Skip to main content
Sigvex

Token-2022 Confidential

Detects Token-2022 confidential transfer vulnerabilities.

Token-2022 Confidential

Overview

The Token-2022 confidential transfer detector identifies security issues with confidential transfers, including missing zero-knowledge proof verification, state transition errors, insufficient encrypted balance validation, and range proof bypasses.

For remediation guidance, see Token-2022 Confidential Remediation.

Why This Is an Issue

Confidential transfers use zero-knowledge proofs to hide transaction amounts. If a program processes confidential transfer operations without verifying the accompanying ZK proofs, an attacker can submit invalid proofs to transfer arbitrary amounts, create tokens from nothing, or bypass balance checks. Missing proof verification completely breaks the security model.

How to Resolve

Before (Vulnerable)

// Vulnerable: processes confidential transfer without proof verification
pub fn process_confidential(ctx: Context<Confidential>) -> Result<()> {
    let ciphertext = &ctx.accounts.source.confidential_transfer_account;
    // No proof verification
    update_balances(ctx.accounts, ciphertext)?;
    Ok(())
}

After (Fixed)

// Fixed: verify ZK proof before processing
pub fn process_confidential(ctx: Context<Confidential>, proof: &[u8]) -> Result<()> {
    verify_range_proof(proof, &ctx.accounts.source.confidential_transfer_account)?;
    verify_ciphertext_validity(proof)?;
    update_balances(ctx.accounts, &ctx.accounts.source.confidential_transfer_account)?;
    Ok(())
}

Example JSON Finding

{
  "detector": "token-2022-confidential",
  "severity": "high",
  "confidence": 0.7,
  "message": "Confidential transfer operation without ZK proof verification",
  "location": { "function": "process_confidential", "block": 0, "statement": 2 }
}

Detection Methodology

  1. Confidential operation detection: Identifies CPI calls related to confidential transfers.
  2. Proof verification search: Checks for ZK proof verification operations.
  3. State transition analysis: Verifies proper state transitions in confidential accounts.
  4. Security awareness heuristic: If proof verification exists anywhere in the function, assumes developer awareness.

Limitations

False positives: Programs that delegate proof verification to the Token-2022 program via CPI. False negatives: Custom confidential transfer implementations.

References