Prepared by:
HALBORN
Last Updated 09/14/2025
Date of Engagement: November 26th, 2024 - December 12th, 2024
100% of all REPORTED Findings have been addressed
All findings
42
Critical
2
High
2
Medium
3
Low
10
Informational
25
Beranames engaged Halborn to conduct a security assessment on their smart contracts beginning on November 26th, 2024 and ending on December 12th, 2024. The security assessment was scoped to smart contracts in the GitHub repository provided to the Halborn team. Commit hashes and further details can be found in the Scope section of this report.
The team at Halborn assigned a full-time security engineer to assess the security of the smart contracts. The security engineer is a blockchain and smart-contract security expert with advanced penetration testing, smart-contract hacking, and deep knowledge of multiple blockchain protocols.
The purpose of this assessment is to:
Ensure that smart contract functions operate as intended.
Identify potential security issues with the smart contracts.
In summary, Halborn identified some improvements to reduce the likelihood and impact of risks, which were mostly addressed by the Beranames team. The main ones were the following:
Modify the price calculation formula to ensure that the total price reflects the actual duration of the domain rental.
Ensure that all fields in the register request struct are included in the payload used for signature validation.
Include the discount in the price calculation during the name renewal.
Ensure that the correct owner is passed when setting reverse record.
Use OpenZeppelin's ECDSA library to handle signature unpacking and validation.
Include the 'whenNotPaused' modifier to ensure that bidding is disabled when the contract is paused.
Normalize all input names by converting them to a consistent format before processing.
Halborn performed a combination of manual review of the code and automated security testing to balance efficiency, timeliness, practicality, and accuracy in regard to the scope of the smart contract assessment. While manual testing is recommended to uncover flaws in logic, process, and implementation; automated testing techniques help enhance coverage of smart contracts and can quickly identify items that do not follow security best practices. The following phases and associated tools were used throughout the term of the assessment:
Research into the architecture, purpose, and use of the platform.
Smart contract manual code review and walkthrough to identify any logic issue.
Thorough assessment of safety and usage of critical Solidity variables and functions in scope that could lead to arithmetic related vulnerabilities.
Manual testing by custom scripts.
Graphing out functionality and contract logic/connectivity/functions (solgraph).
Static Analysis of security for scoped contract, and imported functions. (Slither).
Local or public testnet deployment (Foundry, Remix IDE).
| EXPLOITABILITY METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Attack Origin (AO) | Arbitrary (AO:A) Specific (AO:S) | 1 0.2 |
| Attack Cost (AC) | Low (AC:L) Medium (AC:M) High (AC:H) | 1 0.67 0.33 |
| Attack Complexity (AX) | Low (AX:L) Medium (AX:M) High (AX:H) | 1 0.67 0.33 |
| IMPACT METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Confidentiality (C) | None (C:N) Low (C:L) Medium (C:M) High (C:H) Critical (C:C) | 0 0.25 0.5 0.75 1 |
| Integrity (I) | None (I:N) Low (I:L) Medium (I:M) High (I:H) Critical (I:C) | 0 0.25 0.5 0.75 1 |
| Availability (A) | None (A:N) Low (A:L) Medium (A:M) High (A:H) Critical (A:C) | 0 0.25 0.5 0.75 1 |
| Deposit (D) | None (D:N) Low (D:L) Medium (D:M) High (D:H) Critical (D:C) | 0 0.25 0.5 0.75 1 |
| Yield (Y) | None (Y:N) Low (Y:L) Medium (Y:M) High (Y:H) Critical (Y:C) | 0 0.25 0.5 0.75 1 |
| SEVERITY COEFFICIENT () | COEFFICIENT VALUE | NUMERICAL VALUE |
|---|---|---|
| Reversibility () | None (R:N) Partial (R:P) Full (R:F) | 1 0.5 0.25 |
| Scope () | Changed (S:C) Unchanged (S:U) | 1.25 1 |
| Severity | Score Value Range |
|---|---|
| Critical | 9 - 10 |
| High | 7 - 8.9 |
| Medium | 4.5 - 6.9 |
| Low | 2 - 4.4 |
| Informational | 0 - 1.9 |
Critical
2
High
2
Medium
3
Low
10
Informational
25
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| Total price miscalculation due to rounding error | Critical | Solved - 12/11/2024 |
| Incomplete payload validation in whitelist register | Critical | Solved - 12/16/2024 |
| Discount discrepancy in renewal and registration pricing | High | Solved - 12/15/2024 |
| Incorrect assignment of reverse record ownership | High | Solved - 12/16/2024 |
| Insufficient signature validation | Medium | Solved - 12/16/2024 |
| Bid submission permitted during paused contract state | Medium | Solved - 12/11/2024 |
| Lack of name normalization in input handling | Medium | Risk Accepted - 12/17/2024 |
| Potential misconfiguration of reserve price in auction setup | Low | Solved - 12/11/2024 |
| Potential ineffectiveness in bid increment validation | Low | Risk Accepted - 12/17/2024 |
| Inadequate validation of UTF-8 encoding in character length calculation | Low | Solved - 01/01/2025 |
| Unchecked launch time in registrar | Low | Solved - 12/11/2024 |
| Missing validation for initial time buffer configuration | Low | Solved - 12/11/2024 |
| Potential overflow in price conversion due to silent truncation | Low | Solved - 12/19/2024 |
| Inefficient removal of reserved names from the list | Low | Solved - 12/15/2024 |
| Inefficient handling of duplicate name reservations | Low | Solved - 12/15/2024 |
| Unsafe index handling in hexadecimal parsing | Low | Solved - 12/26/2024 |
| Incomplete length validation in hexadecimal parsing | Low | Solved - 12/26/2024 |
| Suboptimal gas usage due to post-increment in loops | Informational | Solved - 12/11/2024 |
| Inefficient array allocation in settlement retrieval functions | Informational | Solved - 01/01/2025 |
| Inclusion of uninitialized settlement data in results | Informational | Solved - 12/19/2024 |
| Inclusion of unsettled auctions in settlement results | Informational | Solved - 12/19/2024 |
| Inconsistent handling of uninitialized auction data | Informational | Solved - 12/19/2024 |
| Inconsistent array lengths in data processing | Informational | Solved - 12/26/2024 |
| Inconsistent use of encoding methods for Keccak256 hash calculation | Informational | Solved - 12/11/2024 |
| Improper validation of return data | Informational | Solved - 01/26/2024 |
| Validation gaps in delegate approval process | Informational | Solved - 01/06/2025 |
| Missing protection against potential reentrancy attacks | Informational | Solved - 12/19/2024 |
| Registry ownership transfer allows divergence from NFT ownership | Informational | Solved - 01/07/2025 |
| Improper handling of odd-length hex strings | Informational | Solved - 12/26/2024 |
| Asymmetry in event emission for ETH transfers | Informational | Solved - 12/11/2024 |
| Lack of zero address check | Informational | Solved - 12/26/2024 |
| Potential issue with casting msg.value to uint128 in auction contract | Informational | Solved - 12/11/2024 |
| Missing validation for start and end IDs in settlement retrieval | Informational | Solved - 12/19/2024 |
| Lack of range validation in settlement retrieval functions | Informational | Solved - 12/19/2024 |
| Unbounded recursion in hash calculation | Informational | Solved - 01/01/2025 |
| Bounds validation required for safe array access | Informational | Solved - 12/26/2024 |
| Validation required for encrypted data integrity | Informational | Solved - 12/26/2024 |
| Unused functions | Informational | Solved - 01/07/2025 |
| Redundant code | Informational | Solved - 12/15/2024 |
| Potential inconsistent state validation for NFT transfers | Informational | Solved - 12/11/2024 |
| Lack of error transparency in delegatecall failures | Informational | Solved - 12/26/2024 |
| Index validation missing when removing reserved names | Informational | Solved - 12/15/2024 |
//Critical
//Critical
//High
//High
//Medium
//Medium
//Medium
//Low
//Low
//Low
//Low
//Low
//Low
//Low
//Low
//Low
//Low
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
//Informational
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
// Download the full report
Beranames - Beranames Name Service (BNS) Contracts v2
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed
