Security
Last updated
Last updated
Smart contract security is a top priority for those working on Aura Finance. All reasonable precautions must be taken to ensure the protocol is safe to use. Below is a list of some of the things we believe make smart contract systems secure.
Aura has partnered up with to adopt anfor the protocol. The IRP adds an extra layer of security on top of well-developed code and audits, Aura will be able to deter hackers and have an asset recovery plan in potential events.
A $150k, 2 week long audit competition ran on allowed anyone with knowledge of the system, or just general bug hunters, a chance to come and contribute to the security of the Aura system before launch.
A 4 week audit has been performed by Halborn Security to audit Sidechain contracts and Convex Platform lite version contracts
A 8 days audit has been performed by Zellic Inc to audit Sidechain contracts and Convex Platform lite version contracts
External bug bounties are essential for projects. Aura has placed a $1m critical bug bounty payout on Immunefi.
Some practices employed on Aura Finance smart contract repositories:
protected master branch with mandatory peer reviews and passing CI (including linting, compiling, and testing)
>98% code coverage (using coveralls) and comprehensive integration tests
Strict linting rules
Code commented using the Natspec standard
Fork testing is helps simulate contract deployments and functionality in a live environment, accounting for external dependencies. Aura comprehensively tests deployments using fork tests.
Developers know their code best, and dedicated time has been taken to manually review all code in the system.
If you have any feedback or concerns, reach out to security@aura.finance or to an admin on Discord
A 6 week audit has been performed by Halborn Security ().
A 2 week audit has been performed by Halborn Security to audit AuraBal Compounder contracts ().
().
().