Why we decided to work with PNM for our bug hunting and auditing
Security on-chain is an evolving arena
Crypto is a dynamic builder environment, with projects often building on top of protocols that are undergoing fast-paced iterations themselves.
This is why we are excited to announce our collaboration with PNM for our bug hunting and smart contract audits. PNM reimagines the milestone-driven and static security audit process with a seamless, continuous searching and simulation process.
What is PNM?
PNM is a white hat hacker DAO developed collectively to automate bug-hunting into development processes. Through this integration, the engine will autonomously run through your codebase and dependencies. The engine uses simulation to intelligently search for ways to break any business or code logic.
How does PNM work?
How does PNM offer real-time feedback on dynamic code bases? PNM is able to:
- Simulate multi-smart contract interactions
In crypto and general open-source environments, products and protocols are often built with dependencies on other projects.
PNM will ensure that should any protocol within the technology stack be changed, all dependencies are running as they were prior to the update.
- Handle multiple logic conditions
PNM offers easy unit tests for economic logic and procedural logic, allowing developers to easily define code and business logic that needs to be enforced.
- Run context-aware smart simulation searches
PNM runs context-aware smart simulation searches through millions of input sequences, and does so intelligently, making it cost-effective and highly proficient in identifying bugs.
Why is this important?
Generally in the crypto space, protocols and dApps undergo security audits at different milestones of development.
What is a security audit? Security audits are a process by which audit firms help to ensure the security of smart contracts and other software logic by reviewing code for best practices and common vulnerabilities. They are often called upon to provide their expertise when a bug is found, and they may also offer bug bounties to encourage others to help find potential issues. DeFi projects often publish the results of audits to increase transparency and build trust in the system.
This unfortunately is a process from web2 that does not match the speed of development and number of cutting-edge dependencies native to crypto.
PNM removes the milestone-driven testing, instead incorporating a continuous testing process that takes into account the consistently shifting code bases and dependencies across them. This means bugs are found and fixed immediately, as compared to only when security audits are conducted, hence a more safe and more secure environment for customers and end users.
What is Dezy?
Dezy makes DeFi accessible for anyone, regardless of crypto savviness to use so they can yield more on their on-chain assets.