View All Medium Spender

Security Audit of trustless Ethereum 2.0 Light Client, developed as a Substrate Pallet

inMedium Spender
2 years ago
Rejected

t3rn has developed a trustless Ethereum 2.0 light client as a Substrate Pallet, compatible with all Dotsama Parachains, for the benefit of the Polkadot Ecosystem. t3rn’s parachain will have the Ethereum 2.0 light client pallet installed on Polkadot and will be available via an accessible API; our portal precompile interface simplifies integration with smart contracts, enhancing process automation.

The clients standard pallet interface streamlines blockchain interactions, reducing technical difficulties and boosting efficiency. Lastly, through the use of the t3rn protocol, we facilitate secure and convenient cross-chain transfers and swaps, broadening the reach of blockchain operations.

Having developed the pallet, we are seeking support in covering the auditing costs, ensuring utmost security, before pushing our product to market.

Please view the full proposal here

Comments (6)

2 years ago

Is ze code open source? If so can share link pls

2 years ago

@33eab44f3a7645faa6d88154c

The private repo has been made accessible to the auditors cited in the proposal and we are more than happy to have then confirm this.

However, we don't believe it makes sense to open source the project prior to auditing. Other than that, the pallet is deployed to Rococo and there are screenshots of the working code in the proposal itself.

Happy to answer any other questions you may have

profile
0xtaylor
2 years ago

I would be curious to see the maturity of the code to better understand if it is ready for a security audit. Does the code have the following characteristics:

  • Commented code
  • Are all TODO's/FIXME's removed
  • Is there supporting documentation
  • Are functions named coherently
  • Do you have a full test suite including fuzz tests

Also, have you considered running this through the Polkadot Assurance Legion?

2 years ago

@0xtaylor

thanks for the heads up, happy to get connected with Polkadot Assurance Legion, you can reach me on Telegram if you would like to discuss further

The most important parts of eth2 light client are all unit tested with >80% coverage of the codebase, and the status quo as outlined in a proposal:

  • continue unit + functional testing and increase test coverage.
  • code + docs will be open sourced and published alongside with the security audits results. It's safe to assume more bugs will come out during the following QA + audit phases
PleaseLogin to comment

Requested

DOT
97.00K DOT

Proposal Failed

Summary

0%

Aye

AyeNay

0%

Nay

Aye (16)0.0 DOT

Support0.0 DOT

Nay (128)0.0 DOT