Date: 2026-03-01
Branch: chore/review_audit (based on feat/python3.14-compat)
Scope: Architecture, bugs/reliability, security, developer experience
- File:
packages/valory/connections/abci/connection.py:715 - Resolution: Changed
response.list_snapshotstoresponse.offer_snapshot. Copy-paste error fromListSnapshotshandler above.
- File:
packages/valory/connections/abci/connection.py:250-258 - Resolution: Already fixed in
b70663046.read_until()now raisesEOFErrorwhen the connection is closed mid-read.
- Files:
deployments/Dockerfiles/tendermint/app.py:160,autonomy/deploy/generators/localhost/tendermint/app.py:179,packages/valory/agents/register_reset/tests/helpers/slow_tendermint_server/app.py:99 - Impact:
onerror=parameter was deprecated in 3.12 in favor ofonexc=. Still functional on Python 3.14. Low urgency — can migrate whenonerror=is actually removed.
- File:
packages/valory/connections/abci/connection.py:1045 - Resolution: Added
await writer.drain()afterwriter.write(data)to apply back-pressure.
- Files: All Dockerfiles under
deployments/Dockerfiles/andautonomy/data/Dockerfiles/ - Assessment: By design for the current deployment model. Agents need to install packages and manage Tendermint. Containers run on operator-controlled infrastructure, not as multi-tenant services.
- Files:
deployments/Dockerfiles/tendermint/app.py,autonomy/deploy/generators/localhost/tendermint/app.py - Assessment: The server is internal to the Docker network (Docker Compose) or localhost. Only reachable by other containers on the same network. Access to the Docker network already implies full access.
- Files:
packages/valory/connections/abci/connection.py:1041-1334,deployments/Dockerfiles/tendermint/tendermint.py,autonomy/deploy/generators/localhost/tendermint/tendermint.py,packages/valory/agents/register_reset/tests/helpers/slow_tendermint_server/tendermint.py - Resolution: All 4 copies now have safety fixes applied. Group 1 (connection.py + Docker copy) is enforced identical by
test_deployment_class_identical. Group 2 (localhost + slow_tendermint_server) has intentional architectural differences but all safety backports applied. SeeTENDERMINT_NODE_SYNC.md.
- Files: All 4 TendermintNode copies (see H3)
- Assessment: The
_stoppingflag is a plain bool without synchronization. However, simple attribute reads/writes are GIL-atomic in CPython. The TOCTOU onself._process is not Noneis swallowed byexcept Exception. Code smell but not a practical bug under CPython.
- Files:
autonomy/deploy/generators/localhost/base.py:120,autonomy/deploy/generators/docker_compose/base.py:519-520 - Impact: Key files written with default 0o644 (world-readable). No
os.chmod(path, 0o600)applied. On shared systems, any local user can read agent private keys. Valid hardening but low urgency — build directories are typically in temp dirs or project-local dirs.
- Files:
autonomy/deploy/image.py:111,autonomy/data/Dockerfiles/agent/Dockerfile:10 - Assessment: This is a Docker build arg supplied by the operator building their own image — same trust model as writing a Dockerfile
RUNdirective. The operator controls the input.
- Files:
connection.py:1145,deployments/.../tendermint.py:139,localhost/.../tendermint.py:137,slow_tendermint_server/tendermint.py:136 - Resolution: All 4 files now use
start_new_session=True.
- Files:
deployments/Dockerfiles/tendermint/app.py:268-292,autonomy/deploy/generators/localhost/tendermint/app.py:295-337 - Assessment: The callers (ABCI connection) check the JSON body (
"status"field), not the HTTP status code. Changing to 500 would break existing callers without benefit.
- File:
packages/valory/skills/abstract_round_abci/base.py - Assessment: Architecture concern. Refactoring would be a major effort with high risk of breaking downstream packages. Not actionable now.
- File:
packages/valory/skills/abstract_round_abci/base.py:63 - Assessment: Valid coupling concern but the import is declared in
skill.yamland works correctly. Moving the constant would change package hashes for no functional benefit.
- File:
packages/valory/connections/abci/connection.py:261-775 - Assessment: Boilerplate but explicit. A dispatch table would reduce lines but risk breaking the protobuf/gRPC contract and make handler-specific logic (e.g. C1 fix) harder to trace.
- File:
packages/valory/skills/abstract_round_abci/base.py:2042-2247 - Assessment: By design. The metaclass injects background rounds on first concrete
AbciApp. Import order is deterministic in production. Worth documenting but not a bug.
- Files:
autonomy/deploy/base.py,autonomy/deploy/build.py, test files - Resolution: Renamed to
deployment_typeacross all references. Not a true public API — only set internally inbuild.pyand tests.
- Files:
autonomy/configurations/base.py:55,autonomy/configurations/loader.py:39,autonomy/deploy/base.py:88 - Assessment: Duplication concern. Consolidation risks import cycles between configuration and deploy modules. Low priority.
- Files:
autonomy/deploy/generators/localhost/tendermint/app.py:354-357,deployments/Dockerfiles/tendermint/app.py:333-336 - Assessment: The TendermintNode lives as a closure variable referenced by route handlers — it won't be GC'd. Flask doesn't have a clean shutdown lifecycle; the process exits when the container stops.
- Files:
plugins/aea-test-autonomy/aea_test_autonomy/docker/base.py:97,fixture_helpers.py(15+ instances) - Assessment: Test infrastructure only. Pytest processes exit after each suite, closing all connections. Low priority.
- File:
packages/valory/connections/abci/connection.py:844 - Assessment: The task runs
_start_server()which awaits the gRPC server.disconnect()stops the server, which completes the task. Not ideal but functional.
- File:
tox.ini:546 - Assessment: Documentation gap. Each suppression should have a comment explaining why the CVE is safe to ignore.
- Files:
deployments/Dockerfiles/autonomy/Dockerfile:10,autonomy-user/Dockerfile:21,tendermint/install.sh - Assessment: Standard Docker practice. Images are built in CI from pinned URLs. Adding checksums would be good hardening but low urgency.
- File:
deployments/Dockerfiles/hardhat/Dockerfile:1 - Assessment: Only used for Hardhat (Ethereum dev tooling for testing). Not in production images. Low priority.
- File:
Makefile:161-163 - Resolution: Fixed
! -zto-zso the check correctly exits when svn is NOT found.
- File:
autonomy/cli/analyse.py:232-237 - Resolution: Removed contradictory
type=str. The option is a boolean flag.
- File:
autonomy/cli/analyse.py:446,451 - Resolution: Fixed double "of of" to "of".
- File:
.github/workflows/main_workflow.yml(multiple lines) - Resolution: Updated all actions to current stable versions:
checkout@v4,setup-python@v5,setup-go@v5,codecov-action@v4.
- File:
plugins/aea-test-autonomy/aea_test_autonomy/fixture_helpers.py:97,383 - Resolution: Fixed copy-paste docstrings to say "Tendermint" and "ACN node" respectively.
- File:
setup.py:58 - Assessment: Intentional — the CLI uses pytest for
aea test. Moving it to extras would break the test command.
- File:
tox.ini - Assessment: Refactoring concern. Not a bug.
- Files:
Pipfile:42,tox.ini:52 - Assessment: Dev dependency only (Pipfile). Not in production deps. Low priority.
- Files:
Pipfile:38,tox.ini:49 - Assessment: Dev dependency. Upgrading risks test breakage from new strategies. Low priority.
- File:
autonomy/cli/analyse.py:60 - Assessment: Needs investigation into which warnings it suppresses before narrowing. Low priority.
- Files:
autonomy/cli/scaffold_fsm.py:91,autonomy/cli/deploy.py:491,autonomy/cli/hash.py:52 - Assessment: Nice-to-have. The runtime warnings are already in place.
- File:
plugins/aea-test-autonomy/aea_test_autonomy/fixture_helpers.py:241 - Assessment: Dead code. Can be removed but may require checking downstream consumers.
- Files:
pyproject.toml,setup.py,tox.ini,Pipfile - Resolution: Aligned
typing_extensionsupper bound to<=4.15.0andjsonschemarange to>=4.3.0,<4.24.0inpyproject.tomlto match all other spec files.
- File:
packages/valory/skills/abstract_round_abci/behaviour_utils.py:566 - Assessment: Intentional design choice for diamond inheritance. Documented with pylint disable. Changing risks breaking all downstream skills.
- File:
Makefile:171 - Assessment: Expands to empty string, causing
pipenv --pythonto error but pipenv falls back to default resolution. Existing behavior, low priority.
- File:
.github/workflows/main_workflow.yml - Assessment: CI config concern. Should be parallelized in a separate CI-focused PR.
- File:
autonomy/cli/helpers/analyse.py:256-257 - Resolution: Changed to safe indexing with
str(e)fallback for empty args.
- File:
autonomy/cli/utils/click_utils.py:20 - Resolution: Fixed to "Useful".
- Assessment: Upstream dependency. Migration to CometBFT is a major effort beyond the scope of this audit.
| # | Fix | Status |
|---|---|---|
| C1 | Change response.list_snapshots to response.offer_snapshot |
Done |
| C3 | Migrate onerror= to onexc= (3 files) |
Deferred — onerror still works on 3.14 |
| H7 | Replace preexec_fn=os.setsid with start_new_session=True (4 files) |
Already done (prior work) |
| H8 | Return HTTP 500 on error in Flask endpoints | Not applicable — callers check JSON body |
| L1 | Fix inverted svn check in Makefile | Done |
| L2 | Remove type=str from --fsm flag option |
Done |
| L3 | Fix "of of" typo | Done |
| L5 | Fix copy-paste docstrings | Done |
| L10 | Narrow filterwarnings to specific warnings |
Deferred — needs investigation |
| L12 | Remove dead ganache_scope_function |
Deferred — needs downstream check |
| L17 | Fix unsafe e.args destructuring |
Done |
| L18 | Fix "Usefule" typo | Done |
| M5 | Rename deplopyment_type to deployment_type |
Done |