Research - What bad hooks look like

Overview

The introduction of Uniswap V4 marks a significant milestone in the evolution of the Uniswap Protocol. The introduction of hooks unlocks an entire new design space, empowering developers to engineer innovative functionalities that are seamlessly integrated with the Uniswap Protocol. While this development introduces endless possibility for developers, it also presents a new array of security risks and challenges.

Problem

Hook Development is still at its infancy and currently lacks comprehensive best practices and essentials resources that can assist developers in building hooks. Specifically, the introduction of hooks brings with it additional risks and security challenges that developers must consider during their development process.

Solution

In response to these challenges, this RFP invites for proposals from academic researchers and/or solidity auditors to explore the "malicious design space" of hooks in solidity, especially how they can compromise systems and create safety failures.

The research could adopt two broad approaches:

Investigating various ways that hooks can lead to system compromises
Formal verification for development of provably safe hooks

Scope

The objective of this research is to identify a broad set of system vulnerabilities associated with hooks in order to develop best practices for building safe routing systems.

Possible approaches to the research could include:

Unsafe Hook Identification and Analysis: The research team could explore different ways hooks can potentially compromise systems and lead to safety failures. The output should be a detailed analysis of each identified risk, along with potential ways to mitigate these risks.
Development and Verification of Provably Safe Hooks: The research should explore ways of developing provably safe hooks, such as restrictions on certain opcodes, hook address level filtering, etc. This research will ideally result in a set of best practices for developing safe hooks.
Additional approaches proposed by the applicants to tackle the problem described above.

Deliverables

As part of the project scoping, the team is expected to define the detailed list of deliverables for their proposal. Depending on the approach chosen, deliverables could include (but are not limited to):

A research paper discussing the identified risks and potential mitigations in detail including theoretical examples of malicious hooks and how they can be exploited.
A GitHub repository containing code samples of malicious hooks with detailed documentation explaining the malicious behaviour of each hook and potential ways to mitigate these behaviours.
A comprehensive framework for formal verification, specifically tailored to facilitate the deployment of provably safe hooks within the Uniswap protocol. This framework would include defined procedures, strategies, and tools for conducting formal verification on hooks, promoting enhanced security within the system.