted balance validation, and range proof bypasses.
For remediation guidance, see Token-2022 Confidential Remediation.
Why This Is an Issue
Confidential transfers use zero-knowledge proofs to hide transaction amounts. If a program processes confidential transfer operations without verifying the accompanying ZK proofs, an attacker can submit invalid proofs to transfer arbitrary amounts, create tokens from nothing, or bypass balance checks. Missing proof verification completely breaks the security model.
How to Resolve
Before (Vulnerable)
// Vulnerable: processes confidential transfer without proof verification
pub fn process_confidential(ctx: Context<Confidential>) -> Result<()> {
let ciphertext = &ctx.accounts.source.confidential_transfer_account;
// No proof verification
update_balances(ctx.accounts, ciphertext)?;
Ok(())
}After (Fixed)
// Fixed: verify ZK proof before processing
pub fn process_confidential(ctx: Context<Confidential>, proof: &[u8]) -> Result<()> {
verify_range_proof(proof, &ctx.accounts.source.confidential_transfer_account)?;
verify_ciphertext_validity(proof)?;
update_balances(ctx.accounts, &ctx.accounts.source.confidential_transfer_account)?;
Ok(())
}Example JSON Finding
{
"detector": "token-2022-confidential",
"severity": "high",
"confidence": 0.7,
"message": "Confidential transfer operation without ZK proof verification",
"location": { "function": "process_confidential", "block": 0, "statement": 2 }
}Detection Methodology
- Confidential operation detection: Identifies CPI calls related to confidential transfers.
- Proof verification search: Checks for ZK proof verification operations.
- State transition analysis: Verifies proper state transitions in confidential accounts.
- Security awareness heuristic: If proof verification exists anywhere in the function, assumes developer awareness.
Limitations
False positives: Programs that delegate proof verification to the Token-2022 program via CPI. False negatives: Custom confidential transfer implementations.
Related Detectors
- Token-2022 Transfer Fee Bypass — transfer fee issues
- Token Extension Security — general extension security