ChainSecurity has completed a security audit of the Wrapped Bitcoin project. To find out more about the scope of the audit and considered properties see the full report.
WBTC is an ERC20 token that represents Bitcoin as an (extended) ERC20 token on the Ethereum blockchain, where 1 BTC equals 1 WBTC token. The involved entities are at least one custodian (the current setup is tailored to exactly one) and multiple merchants. The whole system has in general two main tasks:
- Minting WBTC:
If a matching amount of BTC is locked at a custodian’s account (on the Bitcoin blockchain), the corresponding amount of WBTC tokens is minted (released) to the merchant (on the Ethereum blockchain).
- Burning WBTC:
When a merchant wants to convert his WBTC tokens back into BTC, he places a burn request (the specified amount of WBTC tokens are burned). If successful, the custodian sends the merchant the requested amount of BTC (on the Bitcoin blockchain).
To accomplish a Bitcoin-to-WBTC swap and back, a merchant sends BTC to a custodian. The custodian confirms that this merchant has deposited a certain amount of BTC on the Bitcoin blockchain. A matching amount of WBTC is then minted by a custodian and can be used by the merchant. Accordingly, if a merchant wants to swap back the WBTC to BTC, the merchant files a request to burn the WBTC. The custodian transfers the BTC back to the merchant, if the burning of the WBTC was successful.
Overall, the smart contracts request and record the transaction details on the Ethereum blockchain. Actual transactions of BTC are happening on the Bitcoin blockchain. Other tasks include managing (adding/removing) merchants and custodians.
Our audit investigated the code implementation issues arising from the management of merchants and custodians, as well as from the minting, transferring, and burning of the WBTC token on the Ethereum blockchain.
Overall, the ChainSecurity team found that Wrapped Bitcoin is a very well-coded smart contract with clean documentation. During the audit, we detected two security issues concerning (1) the pausing of the minting/burning process (2) and a possible hash collision. The hash collision was possible due to using abi.encodePacked() instead of abi.encode(). Chainsecurity also highlighted relevant trust assumptions arising from the overall system setup. WBTC addressed, acknowledged or fixed the raised issues. Therefore, ChainSecurity sees no remaining security issues in the current version.