>Hello World! Source code is open. Bug bounty and audits.
Hi there, gearpersons! This article will be short and on-point. First of all, Gearbox is now official a DAO: the protocol control has been given to the community + community-enacted multisig. Now let’s get to business!
Source code is open + verified on Etherscan
First of all, 10 months of daily work are now open-source. Gearbox Protocol is also deployed on Kovan network, for testing your integrations you can use of following deployments — see the info here.
If you want to know a story about how it all started, see Mikael’s thread:
The dApp (interface) is not yet open-source. It does not mean the protocol access if gated or anything is siloed. It’s just to avoid lousy forks at the start. It should be shipped open-source within the next few months as well. Moreover, the DAO should take as its mission to decentralize the UI & perhaps even incentivize building of new UIs. However, since the App logic is not as simple, it might not be realistic to create many different versions.
Audits
- Consensys Diligence Fuzzing (04/10/2021- 13/12/2021): report
- ChainSecurity (31/08/2021–13/12/2021): report
- MixBytes (06/07/2021–22/12/2021): report
- Peckshield (22/07/2021–10/08/2021): report
- Peckshield (09/04/2021–03/05/2021): report
Keep in mind that no number of audits can ever guarantee full safety. There are always high risks involved in DeFi, as many platforms are composable and depend on each other, especially Gearbox. There is no guaranteed return on Gearbox — you must understand the risks involved.
Bug Bounty
The scope of the bug bounty refers to the core contracts available at this repository: https://github.com/Gearbox-protocol/gearbox-contracts. If you have found a bug that you think is within the security interests of the protocol but is outside of the scope of the repository above, please do notify us then anyway. We can decide ad-hoc together with you. All the info is here:
Security is a continuous effort which must always be following protocol growth. As a DAO, it is imperative to constantly dedicate ample resources to ensure safety of user funds and improve security standards.
Contribute + developer docs
Developer docs are currently somewhat raw and will be updated shortly:
Gearbox is composable by design, so as a community we should uphold the ethos of collaboration. Dev contributions are the essential part of achieving that, so please join the community and contribute. Be at the start of a new primitive coming to life — let’s push it forward together!
- Website: https://gearbox.fi/
- Docs: https://docs.gearbox.finance/
- Forum: https://gov.gearbox.fi/t/start-here-forum-rules/
- Blog: https://medium.com/@gearboxprotocol
- Github: https://github.com/Gearbox-protocol
- Twitter: https://twitter.com/GearboxProtocol
- Snapshot page: https://snapshot.org/#/gearbox.eth
- Developer Docs: https://dev.gearbox.fi/
