Prepared by:
HALBORN
Last Updated 04/15/2026
Date of Engagement: March 30th, 2026 - April 1st, 2026
100% of all REPORTED Findings have been addressed
All findings
6
Critical
4
High
1
Medium
0
Low
1
Informational
0
Soqucoin engaged Halborn to perform a security assessment of the Soqucoin blockchain's post-quantum cryptographic subsystem, specifically the Binius64 finite field arithmetic and LatticeFold+ batch verification implementation, from March 30th, 2026 to April 1st, 2026. The assessment scope covered approximately 600 lines of core cryptographic C++ code on branch soqucoin-genesis at commit 8c8840fae.
Halborn was allocated 3 days for this engagement and assigned 1 full-time security engineer to conduct a comprehensive review of the assets within scope. The engineer is an expert in blockchain and smart contract security, with advanced skills in cryptographic protocol analysis, low-level C++ review, and fuzz testing, as well as extensive knowledge of post-quantum cryptographic schemes.
The objectives of this assessment are to:
Verify the correctness of the Binius64 binary field arithmetic used as the algebraic foundation for proof verification.
Assess the security of the LatticeFold+ verifier and its integration into the consensus layer.
Identify vulnerabilities that could lead to proof forgery, consensus divergence, or undefined behavior at the node level.
In summary, Halborn identified several areas for improvement to minimize both the likelihood and potential impact of security risks, which were successfully addressed by the Soqucoin team. The primary issues include:
Replace the reducible reduction polynomial x^128 + x^7 + 1 with an irreducible one to construct a proper finite field and eliminate zero divisors that enable proof forgery.
Correct the x86 GFNI-accelerated multiplication path to use the appropriate intrinsic, ensuring field products are computed correctly on all x86 nodes.
Bind LatticeFold+ proofs to the committed UTXO data by incorporating the external commitment into the verification check, preventing trivial proof forgery.
Add the missing second reduction pass in the portable multiplication fallback to produce correct field products across all platforms.
Include the final squaring step in the field inverse computation to ensure all inverse-dependent verification operations produce correct results.
Remove the const_cast in batch_inverse and accept the input array by mutable reference to eliminate undefined behavior under the C++ standard.
Halborn conducted a combination of manual code review, mathematical analysis, and targeted fuzz testing to balance efficiency, timeliness, practicality, and accuracy within the scope of this assessment. While manual review is crucial for identifying flaws in cryptographic logic and protocol design, automated testing enhances coverage of the codebase and quickly surfaces deviations from mathematical invariants.
The following phases and associated techniques were employed throughout the term of the assessment:
Reviewed approximately 600 lines of core cryptographic C++ code across the Binius64 field implementation (field.h, field.cpp), the LatticeFold+ verifier (verifier.cpp, verifier.h), and the consensus integration points in the script interpreter.
Performed polynomial factorization analysis using SageMath and SymPy to verify the irreducibility claim of the reduction polynomial, confirming it factors into three irreducible components over GF(2).
Constructed concrete proof-of-concept exploits demonstrating zero divisor pairs in the ring, incorrect multiplication outputs on both x86 and portable code paths, and trivial proof forgery against the LatticeFold+ verifier.
Developed and executed targeted fuzz harnesses against field arithmetic operations to surface invariant violations and edge cases.
Cross-validated the x86 GFNI+AVX2 accelerated path against the portable bit-serial fallback to identify divergence between platform-specific implementations.
Traced the end-to-end consensus integration path from the OP_LATTICEFOLD opcode through the script interpreter to the verifier entry point, analyzing how field-level bugs propagate to consensus-level impact.
| EXPLOITABILITY METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Attack Origin (AO) | Arbitrary (AO:A) Specific (AO:S) | 1 0.2 |
| Attack Cost (AC) | Low (AC:L) Medium (AC:M) High (AC:H) | 1 0.67 0.33 |
| Attack Complexity (AX) | Low (AX:L) Medium (AX:M) High (AX:H) | 1 0.67 0.33 |
| IMPACT METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Confidentiality (C) | None (C:N) Low (C:L) Medium (C:M) High (C:H) Critical (C:C) | 0 0.25 0.5 0.75 1 |
| Integrity (I) | None (I:N) Low (I:L) Medium (I:M) High (I:H) Critical (I:C) | 0 0.25 0.5 0.75 1 |
| Availability (A) | None (A:N) Low (A:L) Medium (A:M) High (A:H) Critical (A:C) | 0 0.25 0.5 0.75 1 |
| Deposit (D) | None (D:N) Low (D:L) Medium (D:M) High (D:H) Critical (D:C) | 0 0.25 0.5 0.75 1 |
| Yield (Y) | None (Y:N) Low (Y:L) Medium (Y:M) High (Y:H) Critical (Y:C) | 0 0.25 0.5 0.75 1 |
| SEVERITY COEFFICIENT () | COEFFICIENT VALUE | NUMERICAL VALUE |
|---|---|---|
| Reversibility () | None (R:N) Partial (R:P) Full (R:F) | 1 0.5 0.25 |
| Scope () | Changed (S:C) Unchanged (S:U) | 1.25 1 |
| Severity | Score Value Range |
|---|---|
| Critical | 9 - 10 |
| High | 7 - 8.9 |
| Medium | 4.5 - 6.9 |
| Low | 2 - 4.4 |
| Informational | 0 - 1.9 |
Critical
4
High
1
Medium
0
Low
1
Informational
0
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| Binius64 reduction polynomial is reducible, enabling proof forgery via zero divisors | Critical | Solved - 04/02/2026 |
| x86 multiplication uses wrong intrinsic, producing incorrect field products on all x86 nodes | Critical | Solved - 04/02/2026 |
| LatticeFold+ verifier lacks external binding, enabling trivial proof forgery | Critical | Solved - 04/02/2026 |
| Portable multiplication skips second reduction pass, producing incorrect field products | Critical | Solved - 04/02/2026 |
| Field inverse misses final squaring, breaking all inverse-dependent verification | High | Solved - 04/02/2026 |
| batch_inverse mutates const reference via const_cast, leading to undefined behavior | Low | Solved - 04/02/2026 |
//Critical
//Critical
//Critical
//Critical
//High
//Low
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
// Download the full report
Blockchain Architecture Assessment - Added days
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed
