Audits, ceremony & verifier source

A transparent record of where we are. This page is dull on purpose — it gets more interesting as audits complete and gets edited in place rather than rewritten.

Audit status

SolMask is pre-audit. The protocol shipped to mainnet without a completed third-party security review, which is a deliberate trade-off: we wanted real-world adversarial pressure on the v1 design before committing audit hours that would otherwise be spent re-reviewing surfaces that change post-feedback. Audit work is scheduled to begin in the next quarter, with the firm and scope to be announced here when contracts are signed. Until that completes, deposit sizes you are not prepared to lose are not appropriate.

When the audit completes, this page will list: the firm name, the engaged scope (which programs, which circuits, which off-chain components), the report PDF or HTML link, the commit hash audited, the issue counts by severity, and the remediation status of each open issue. We will not edit the historical entries.

Trusted setup ceremony

The withdraw circuit uses Groth16, which requires a per-circuit trusted setup — a multi-party computation whose output is the proving and verification key, and whose security rests on at least one honest participant deleting their toxic waste. The v1 ceremony was a Phase 2 multi-party setup over the BN254 curve.

The ceremony transcript — every contributor's response, the running transcript hash, and the final verification key — will be published in a companion repository, linked from this page when ready. The transcript is self-verifying: a third party can replay the ceremony and confirm the final key matches the on-chain verifier without trusting the team's claim about the participant list.

On-chain verifier source

The Solana program that verifies withdraw proofs is open source. The source-code repository, including the Rust verifier, the Circom circuit, the build pipeline, and the deployment artifacts, lives at https://github.com/solmask. The on-chain program ID and the verifier key fingerprint will be added to this page when v1 is tagged for permanence, so anyone can reproduce the on-chain build locally and bit-for-bit compare against what is deployed.

For background on the program architecture and the circuit constraints, see the compliance pillar and the technical docs.

Reporting a vulnerability

Security disclosures and audit correspondence go to solmask [at] allenhark [dot] com. A PGP key is available on request. A formal bug bounty programme will be set up alongside the audit engagement; until then, responsible disclosure is acknowledged and rewarded on a case-by-case basis.

Audits, ceremony & verifier source · SolMask