aiken-dex-security-audit
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
Chineseaiken-dex-security-audit
Aiken DEX安全审计
When to use
适用场景
- Auditing Plutus V3 Aiken contracts for a DEX (validators + minting policies)
- You need a rigorous report: threat model, invariants, findings, and reproducible exploit tx shapes
- 针对DEX的Plutus V3 Aiken合约进行审计(包括验证器+铸币策略)
- 你需要一份严谨的审计报告:包含威胁模型、不变量、审计发现以及可复现的漏洞利用交易格式
Non-negotiable rules
不可妥协的规则
- No hallucinations. If something isn't in the repo or inputs, say unknown and list exactly what's missing.
- Assume a hostile attacker can craft arbitrary transactions: multi-input, multi-action, weird datums, weird token bundles.
- Never ask for or handle seed phrases / private keys.
- Prefer evidence over vibes: minimal tx shape + failing test + fix + passing test.
- 不得虚构内容。如果仓库或输入中没有相关信息,明确标注未知并列出缺失的具体内容。
- 假设攻击者可以构造任意交易:多输入、多操作、异常数据(datum)、异常代币集合。
- 绝不索要或处理助记词/私钥。
- 优先依据证据而非主观判断:提供最小交易格式+失败测试+修复方案+通过测试。
Required inputs (ask for anything missing)
必要输入信息(若有缺失请索要)
- Script list + purpose (spend/mint/reward/cert) and which are critical path for swaps/liquidity
- Datum/redeemer schemas (Aiken types + encoding expectations)
- Parameters/config: policy IDs, script hashes, upgrade/admin controls, oracle deps (if any)
- Off-chain tx builder(s) in scope (where swaps/liquidity txs are constructed)
- Network assumptions (mainnet/preprod) + constraints (tx size, exunits, reference scripts, inline datums)
- 脚本列表及用途(消费/铸币/奖励/认证),以及哪些是兑换/流动性相关的关键路径脚本
- 数据(datum)/赎回器(redeemer)的Schema(Aiken类型+编码要求)
- 参数/配置:策略ID、脚本哈希、升级/管理员控制权限、预言机依赖(如有)
- 范围内的链下交易构建器(用于构建兑换/流动性交易的工具)
- 网络假设(主网/预发布网)+ 约束条件(交易大小、执行单元、引用脚本、内联数据)
Audit workflow (do ALL)
审计工作流(必须完成全部步骤)
- Build a system model
- Map state UTxOs, assets, script addresses, and transitions (inputs/outputs/mint/burn/signees/time).
- Extract explicit invariants (testable)
- Value conservation, LP supply rules, fee bounds/rounding, auth rules, "exactly-one state UTxO", bounded datum/value growth.
- Threat model & attack surface
- Attacker capabilities in eUTxO; trusted roles; upgrade/emergency keys; oracles; economic/griefing vectors.
- Manual on-chain review
- For each validator/policy branch: what must be true about inputs/outputs/minted/signers/time?
- Hunt: double satisfaction, fake-state UTxOs, asset-class mismatches, optional datum gotchas, unbounded growth, time-range bugs, division/rounding/negative amounts, "exactly one" enforcement bugs.
- For each issue: minimal exploitable tx shape + why it works (use tx-shapes template).
- Off-chain review (if in scope)
- Ensure builder cannot construct valid-but-unsafe txs or mis-hash datums or mis-handle mint fields.
- Evidence suite (Aiken-first)
- Add unit tests + property tests for each invariant + each exploit regression test.
- Budget & DoS analysis
- Identify evaluation hotspots and griefing paths; recommend safe refactors.
- Report
- Use and include: scope, assumptions, invariants, findings table, patches, tests, deployment checklist.
templates/audit-report.md
- Use
- 构建系统模型
- 映射状态UTxO、资产、脚本地址以及状态转换(输入/输出/铸币/销毁/签名者/时间)。
- 提取可测试的显式不变量
- 价值守恒、LP供应量规则、手续费上限/舍入、权限规则、“仅存在一个状态UTxO”、数据/价值增长受限。
- 威胁模型与攻击面
- eUTxO模型下的攻击者能力;可信角色;升级/紧急密钥;预言机;经济/恶意干扰攻击向量。
- 手动链上审查
- 针对每个验证器/策略分支:输入/输出/铸币/签名者/时间必须满足哪些条件?
- 排查:双重满足攻击、伪造状态UTxO、资产类别不匹配、可选数据陷阱、无限制增长、时间范围漏洞、除法/舍入/负金额问题、“仅一个”规则执行漏洞。
- 针对每个问题:提供最小可利用交易格式+漏洞原理(使用tx-shapes模板)。
- 链下审查(若在范围内)
- 确保交易构建器无法构造合法但不安全的交易,不会错误哈希数据或错误处理铸币字段。
- 证据套件(优先使用Aiken)
- 为每个不变量添加单元测试+属性测试,为每个漏洞添加回归测试。
- 预算与DoS分析
- 识别执行热点和恶意干扰路径;推荐安全重构方案。
- 生成报告
- 使用模板,内容包括:审计范围、假设条件、不变量、审计发现表格、补丁、测试、部署检查清单。
templates/audit-report.md
- 使用
Files to use
可使用的文件
- Full framework prompt:
references/audit-framework.md - Report template:
templates/audit-report.md - Invariants checklist:
templates/invariants-checklist.md - Minimal exploit tx shapes:
templates/tx-shapes.md
- 完整框架提示:
references/audit-framework.md - 报告模板:
templates/audit-report.md - 不变量检查清单:
templates/invariants-checklist.md - 最小漏洞利用交易格式:
templates/tx-shapes.md