DESCRIPTION
MegaETH is an EVM-compatible blockchain designed to bring Web2-level real-time performance to the crypto world. Its goal is to push performance to the limits of modern hardware, narrowing the gap between blockchains and traditional cloud computing servers.
MegaETH offers several distinguishing features, including high transaction throughput, abundant compute capacity, and, most notably, millisecond-level response times even under heavy load. This enables developers to build and compose highly demanding applications without practical performance constraints.
As an EVM-compatible Layer 2 (L2) solution, MegaETH has undergone extensive customization to maximize performance. These changes include the integration of a customized EVM implementation and the replacement of the state management component, design choices intended to improve operational efficiency and align the system with the platform's specific functional requirements.
The security testing was conducted over a six-week period, from October 11, 2025 to November 28, 2025, and focused on:
- MegaETH EVM (hereafter
MegaEVM), a specialized Ethereum Virtual Machine (EVM) implementation tailored to \client{}’s specifications. It is built on top of \texttt{revm} and \texttt{op-revm} with \client{}-specific modifications and optimizations to support high-performance blockchain execution. - Small Authentication Large Trie (hereafter
SALT), the core state management component of the \client{} blockchain. It is a memory-efficient state trie data structure designed to replace the Merkle Patricia Trie (MPT) in blockchain systems. \starget{} provides authenticated key–value storage using IPA (Inner Product Argument) and Pedersen commitments. Unlike traditional MPT, which requires frequent disk I/O during state root updates, \starget{} is designed to keep all intermediate commitments in memory and eliminate random disk I/O. - Stateless Validator, a Rust implementation of a stateless blockchain validator specifically designed for \target{}. This validator enables efficient block verification using cryptographic witness data from SALT instead of maintaining full blockchain state. The stateless approach eliminates the need for validators to run on high-end hardware comparable to sequencer nodes, making it practical to run validator nodes at scale.
The concrete scope, goals, and detailed description of this security testing, including the methodology and findings, will be presented in the chapters on MegaEVM and Stateless Validator (Chapter 2) and SALT (Chapter 3), respectively.
Please refer to the report for detailed information.
KEY FINDINGS
In total, we find 5 potential issues in the smart contract. We also have 1 recommendations and 9 notes, as follows:
| ID | Severity | Description | Status |
|---|---|---|---|
| 2.3-1 | High | DoS Attack via Unbounded tstore Operations |
Confirmed |
| 2.3-2 | High | DoS Attack via Cheap KZG Calculation | Confirmed |
| 2.3-3 | High | EVM Crash due to Incorrect Gas Cost Implementation in KZG Precompile | Fixed |
| 2.3-4 | High | DoS Risk Through High-Cost Opcode Looping | Confirmed |
| 3.4-1 | Medium | Incorrect Parent Node Index in Bucket Subtree Updates | Fixed |
| 3.3-1 | - | Avoid Panics Caused by Fixed Length SaltValue struct |
Confirmed |
| 2.2-1 | - | Fixed Gas Call Failure | - |
| 2.2-2 | - | Rated Gas | - |
| 2.2-3 | - | Gas Tainted | - |
| 2.2-4 | - | Sufficient Gas | - |
| 2.2-5 | - | Self Destruct | - |
| 2.2-6 | - | Sufficient Gas still Failed | - |
| 2.2-7 | - | Bomb Opcode | - |
| 2.2-8 | - | Storage Tainted by Sender Balance | - |
| 2.2-9 | - | Volatile Data Gas Limit | - |
More details are provided in the audit report.