Aura Finance
English
English
  • 🙌Welcome
  • 📖Aura
    • What is Aura?
      • For Liquidity Providers
      • For $BAL Stakers
      • For $AURA Lockers
      • Fees
    • Governance
      • Multisig Composition
      • Multisig Rights
      • Gauge Voting
    • Security
      • Risks
    • $AURA
      • Distribution
        • Allocation Scaling Process
      • Vote Locking
  • 🛠️DEVELOPERS
    • Aura Subgraphs
    • Deployed Addresses
      • Canonical Deployment Addresses
      • Sidechain Deployment Addresses
    • Solidity API
      • AuraBalVault - Compounder
      • Sidechain Contracts
    • Building on Aura
    • Brand Guidelines
    • How To ___
      • See reward tokens / yield on Aura Pools
      • Calculate APRs from Aura pool yield
      • Calculate pool boost
      • Calculate projected APRs
      • Get Balancer LP price
      • Add extra incentives to Aura pools
    • Frequently Asked Questions
  • 🔗Links
    • Twitter
    • Discord
    • Forum
    • Github
    • Aura Finance
    • Terms and Conditions
Powered by GitBook
On this page
  • Chainalysis's Proactive Incident Response
  • Audits
  • Bug bounties
  • Internal processes
  • Contact
  1. Aura

Security

PreviousGauge VotingNextRisks

Last updated 11 months ago

Smart contract security is a top priority for those working on Aura Finance. All reasonable precautions must be taken to ensure the protocol is safe to use. Below is a list of some of the things we believe make smart contract systems secure.

Chainalysis's Proactive Incident Response

Aura has partnered up with to adopt anfor the protocol. The IRP adds an extra layer of security on top of well-developed code and audits, Aura will be able to deter hackers and have an asset recovery plan in potential events.

Audits

Audit 1 - Peckshield (4-18th Apr 2022)

Audit 2 - Code4rena (11-25th May 2022)

A $150k, 2 week long audit competition ran on allowed anyone with knowledge of the system, or just general bug hunters, a chance to come and contribute to the security of the Aura system before launch.

Audit 3 - Halborn (12th May - 23rd June 2022)

Audit 4 - Halborn (6th March - 20th March 2023)

Audit 5 - Halborn (09th May - 06th June 2023)

A 4 week audit has been performed by Halborn Security to audit Sidechain contracts and Convex Platform lite version contracts

Audit 6 - Zellic (28th May - 06th June 2023)

A 8 days audit has been performed by Zellic Inc to audit Sidechain contracts and Convex Platform lite version contracts

Bug bounties

External bug bounties are essential for projects. Aura has placed a $1m critical bug bounty payout on Immunefi.

Internal processes

Codebase

Some practices employed on Aura Finance smart contract repositories:

  • protected master branch with mandatory peer reviews and passing CI (including linting, compiling, and testing)

  • >98% code coverage (using coveralls) and comprehensive integration tests

  • Strict linting rules

  • Code commented using the Natspec standard

Fork testing

Fork testing is helps simulate contract deployments and functionality in a live environment, accounting for external dependencies. Aura comprehensively tests deployments using fork tests.

Internal auditing

Developers know their code best, and dedicated time has been taken to manually review all code in the system.

Contact

If you have any feedback or concerns, reach out to security@aura.finance or to an admin on Discord

A 6 week audit has been performed by Halborn Security ().

A 2 week audit has been performed by Halborn Security to audit AuraBal Compounder contracts ().

().

().

📖
https://twitter.com/HalbornSecurity
https://twitter.com/HalbornSecurity
https://twitter.com/HalbornSecurity
https://twitter.com/zellic_io
@chainalysis
Incident Response Plan
https://code4rena.com/
https://immunefi.com/bounty/aurafinanceimmunefi.com
389KB
PeckShield-Audit-Report-AuraFinance-v1.0.pdf
pdf
802KB
Code4rena-Audit-Report-AuraFinance-v1.0.pdf
pdf
3MB
Halborn-Audit-Report-AuraFinance-v1.0.pdf
pdf
5MB
halborn_aurabal_vault_audit_report.pdf
pdf
1MB
halborn_sidechain_audit_report.pdf
pdf
2MB
zellic_sidechain_audit_report.pdf
pdf