Proposal: New security Audit for Anchor Protocol

Background
As of current, the Anchor protocol has only received two audits early in this year from Cryptonics. Cryptonics have a poor reputation in the security audit space, most notably auditing pNetwork who lost $12.7m USD of BTC in September. As Anchor is nearing $4bn TVL, it is important to test the robustness of Anchors Rust contract, and additionally, provide assurance to the community that funds are safe in Anchors contracts from attack.

Having up to date audits of the Anchor protocol will ensure the long term health of the platform, and build a stronger image that Anchor is a safe haven for long term UST savings. It is not acceptable that so few audits have been performed on the protocol.

Proposal
I propose that the Anchor protocol pays for 2 additional smart contract audits from reputable auditors such as CertiK or immunebytes to provide additional verification of the security of existing contracts. This will assure the community that the Anchor protocol is robust and protected against attacks and that the security of locked funds is upheld. Ideally, Anchor should also consider a continuous auditing schedule and agreement.

17 Likes

I agree with the need for a second audit, by a third party.

What is your criteria for choosing Certik or Immunebytes? What is the upper limit on costs?

Recurring audits without significant code change can get expensive, quickly.

6 Likes

Criteria is an auditor who haven’t been REKT in the past, and have a long track record of audits on Rust.

I agree with the expense, perhaps they don’t need to be reoccurring. However, I believe Anchor is in desperate need of another Audit. There is a lot of TVL.

6 Likes

This is something that I’ve been worried about as well mainly the fact that security solutions haven’t scaled with total TLV and the entire ecosystem.

It’d be great to hear your rationale behind selecting these organizations to do the work. Ideally I’d like it to be put together in the community via a DAO which is something I’m working on now.

Totally agree with this proposal. I’m a noob to all this so I’m curious about how cost gets covered.

1 Like

Creame fiance just got hacked for over $130M. I think the community should definitely pay for another smart contract audit, if anything serious is found, it’s cents on the dollar for us!

5 Likes

yep, seems like great use of community fund

1 Like

Agree. We need to get past the one and done mindset or even calendar marked tasks mindset, and move towards auditing as a continual service that constantly monitors things like Immunefi that can scale continual auditing with TLV. This ensures an added layer of security as continual audits have a dynamic response to real-time protocol usage changes and attack vectors. It also creates a deeper knowledge of the codebase to better sense attacks signals.

3 Likes

As a user with a lot of value put into Anchor contracts I would really like an audit as the proposal suggest.

Im with Traderblake and all the others on this one. An audit would really be great at this point

1 Like

Pinging this @ryanology045 . How do we move this proposal forward?

Apologies…
this one fell through the cracks.
I was in contact with cryptonics, and they quoted ~120k for a re-audit on the codebase

GitHub - Anchor-Protocol/anchor-token-contracts: Smart contracts powering Anchor Protocol on Terra branch main commit cac5a72439190572a65f59cf7ea82997c72cec46
GitHub - Anchor-Protocol/money-market-contracts branch main commit 5d941654f97220a42d2ce4bf9cf6749dce53c99e
GitHub - Anchor-Protocol/anchor-bAsset-contracts: Smart contracts powering Anchor Protocol on Terra branch main commit 486f1cd495325798f884e19880180a62566b5e48
GitHub - Anchor-Protocol/anchor-bEth-contracts: Smart contracts for bEth on Anchor Protocol branch main commit b5ffd33c757e74e2aeb507c29fbbc1f3a26beba0
https://github.com/Anchor-Protocol/anchor-vault-contracts branch feat/bluna_anc_vault commit 4850957223671737637f956562872d058775ab1e

if people are happy with this, we can put it up for a governance vote for ANC to pay for this service from their reserve pool.

they expect the audit will take 6 weeks, and will probably start mid-feb. (every crypto audit firm is swamped)

2 Likes

The idea of this was to use a better auditor than Cryptonics. They have already audited Anchor, and have been rekt in the past (PNetwork). Are there other (better) auditors we can use?

1 Like

feel free to find one, and get an alternative.
I do not work for cryptonics. I just asked them as they did the initial one.

I completely agree.

When you like to get a 2nd opinion you do not go to the same doctor, and deff not a doctor with a bad rep.

I just want to put some perspective here, Cryptonics (Oak Security) is one of the best when it comes cosmwasm. We need to understand that Rust and cosmwasm is vastly different from solidity.

Also perfect track record auditors to my knowledge don’t exist for cosmwasm/rust. So do we really want the 1-2 solidity auditors with a perfect track record who lack specialized rust/cosmwasm code base knowledge needed ? Also, I would prefer a company that has even more intimate knowledge of our code base because they have done it before.

That said, here would be the other recommendation for a cosmwasm auditor. I will see if they are even available and if so get a quote: https://code423n4.com/

If I don’t hear back soon, I suggest we move forward with what @PFC put forward.

1 Like

we probably need to decide this in short order… as we are holding the slot with them (not sure for how long), and it is already on the critical path for our 1.1 release.

Cryptonics is sketch af though. Their website is dodgy, it seems to be run by just 2 Spanish guys out of their homes. I don’t trust them, particularly with this much capital at risk. ToB have a slot in April 2022 but I suspect this is too late…

This isn’t the first audit, and won’t be the last.
If ANC tokenholders decide ToB going forward, that’s great.
I’m just not sure how governance feature allows ‘A vs B’ style voting ;-(

this is good. let’s book.