Aura Finance
Search…
Security
Smart contract security is a top priority for those working on Aura Finance. All reasonable precautions must be taken to ensure the protocol is safe to use. Below is a list of some of the things we believe make smart contract systems secure.

Internal processes

Codebase

Some practices employed on Aura Finance smart contract repositories:
  • protected master branch with mandatory peer reviews and passing CI (including linting, compiling, and testing)
  • >98% code coverage (using coveralls) and comprehensive integration tests
  • Strict linting rules
  • Code commented using the Natspec standard

Fork testing

Fork testing is helps simulate contract deployments and functionality in a live environment, accounting for external dependencies. Aura comprehensively tests deployments using fork tests.

Internal auditing

Developers know their code best, and dedicated time has been taken to manually review all code in the system.
​

Audits

Audit 1 - Peckshield (4-18th Apr 2022)

PeckShield-Audit-Report-AuraFinance-v1.0.pdf
389KB
PDF

Audit 2 - Code4rena (11-25th May 2022)

A $150k, 2 week long audit competition ran on https://code4rena.com/ allowed anyone with knowledge of the system, or just general bug hunters, a chance to come and contribute to the security of the Aura system before launch.
Code4rena-Audit-Report-AuraFinance-v1.0.pdf
802KB
PDF

Audit 3 - Halborn (12th May - 23rd June 2022)

A 6 week audit has been performed by Halborn Security (https://twitter.com/HalbornSecurity).
Halborn-Audit-Report-AuraFinance-v1.0.pdf
3MB
PDF

Bug bounties

External bug bounties are essential for projects. Aura will increase its bounty as more resources become available.
https://immunefi.com/bounty/aurafinance
immunefi.com

Contact

If you have any feedback or concerns, reach out to [email protected] or to an admin on Discord
​
Last modified 1mo ago
Copy link
On this page
Internal processes
Audits
Bug bounties
Contact