CyberDA
CyberDA is a data availability solution using data availability challenges (DA Challenges).
There are no onchain assets at risk of being slashed in case of a data withholding attack. However, there is a mechanism that allows users to challenge unavailability of data. The system is not secure if the malicious sequencer is able to outspend the altruistic challengers, and there is no pool of funds onchain to incentivize challengers.
There is no fraud detection mechanism in place. A data withholding attack can only be detected by nodes downloading the full data from the DA layer.
Architecture
Data Availability Challenges
Cyber relies on DA challenges for data availability. The DA Provider submits an input commitment on Ethereum, and users can request the data behind the commitment off-chain from the DA Provider. If a DA challenger finds that the data behind a tx data commitment is not available, they can submit a challenge which requires locking a bond within 12h. A challenge can be resolved by publishing the preimage data within an additional 12h. In such case, a portion of the challenger bond is burned, with the exact amount estimated as the cost incurred by the resolver to publish the full data, meaning that the resolver and challenger will approximately lose the same amount of funds. The system is not secure if the malicious sequencer is able to outspend the altruistic challengers. If instead, after a challenge, the preimage data is not published, the chain reorgs to the last fully derivable state.
Funds can be lost if the sequencer posts an invalid data availability commitment and there are no challengers.
Funds can be lost if the sequencer posts an invalid data availability commitment, and he is able to outspend the challengers.
There is EOA on Ethereum acting as a DA bridge to receive data availability commitments.
The committee does not meet basic security standards, either due to insufficient size, lack of member diversity, or poorly defined threshold parameters. The system lacks an effective DA bridge and it is reliant on the assumption of an honest sequencer, creating significant risks to data integrity and availability.
There is no delay in the upgradeability of the bridge. Users have no time to exit the system before the bridge implementation update is completed.
The relayer role is permissioned, and the DA bridge does not have a Security Council or a governance mechanism to propose new relayers. In case of relayer failure, the DA bridge will halt and be unable to recover without the intervention of a centralized entity.
Only hashes of data batches are posted as DA commitments to an EOA on Ethereum. However, there is a mechanism that allows users to challenge unavailability of data.
The system consists of the following permissions on Ethereum:
Central actor allowed to relay DA commitments to the DA bridge.
This is a Gnosis Safe with 3 / 4 threshold. Owner of the ProxyAdmin and the rollup system. It can change any system component.
Those are the participants of the CyberMultisig.
Owner of the DataAvailabilityChallenge contract. It can upgrade the contract params, potentially making the system insecure.
CyberThe system consists of the following smart contracts on Ethereum:
This DA bridge address is used to store transaction batch hashes as data availability commitments.
The ProxyAdmin contract is the owner of SystemConfig and can change the address of the DA bridge for the system.
The DataAvailabilityChallenge contract is used to challenge the data availability of tx data hashes. See the technology section for more details.
Cyber