Proposal: New security Audit for Anchor Protocol

Thanks alot. ToB are taking their time to get back to me. Suspect that they will be a week or so after they have run the quote past their engineers. We could make 2 separate proposals for two separate audits.

2 Likes

I agree we need two audits. 1 from community-sourced audit 2. standard audit

5 Likes

Looks like the Immunifi bug bounty has been released https://twitter.com/unl1k3ly/status/1465547531853590528

In essence:

  • Anchor Protocol has locked more value than its last audit.

  • Frequent audits are good as the technology environment evolves.

  • The community is happy to pay for another audit (personally I would contribute toward payment for it too via decreased APY or less ANC rewards).

  • The community has also raised the idea of frequent scheduled auditing.

This all should benefit Anchor Protocol over the long term because:

  • it builds continual trust in the technology

  • it aligns the technology with the community

Questions

Have I missed anything vital?

Next steps/timing

It seems we’re aiming for some resolution by the end of last week? Any update on this?

5 Likes

Taking a little longer than expected with Tefi Miami occupying people’s time. Really pushing hard to make sure we have full community support to pass this on a proposal before putting it up. Will report back soon

4 Likes

Thank you nate @bitn8

Minor update here. I know it seems like this keeps dragging out, and believe me it is. Auditors are so backed up, especially in Cosmwasm. It now looks like Jan timeframe and we are trying to get that lined up - locked in.

There was also the recommendation to add ANC to the bonus pot to make it more exciting and incentivized -talking about the possibility to lock that up for a period of time as well.

Once locked in, it is in our best interest to drive community interest from those big brain hackers we have here in the terra ecosystem to participate. The top warden has already made close to 1 mil this year doing this work!

I’ll report back again as soon as I know more.

2 Likes

Does anyone know if the source of the bLuna price oracle issue we had yesterday was due to something Cryptonics have reviewed? Or was it added in or modified after the audit? I think this is an important factor for which. auditing firm Anchor choose to work with in the future.

Hi Everyone:

Long-awaited update: We have been able to lock in two audits: 1. Cryptonics 2. Code4rena.

  1. Cyrptonics

It’s a pretty straightforward standard audit as laid out by @PFC above. It’s lined up and ready to go for $120,000. Ideally starting January 24 with a 6-week timeline.

  1. Code4rena

As requested Code4rena is the other auditor that will be used. As mentioned it is community sourced so we can leverage our Terra community hackers and auditors to get involved and be rewarded which is crucial since they have skin in the game.

Code4rena said the cosmwasm wardens (community sourced auditors) would need to see about $200,000 to make it worthwhile for them to show up. This is partly due to the shortage of cosmwasm auditors.

To increase the warden’s skin in the game, code4rena put forth we pay $60,000 of the balance with locked ANC tokens. This creates more incentive to do thorough auditing because their tokens will be less valuable if a hack happens. This helps mitigate ANC dumping after the audit. We still have to look into the locking mechanism coding and if it will be feasible to unlock every month for 12 months.

Once the current ANC voting min prop reaches quorum this will go live for voting.

6 Likes

Wasn’t the point to avoid using Cryptonics due to their bad reputation

1 Like

The point was to have two audits. A bad reputation is a manner of perception and some in the community don’t think they have a bad reputation and would not vote for solely a community-sourced audit. This adds diversity and all stakeholders win since anchor really needs two audits anyways.

2 Likes

Thanks for the update @bitn8, that’s great news! Is the bounty reevaluation being discussed anywhere? 50k is extremely low IMO.

@Rhumidian: With auditors being heavily backlogged and CosmWasm ones being ever rarer, I think a Cryptonics audit is better than no audit, especially since one is badly overdue. Now that these are in the pipeline, we should start planning ahead for the next audit and try to get it on the books asap as that’ll give us more room to choose the auditor.

Which auditors would you be more comfortable hiring? Certik?

2 Likes

Agree that an audit should be done. I would be happy to move forward with this plan to use cryptonics under the pretext that we have another audit done by another firm in the future again. This would be inline with moving towards a more continuous audit schedule.

I have been in contact with trailofbits for an a comprehensive audit of anchor, however I have yet to get a quote. I believe the soonest this could be completed would be by the end of Q2 2022. I will chase them up and see if they have a quote ready.

2 Likes

Why not use Halborn who have been active on other Terra protocols like Spec and Nexus (i think this is right). Are they any good, any comments?

1 Like

We can do, if you can get a quote from them that would be great.

Did anyone contact CertiK, to see if they could be an option? Are they experienced in Cosmos projects?

@bitn8 I have contacted Trail of Bits. For a comprehensive review of Anchor they are quoting $480k USD (12 Engineering weeks). Could we put this to a proposal?

Code4rena is saying 200k, Oak is saying 120k. Anchor code is not that complex. We can get nearly 3 audits from different companies at that price…

What are your thoughts on the price tag and added benefits?

3 Likes

Good reputation as they have good track record but IMO 3 audits is better than 1 (if we book them all) but realistically we should do them all…

3 Likes

@bitn8 Here is the review, they will review all auxiliary contracts too so it’s more in-depth.

Description of Services
Trail of Bits will provide the following services as requested or as needed by the Customer:
● Security review of the Customer source code through a combination of manual and automated review, with a focus on the token contracts, money-market contracts, bAsset contracts, bEth contracts, and vault contracts. Activities include but are not limited to:
○ Apply a comprehensive suite of tools to automatically uncover bugs
○ Review the architecture of the system for design flaws
○ Perform detailed manual code review
○ Identify security and correctness properties to:
■ Test them using state-of-the-art fuzzers
● Related services as requested by Customer or recommended by Trail of Bits
● Best-effort guidance after the project to address security questions that arise via
email or Slack.

1 Like