DevolvedAI

We express our gratitude to the DevolvedAI team for the collaborative engagement that enabled the execution of this Blockchain Protocol Security Assessment.

ArgoChain-SDK is specifically designed for developers eager to explore and innovate within the ArgoChain ecosystem.

The system users should acknowledge all the risks summed up in the risks section of the report

Commit History and Changes

The following is a detailed history of the modifications made to the original Substrate codebase by the Argochain project, based on specific commits in their GitHub repository. Each commit is categorized into those with real code changes and those focused on naming or rebranding. The analysis reveals that the majority of the commits were centered around rebranding Substrate rather than introducing significant new functionality or security changes at the initial stage of the audit. However, the DevolvedAI team improved the technical ground of the project significantly during the next stages, reaching a new, more mature, and technically developed protocol.

Commits with Code Changes

Commit 2b78446b50848d53afe6c5abc583fe2570663102 →

• Summary: Configuration updates.

• Details: Added details for tokenSymbol ("AGC"), tokenDecimals (18), and ss58Format (33) to multiple configuration files. These additions were made in the files customSpec.json, customSpecRaw.json, and chain_spec.rs, among others. The changes help define the token's attributes within the blockchain's configuration.

Commit f08e98e190928e700f205ec8ed70d7b466bbc258 →

• Summary: Updates including genesis block and EVM Compatibility.

• Details: Adds several new configurations and parameters for EVM and Ethereum compatibility (outside of scope). Key changes include the addition of EVMConfig and EthereumConfig for handling EVM accounts, balances, and storage, along with dynamic_fee and base_fee parameters. The commit also includes various other updates to the runtime genesis configuration, like the inclusion of default configurations for assets, nomination pools, and transaction settings, enhancing the blockchain's initial setup and compatibility.

Commit 9c48b61b2b4957b384c00b8f0ce0665c0b989176 →

• Summary: Addition of EVM support.

• Details: Added support for the Ethereum Virtual Machine (EVM), integrating EVM functionality into the Argochain network. This change is outside the current audit scope.

Commit 100f150d025e6d314b9a1f4d9d049ecdccd249cf →

• Summary: Updated chain specifications.

• Details: Changes to the chain specification parameters.

Commit 5a0543569ec136e6e9cf455e1add80f9e39cff01 →

• Summary: Change to constant value.

• Details: Changed u64 = 997 to u64 = 1299. This change affects a specific constant value in the code, modifying an operational parameter or limit.

Commit 47b59ee2bea435b99fa6f2478af90f2060e8aa85 →

• Summary: Changes to chain_spec.rs.

• Details: Changes to three hardcoded Ethereum addresses used in the testnet genesis configuration. Each of the three addresses, which represent EVM accounts with pre-set balances, was updated to new addresses, ensuring that the genesis block configuration aligns with the latest project requirements.

Commit dc575d4db21ee3d2496144c88770224cb608128f →

• Summary: Adjustments to network parameters.

• Details: This commit made specific changes to the network parameters and configurations, ensuring the network's operational settings align with Argochain's requirements. Including genesis configuration parameters and adjustments to the runtime configuration, such as modifying values for the EVM accounts and balances, updating default parameters for system modules, and ensuring compatibility with the latest project specifications.

Commit baec60df86d4e0f03c6be37fdfe9fd78aed076bf →

• Summary: Tokenomics and runtime configurations.

• Details: Introduces several updates primarily focused on the tokenomics and runtime configurations. Key changes include modifications to the runtime/src/constants.rs and runtime/src/lib.rs files, adjustments to staking parameters, and the implementation of a custom era payout structure for staking rewards.

Commits with Rebranding or No Relevant Changes

Commit 7bd237880646a8107f05e95c0a4c0c504e99d1a5 →

• Summary: Configuration changes and renaming.

• Details: Renaming of project identifiers from Substrate to Argochain.

Commit 848b632c555d317b0357e461755f38432d6c9811 →

• Summary: Token name change.

• Details: Modified the token name to reflect Argochain’s native token, AGC.

Commit 4836b373a3d1733c909d7c1ab88ec9ac50854123 →

• Summary: Configuration file changes.

• Details: Changed configuration files without altering the genesis state.

Commit a80557235c078cf9d2312e3d2b831523e9851773 →

• Summary: Added rust-setup.md file.

• Details: Added a Markdown file with setup instructions for Rust, without changing code functionality.

Commit 2409d284ead47a2c0fc16779655d458c81380dc7 →

• Summary: Removed comments.

• Details: Removed comments from the code without changing functionality.

Commit 275698a19d07f702c2cad0b8bdf25e1811daf0da →

• Summary: Added Markdown files.

• Details: Added 3 Markdown files for documentation purposes.

Commit 85d4af8ce67ece08b29e7776e85742f0b501ccf0 →

• Summary: Minor formatting change.

• Details: Added a space in the code without making functional changes.

Commit 3f71cda06d4b7e2f9e7d4ddfcc502121b0e23fe5 →

• Summary: Addition of MD files.

• Details: Added Markdown documentation files without changing code functionality.

Commit 92387003bcdc4c6f3796d29956469219006dc986 →

• Summary: Edited README.

• Details: Updated the README file with new project information and branding.

Commit b2d243517b034e9a3532fbf406bc0d2075abbfe6 →

• Summary: Deleted a file.

• Details: Removed a file from the codebase without impacting functionality.

Commit d147dc9b107dcd88e589bb4c8890349a09f73dcd →

• Summary: Added bootnodes.

• Details: Added bootnodes to the network configuration.

Commit 19e66003f426e6aba0e5f5bf26afb578450dc4af →

• Summary: Documentation rebranding.

• Details: Updated rebranding in the project's documentation and guides.

Commits Related to Project Setup

Commit 542ad5e359c2795e15655c240cff4579f4ce712f →

• Summary: Initial upload of Substrate code.

• Details: This commit represents the initial upload of the Substrate framework into the Argochain repository. It includes all the core components and modules of Substrate without any modifications.

Commit 51ff126c9fea843c8a492dbdde45d7fea1724147 →

• Summary: Added Frontier.

• Details: Added code from https://github.com/polkadot-evm/frontier →.

Commit 0a3718c719e240e61b2f3440722e1151754524f8 →

• Summary: Added dependencies.

• Details: Added dependencies originally from Substrate to the project.

• Total Commits Analyzed: 23

• Commits with Code Changes: 8

• Commits with Rebranding or No Relevant Changes: 12

• Commits Related to Project Setup: 3

The focus of the majority of the commits in the Argochain repository was on rebranding the Substrate framework rather than introducing significant new functionality or substantial code modifications at the beginning of the audit. This rebranding effort includes changes to project identifiers, metadata, and documentation. As a result, no significant security issues were identified during the first stage of the audit, as the core code modifications over Substrate that could potentially introduce vulnerabilities were minimal. During supplementary reviews of new components added to the scope, security issues were raised, which are detailed in the Findings section of this audit report; most of the issues were promptly addressed by the DevolvedAI team.

Argochain is a blockchain protocol developed by Devolved AI. It aims to present an innovative approach to blockchain technology. The protocol has been developed by forking the Substrate framework with minimal modifications at the point of this audit (the development is still in progress and the maturity of the project is growing fast). This overview will provide a comprehensive analysis of the Argochain system while objectively highlighting the context of its development.

System Architecture

Core Components

• Consensus Mechanism: Argochain employs a consensus mechanism based on Substrate's default BABE (Blind Assignment for Blockchain Extension) and GRANDPA (GHOST-based Recursive Ancestor Deriving Prefix Agreement) protocols. These consensus algorithms are well-established in the Substrate ecosystem, providing robust and secure block production and finalization.

• Runtime: The runtime of Argochain is written in Rust, leveraging Substrate's modular runtime framework. The runtime consists of various pallets (modules) that define the core functionality of the blockchain, such as balances, governance, staking, and more. Minimal modifications have been made to the runtime, primarily involving parameter adjustments and configuration changes.

• Networking: Argochain's networking layer is built on top of Substrate's libp2p networking stack. This layer handles peer discovery, message propagation, and network security. The network configuration and parameters have been slightly altered to fit Argochain's specific requirements.

• Extrinsics and Transactions: The handling of extrinsics (transactions) in Argochain follows Substrate's default mechanism. Transactions are validated, processed, and included in blocks using the same framework provided by Substrate, with minor tweaks to transaction fees and limits.

Customizations and Enhancements

While Argochain is fundamentally based on Substrate, a few customizations have been implemented to distinguish it from a vanilla Substrate deployment:

• Token Economics: The native token of Argochain, AGC, has specific economic parameters, such as issuance rate, staking rewards, and transaction fees. These parameters have been fine-tuned to align with the project's goals and community expectations.

• Governance Model: Argochain utilizes a governance model derived from Substrate's democracy and council pallets. The configuration of these pallets has been adjusted to suit the project's governance structure, enabling community-driven decision-making.

• Chain Specifications: The chain specifications, including genesis state and bootnodes, have been customized to initialize the Argochain network. These changes ensure a unique network identity and facilitate the network's launch and operation.