The Polkadot Genesis Security Audits Hub

Progress never stands still

At Web3 Foundation we believe in an internet where users, not corporations, own their own data. With that goal in mind, we are building and funding the next generation of the internet, Web 3.0, where blockchain technology will create “trustless” systems without the intermediaries that exist today. This means that we will no longer have to trust in the good intentions of an institution, corporation or service provider. Instead, the rules and regulations can be built into the system, which will continue to run by these rules no matter who governs or builds on it.

This also means that blockchain security is of paramount importance. A chain is only as strong as its weakest link, and any weakness in the system affects the whole.

That’s why we are investing heavily in pre-genesis security audits along every step of the way for the projects we contribute to: Polkadot Runtime and Hosts, Polkadot JS Libraries, the Kusama network and Validator Deployers.

We have engaged the best in the business to do the auditing for us. Among them are Atredis, NCC Group, Open Zeppelin, SR Labs, and Trail of Bits.

And since transparency is the name of the game for us at Web3 Foundation, we are publishing this ongoing blog series to outline the findings and the steps taken to rectify any problems identified.

Free-spend spam attacks, fishermen incentivization concerns, and common security audit discoveries such as unnecessarily-exposed ports leaking information are just a few of the findings Parity and Web3 Foundation have been remediating. As the issues raised in the reports are resolved, we will post updates here.

Security Blogs

Read about the Atredis Security Audit here.

To stay informed on Polkadot’s launch, subscribe to our newsletter.