Slowmist & CertiK has completed the Bifrost code audit
Decentralized Finance, abbreviated as DeFi, is a series of financial applications developed based on a decentralized platform. Openness and inclusiveness are their two significant characteristics. Unlike traditional centralized applications or institutions, DeFi code is neutral and open source, built on an open underlying blockchain. Its customizability makes it fully compatible with other DeFi applications in the ecosystem. 2021 is a year of explosive growth for DeFi. Multiple DeFi projects have emerged; thus, the value of assets locked in DeFi has also rapidly expanded. However, the rapid development of DeFi has also exposed many challenges, including code vulnerabilities, portfolio risks, and asset security.
According to Slow Mist Hacked, as of December 29, 2021, there have been 594 hacked incidents with a total hacked loss of $23,829,789,641. Security is undoubtedly the priority for any DeFi project. As the base protocol for the Polkadot Eco DeFi, Bifrost bid for one of the first Kusama slots in July this year. In September, it also launched SALP service to support Kusama & Polkadot parachain slot liquidity release. The current cumulative TVL has reached $181,221,222.
Since Substrate is a forkless iterative blockchain framework, auditing is a continuous iterative process for Bifrost built on top of Substrate. Given the innovative and complex nature of the DeFi application, continuous auditing is necessary to ensure that the product’s security is at a high level under fast read iterations. Bifrost’s audit work is currently divided into internal and external, with internal audits conducted by teams and joint cross-team reviews.
In the case of Zenlink, a Bifrost Derivatives Liquidity partner, Bifrost conducts a cross-team code review with both teams to ensure there are no issues with code integration and business logic details a rigorous internal audit process fixes most security issues. This is followed by an external audit with a third-party auditor to address risk points running through the audit use cases.
As the underlying asset protocol of DeFi LEGO, Bifrost attaches great importance to security. In addition to a strict audit process, we have made corresponding plans for possible risks. For example, to cooperate with emergency security event scheduling, the Bifrost network has reserved the function of emergency pause opened/closed through the Technical Committee Governance. It can be used as a fast and effective intervention in case of malicious events through Governance for effective proactive intervention to reduce or even recover the loss caused by security events.
The design and development are based on the principle of decentralization as much as possible, reducing the invocation of centralized components. Bifrost was one of the first parachains to go live, adding a lot of extra work to achieve SALP decentralization before the XCM functionality was perfect. Still, these efforts have established a solid, reliable, and secure impression for Bifrost, providing security for assets.
Today, Bifrost is pleased to announce that it has entered into a partnership with two professional blockchain auditors, SlowMist and CertiK, who have completed a full audit of Bifrost and a partial audit of Pallet, respectively. The security audits will continue as the Bifrost parallel chain protocol improves.
SlowMist is a company focused on blockchain ecological security. It was founded in January 2018. It was founded by a team with more than ten years of front-line network security attack-defense experiences, and the team members have created the security project with world-class influence. SlowMist Technology is a leading international blockchain security company, serving many global high-profile projects primarily through “a security solution that has integrated threat detection and localized threat protection,” there are thousands of commercial customers, with customers spread across more than a dozen major countries and regions.
CertiK was established in 2018 by Yale University, the chair of the Yale Department of Computer Science and Columbia University professors. CertiK takes the mission of guarding the encrypted world, starting from the blockchain field, step by step to extend the cutting-edge innovative technology of academia to the industry. Therefore, the enterprise mission-critical software and applications can be built in a sufficiently safe and correct environment.
As a pioneer in blockchain security, CertiK leverages the most advanced formal verification technology and AI auditing technology available to scan and monitor the security of blockchain protocols and smart contracts. It also continues to launch SaaS products represented by Skynet to provide the highest security solutions for enterprises and users in the crypto world. CertiK has provided blockchain security services to over 1,800 enterprise customers, uncovered over 31,000 code vulnerabilities, and secured over $300 billion in digital assets.