From 0f1ea672024ca7593bc52aca93922eaaf63ad88e Mon Sep 17 00:00:00 2001
From: Goshawk <goshawk@dusk.network>
Date: Tue, 20 Aug 2024 12:10:30 +0300
Subject: [PATCH 1/3] consensus: Address audit suggestions

---
 consensus/src/user/provisioners.rs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/consensus/src/user/provisioners.rs b/consensus/src/user/provisioners.rs
index 934941f6d1..696872f18b 100644
--- a/consensus/src/user/provisioners.rs
+++ b/consensus/src/user/provisioners.rs
@@ -259,9 +259,14 @@ impl<'a> CommitteeGenerator<'a> {
                 .eligibles(round)
                 .map(|(p, stake)| (p, stake.clone()));
 
-            Self {
-                members: BTreeMap::from_iter(eligibles),
-            }
+            let members = BTreeMap::from_iter(eligibles);
+
+            debug_assert!(
+                !members.is_empty(),
+                "No provisioners are eligible for the committee"
+            );
+
+            Self { members }
         } else {
             Self { members }
         }

From 455a06fde25623c94c7fb61be3a04c9fa4906bc9 Mon Sep 17 00:00:00 2001
From: Goshawk <goshawk@dusk.network>
Date: Tue, 20 Aug 2024 12:10:43 +0300
Subject: [PATCH 2/3] node: Address audit suggestions

---
 node/src/databroker.rs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/node/src/databroker.rs b/node/src/databroker.rs
index 94b30186b3..79941d5300 100644
--- a/node/src/databroker.rs
+++ b/node/src/databroker.rs
@@ -291,11 +291,25 @@ impl DataBrokerSrv {
                     .header()
                     .height;
 
+                let mut prev_block_hash = m.locator;
+
                 loop {
                     locator += 1;
                     match t.fetch_block_hash_by_height(locator)? {
                         Some(bh) => {
+                            let header =
+                                t.fetch_block_header(&bh)?.ok_or_else(
+                                    || anyhow!("block header not found"),
+                                )?;
+
+                            if header.prev_block_hash != prev_block_hash {
+                                return Err(anyhow::anyhow!(
+                                    "inconsistent chain"
+                                ));
+                            }
+
                             inv.add_block_from_hash(bh);
+                            prev_block_hash = bh;
                         }
                         None => {
                             break;

From d7a26f0842a94608d095dedb0174ad641b6bcde1 Mon Sep 17 00:00:00 2001
From: Goshawk <goshawk@dusk.network>
Date: Tue, 20 Aug 2024 12:10:53 +0300
Subject: [PATCH 3/3] node-data: Address audit suggestions

---
 node-data/src/ledger/attestation.rs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/node-data/src/ledger/attestation.rs b/node-data/src/ledger/attestation.rs
index 32b638c95f..4bca44c7c8 100644
--- a/node-data/src/ledger/attestation.rs
+++ b/node-data/src/ledger/attestation.rs
@@ -34,7 +34,18 @@ impl StepVotes {
     }
 
     pub fn is_empty(&self) -> bool {
-        self.bitset == 0 || self.aggregate_signature.is_zeroed()
+        if self.bitset == 0 {
+            debug_assert!(
+                self.aggregate_signature.is_zeroed(),
+                "inconsistent struct, signature"
+            );
+        }
+
+        if self.aggregate_signature.is_zeroed() {
+            debug_assert_eq!(self.bitset, 0, "inconsistent struct, bitset");
+        }
+
+        self.bitset == 0 && self.aggregate_signature.is_zeroed()
     }
 
     pub fn aggregate_signature(&self) -> &Signature {