aiken-dex-security-audit

• Auditing Plutus V3 Aiken contracts for a DEX (validators + minting policies)
• You need a rigorous report: threat model, invariants, findings, and reproducible exploit tx shapes

• No hallucinations. If something isn't in the repo or inputs, say unknown and list exactly what's missing.
• Assume a hostile attacker can craft arbitrary transactions: multi-input, multi-action, weird datums, weird token bundles.
• Never ask for or handle seed phrases / private keys.
• Prefer evidence over vibes: minimal tx shape + failing test + fix + passing test.

1) Script list + purpose (spend/mint/reward/cert) and which are critical path for swaps/liquidity

2) Datum/redeemer schemas (Aiken types + encoding expectations)

3) Parameters/config: policy IDs, script hashes, upgrade/admin controls, oracle deps (if any)

4) Off-chain tx builder(s) in scope (where swaps/liquidity txs are constructed)

5) Network assumptions (mainnet/preprod) + constraints (tx size, exunits, reference scripts, inline datums)

1) Build a system model

- Map state UTxOs, assets, script addresses, and transitions (inputs/outputs/mint/burn/signees/time).

2) Extract explicit invariants (testable)

- Value conservation, LP supply rules, fee bounds/rounding, auth rules, "exactly-one state UTxO", bounded datum/value growth.

3) Threat model & attack surface

- Attacker capabilities in eUTxO; trusted roles; upgrade/emergency keys; oracles; economic/griefing vectors.

4) Manual on-chain review

- For each validator/policy branch: what must be true about inputs/outputs/minted/signers/time?

- Hunt: double satisfaction, fake-state UTxOs, asset-class mismatches, optional datum gotchas, unbounded growth, time-range bugs, division/rounding/negative amounts, "exactly one" enforcement bugs.

- For each issue: minimal exploitable tx shape + why it works (use tx-shapes template).

5) Off-chain review (if in scope)

- Ensure builder cannot construct valid-but-unsafe txs or mis-hash datums or mis-handle mint fields.

6) Evidence suite (Aiken-first)

- Add unit tests + property tests for each invariant + each exploit regression test.

7) Budget & DoS analysis

- Identify evaluation hotspots and griefing paths; recommend safe refactors.

8) Report

- Use templates/audit-report.md and include: scope, assumptions, invariants, findings table, patches, tests, deployment checklist.

• Full framework prompt: references/audit-framework.md
• Report template: templates/audit-report.md
• Invariants checklist: templates/invariants-checklist.md
• Minimal exploit tx shapes: templates/tx-shapes.md