diff --git a/docs/bridges/audits.md b/docs/bridges/audits.md index 94c4f482..6f9cd85d 100644 --- a/docs/bridges/audits.md +++ b/docs/bridges/audits.md @@ -1,43 +1,57 @@ --- title: Audits -description: The OmniBridge and xDai Bridge have undergone multiple independent security audits and assessments. +description: The OmniBridge and xDai Bridge have undergone multiple independent security audits and assessments. keywords: [omnibridge audit, xdai bridge audit, security audit] --- The OmniBridge and xDai Bridge have undergone multiple independent security audits and assessments. We have engaged in the auditing process after introducing major functionality, and have acknowledged and/or fixed all issues found during these audits. Audit results are presented starting with the most recent. +## xDAI bridge upgrade Audit by Omega + +**Completed**: August 31, 2023 +**Conclusion**: 0 high severity issue, 2 medium issues, 5 low risk issues, 3 info issues. All issues has been resolved. +**Contracts**: https://github.com/Luigy-Lemon/tokenbridge-contracts/tree/DSR +**Audit Report**: [Omega Gnosis Bridge Final Audit Report](../../static/files/Omega%20-%20Gnosis%20Bridge%20-%20final%20report.pdf) +**Reference**: [Savings xDAI](../bridges/tokenbridge/xdai-bridge.md#savings-xdai) + ## OmniBridge v6.0 Smart Contracts Audit by ChainSecurity -__Completed__: September 7, 2021 -__Conclusion__: 0 Critical Risk Issues, 1 High Risk Issue Mitigated, 1 Medium Issue Mitigated, 2 Corrected, 13 Low Risk Issues all Acknowledged and/or Corrected. -__Contracts__: https://github.com/poanetwork/omnibridge -__Audit Report__: [ChainSecurity v6.0 Audit](/files/ChainSecurity_POA_Network_Omnibridge_Version_6_0_audit.pdf) + +**Completed**: September 7, 2021 +**Conclusion**: 0 Critical Risk Issues, 1 High Risk Issue Mitigated, 1 Medium Issue Mitigated, 2 Corrected, 13 Low Risk Issues all Acknowledged and/or Corrected. +**Contracts**: https://github.com/poanetwork/omnibridge +**Audit Report**: [ChainSecurity v6.0 Audit](/files/ChainSecurity_POA_Network_Omnibridge_Version_6_0_audit.pdf) ## OmniBridge Audit by ChainSecurity -__Completed__: April 27, 2021 -__Conclusion__: 0 Critical or High Risk Issues, 2 Medium Issues Accepted, 3 Low Risk Issues Accepted/Acknowledged -__Contracts__: https://github.com/poanetwork/omnibridge -__Audit Report__: [Chainsecurity OmniBridge Audit](https://chainsecurity.com/security-audit/poa-network-omnibridge/) + +**Completed**: April 27, 2021 +**Conclusion**: 0 Critical or High Risk Issues, 2 Medium Issues Accepted, 3 Low Risk Issues Accepted/Acknowledged +**Contracts**: https://github.com/poanetwork/omnibridge +**Audit Report**: [Chainsecurity OmniBridge Audit](https://chainsecurity.com/security-audit/poa-network-omnibridge/) ## TokenBridge Audit by Quantstamp (covers OmniBridge) -__Completed__: November 6, 2020 -__Conclusion__: No high and medium risk issues found, all low risk issues addressed. -__Contracts__: Revised in version 5.5.0-rc0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/5.5.0-rc0 -__Audit Report__: [TokenBridge Audit by Quantstamp - OmniBridge](https://github.com/omni/tokenbridge/blob/master/audit/quantstamp/POA-Network-TokenBridge-contracts-5.4.1-security-assessment-report.pdf) + +**Completed**: November 6, 2020 +**Conclusion**: No high and medium risk issues found, all low risk issues addressed. +**Contracts**: Revised in version 5.5.0-rc0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/5.5.0-rc0 +**Audit Report**: [TokenBridge Audit by Quantstamp - OmniBridge](https://github.com/omni/tokenbridge/blob/master/audit/quantstamp/POA-Network-TokenBridge-contracts-5.4.1-security-assessment-report.pdf) ## TokenBridge Audit by Quantstamp (covers AMB bridge) -__Completed__: January 8, 2020 -__Conclusion__: : All high risk issues resolved and low risk issues addressed. [More information available in this post](https://forum.poa.network/t/quantstamp-security-audit-for-tokenbridge-contracts-completed/3233). -__Contracts__: Revised in version 3.3.0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/3.3.0 -__Audit Report__: [TokenBridge Audit by Quantstamp - AMB Bridge](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/quantstamp/POA-Network-Token-bridge-security-assessment-report.pdf) + +**Completed**: January 8, 2020 +**Conclusion**: : All high risk issues resolved and low risk issues addressed. [More information available in this post](https://forum.poa.network/t/quantstamp-security-audit-for-tokenbridge-contracts-completed/3233). +**Contracts**: Revised in version 3.3.0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/3.3.0 +**Audit Report**: [TokenBridge Audit by Quantstamp - AMB Bridge](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/quantstamp/POA-Network-Token-bridge-security-assessment-report.pdf) ## Smart Contracts Security Analysis by SmartDec -__Completed__: July 2019 -__Conclusion__: All of the issues were addressed, some of them fixed in the latest version of the code. -__Contracts__: Revised in version 2.3.3 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/2.3.3 -__Audit Report__: [SmartDec Security Audit](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/smartdec/POA-Network-TokenBridge-Contracts-v2-3-2-Security-Assessment.pdf) + +**Completed**: July 2019 +**Conclusion**: All of the issues were addressed, some of them fixed in the latest version of the code. +**Contracts**: Revised in version 2.3.3 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/2.3.3 +**Audit Report**: [SmartDec Security Audit](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/smartdec/POA-Network-TokenBridge-Contracts-v2-3-2-Security-Assessment.pdf) ## Initial TokenBridge Audit by [Peppersec](https://peppersec.com/): -__Completed__: October 2018 -__Conclusion__: Rated the overall security level of the system as “High”. -__Contracts__: Updated to version 2.0.0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/2.0.0 -__Audit Report__: [Peppersec Initial TokenBridge Audit](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/peppersec/POA-Network-Token-bridge-security-assessment-report.pdf) \ No newline at end of file + +**Completed**: October 2018 +**Conclusion**: Rated the overall security level of the system as “High”. +**Contracts**: Updated to version 2.0.0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/2.0.0 +**Audit Report**: [Peppersec Initial TokenBridge Audit](https://github.com/omni/tokenbridge/blob/73d500210546e2959536dc569f1aec5752077225/audit/peppersec/POA-Network-Token-bridge-security-assessment-report.pdf) diff --git a/docs/bridges/hashi/README.md b/docs/bridges/hashi/README.md index 4766de11..63c2484d 100644 --- a/docs/bridges/hashi/README.md +++ b/docs/bridges/hashi/README.md @@ -47,25 +47,25 @@ Threshold in ShoyuBashi is set to 2. Call getThresholdHash(domain, blockNo) in ShoyuBashi. By using domain=5 and blockNo a blockNumber that has been reported by the oracles, you get back the blockHash if at least 2 of the oracles have reported the same hash. -| Contract | Deployed on | Address | -| ---------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -| Hashi | Gnosis Chain | [0xf59aedc291e0aF64943541709cdd041D992b4De4](https://gnosis.blockscout.com/address/0xf59aedc291e0aF64943541709cdd041D992b4De4) | -| ShoyuBashi | Gnosis Chain | [0x31a8E89D6f98454D38C03eCA3DC543F6581d607C](https://gnosisscan.io/address/0x31a8e89d6f98454d38c03eca3dc543f6581d607c) | -| HeaderStorage | Gnosis Chain | [0xB256d8a90852DBb222653ab89b611c2426011C0D](https://gnosisscan.io/address/0xB256d8a90852DBb222653ab89b611c2426011C0D) | -| AMB Header Reporter | Gnosis Chain | [0x5DE3417a21eEd340836C9c1339913b60743b3470](https://gnosisscan.io/address/0x5DE3417a21eEd340836C9c1339913b60743b3470) | -| AMB Adapter | Gnosis Chain | [0x32Cd442309cA6E79Db2194aac61024FBD2B14eb9](https://gnosis.blockscout.com/address/0x32Cd442309cA6E79Db2194aac61024FBD2B14eb9) | -| AMB | Gnosis Chain | [0x9f696CF3c1a0A418cBBFD6E1ab3EBe8A78971Dea](https://gnosisscan.io/address/0x9f696CF3c1a0A418cBBFD6E1ab3EBe8A78971Dea) | -| Telepathy Adapter | Gnosis Chain | [0x2f1E51a2763FB67fe09971Fd8d849716137A3357](https://gnosis.blockscout.com/address/0x2f1E51a2763FB67fe09971Fd8d849716137A3357) | -| Telepathy Light Client | Gnosis Chain | [0x34b5378DE786389a477b40dD710812c250185f83](https://gnosisscan.io/address/0x34b5378DE786389a477b40dD710812c250185f83) | -| Sygma Adapter | Gnosis Chain | [0x9AD7a6f4FDA8247cC0bF5932B68c5b619937dB15](https://gnosisscan.io/address/0x9AD7a6f4FDA8247cC0bF5932B68c5b619937dB15) | -| Sygma | Gnosis Chain | [0xd2d95f7611c83b1f9041539557810033aC7B8742](https://gnosisscan.io/address/0xd2d95f7611c83b1f9041539557810033aC7B8742) | -| Dendreth Adapter | Gnosis Chain | [0x719523EaF5CFd101Ef501C64597613FBB7aEdED9](https://gnosisscan.io/address/0x719523EaF5CFd101Ef501C64597613FBB7aEdED9) | -| Dendreh Light Client | Gnosis Chain | [0x983df74d1ef68b4ff1fff11a28c06e5c097435da](https://gnosisscan.io/address/0x983df74d1ef68b4ff1fff11a28c06e5c097435da) | -| HeaderStorage | Goerli | [0x4cd014ac64aaa899b46bf3a477b68bb67e33edc4](https://goerli.etherscan.io/address/0x4cd014ac64aaa899b46bf3a477b68bb67e33edc4) | -| AMB Header Reporter | Goerli | [0xedc0b1d3de4496e0d917af42f29cb71eb2982319](https://goerli.etherscan.io/address/0xedc0b1d3de4496e0d917af42f29cb71eb2982319) | -| AMB | Goerli | [0x01268DB05965CeAc2a89566c42CD550ED7eE5ECD](https://goerli.etherscan.io/address/0x01268DB05965CeAc2a89566c42CD550ED7eE5ECD) | -| Sygma Header Reporter | Goerli | [0x2f96d347c932ac73b56e9352ecc0707e25173d88](https://goerli.etherscan.io/address/0x2f96d347c932ac73b56e9352ecc0707e25173d88) | -| Sygma | Goerli | [0x5cEA5130c49dCd262B9482E0A76eCE8b23Ae45Df](https://goerli.etherscan.io/address/0x5cEA5130c49dCd262B9482E0A76eCE8b23Ae45Df) | +| Contract | Deployed on | Address | +| ---------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------- | +| Hashi | Gnosis Chain | [0xf59aedc291e0aF64943541709cdd041D992b4De4](https://gnosisscan.io/address/0xf59aedc291e0aF64943541709cdd041D992b4De4) | +| ShoyuBashi | Gnosis Chain | [0x31a8E89D6f98454D38C03eCA3DC543F6581d607C](https://gnosisscan.io/address/0x31a8e89d6f98454d38c03eca3dc543f6581d607c) | +| HeaderStorage | Gnosis Chain | [0xB256d8a90852DBb222653ab89b611c2426011C0D](https://gnosisscan.io/address/0xB256d8a90852DBb222653ab89b611c2426011C0D) | +| AMB Header Reporter | Gnosis Chain | [0x5DE3417a21eEd340836C9c1339913b60743b3470](https://gnosisscan.io/address/0x5DE3417a21eEd340836C9c1339913b60743b3470) | +| AMB Adapter | Gnosis Chain | [0x32Cd442309cA6E79Db2194aac61024FBD2B14eb9](https://gnosisscan.io/address/0x32Cd442309cA6E79Db2194aac61024FBD2B14eb9) | +| AMB | Gnosis Chain | [0x9f696CF3c1a0A418cBBFD6E1ab3EBe8A78971Dea](https://gnosisscan.io/address/0x9f696CF3c1a0A418cBBFD6E1ab3EBe8A78971Dea) | +| Telepathy Adapter | Gnosis Chain | [0x2f1E51a2763FB67fe09971Fd8d849716137A3357](https://gnosisscan.io/address/0x2f1E51a2763FB67fe09971Fd8d849716137A3357) | +| Telepathy Light Client | Gnosis Chain | [0x34b5378DE786389a477b40dD710812c250185f83](https://gnosisscan.io/address/0x34b5378DE786389a477b40dD710812c250185f83) | +| Sygma Adapter | Gnosis Chain | [0x9AD7a6f4FDA8247cC0bF5932B68c5b619937dB15](https://gnosisscan.io/address/0x9AD7a6f4FDA8247cC0bF5932B68c5b619937dB15) | +| Sygma | Gnosis Chain | [0xd2d95f7611c83b1f9041539557810033aC7B8742](https://gnosisscan.io/address/0xd2d95f7611c83b1f9041539557810033aC7B8742) | +| Dendreth Adapter | Gnosis Chain | [0x719523EaF5CFd101Ef501C64597613FBB7aEdED9](https://gnosisscan.io/address/0x719523EaF5CFd101Ef501C64597613FBB7aEdED9) | +| Dendreh Light Client | Gnosis Chain | [0x983df74d1ef68b4ff1fff11a28c06e5c097435da](https://gnosisscan.io/address/0x983df74d1ef68b4ff1fff11a28c06e5c097435da) | +| HeaderStorage | Goerli | [0x4cd014ac64aaa899b46bf3a477b68bb67e33edc4](https://goerli.etherscan.io/address/0x4cd014ac64aaa899b46bf3a477b68bb67e33edc4) | +| AMB Header Reporter | Goerli | [0xedc0b1d3de4496e0d917af42f29cb71eb2982319](https://goerli.etherscan.io/address/0xedc0b1d3de4496e0d917af42f29cb71eb2982319) | +| AMB | Goerli | [0x01268DB05965CeAc2a89566c42CD550ED7eE5ECD](https://goerli.etherscan.io/address/0x01268DB05965CeAc2a89566c42CD550ED7eE5ECD) | +| Sygma Header Reporter | Goerli | [0x2f96d347c932ac73b56e9352ecc0707e25173d88](https://goerli.etherscan.io/address/0x2f96d347c932ac73b56e9352ecc0707e25173d88) | +| Sygma | Goerli | [0x5cEA5130c49dCd262B9482E0A76eCE8b23Ae45Df](https://goerli.etherscan.io/address/0x5cEA5130c49dCd262B9482E0A76eCE8b23Ae45Df) | ### Goerli -> Chiado diff --git a/static/files/Omega - Gnosis Bridge - final report.pdf b/static/files/Omega - Gnosis Bridge - final report.pdf new file mode 100644 index 00000000..08da49f0 Binary files /dev/null and b/static/files/Omega - Gnosis Bridge - final report.pdf differ