Skip to main content
Sigvex

Token-2022 Confidential Remediation

How to fix Token-2022 confidential transfer vulnerabilities.

Token-2022 Confidential Remediation

Overview

Related Detector: Token-2022 Confidential

Missing ZK proof verification in confidential transfers allows arbitrary amount manipulation. The fix is to always verify proofs before processing confidential operations, preferably by delegating to the Token-2022 program via CPI.

Delegate confidential transfer operations to the Token-2022 program which handles proof verification:

invoke(
    &spl_token_2022::instruction::confidential_transfer::transfer(
        &spl_token_2022::id(),
        source, destination, mint, authority,
        &[], amount, proof_data,
    )?,
    accounts,
)?;

Common Mistakes

Mistake: Implementing Custom Proof Verification

// RISKY: custom ZK proof verification is error-prone
fn verify_proof(proof: &[u8]) -> bool { /* custom logic */ }

Use the Token-2022 program’s built-in verification whenever possible.

References