Decentralized Finance, abbreviated as DeFi, is a series of financial applications developed based on a decentralized platform. Openness and inclusiveness are its two major characteristics. Unlike traditional centralized applications or institutions, DeFi code is neutral and open source, built on an open underlying blockchain, and its programmability makes it fully compatible with other DeFi applications in the ecosystem. 2021 is a year of explosive growth for DeFi. Numerous DeFi projects have emerged, and the value of assets locked in DeFi has also rapidly expanded. However, the rapid development of DeFi has also exposed many challenges including code vulnerabilities, portfolio risks, and asset security.
According to Slow Mist Hacked, as of December 29, 2021, there have been 594 hacked incidents with a total hacked loss of $23,829,789,641, security is undoubtedly the first priority for any DeFi project. As the base protocol for the Polkadot Eco DeFi, Bifrost bid for one of the first Kusama slots in July this year. It also launched SALP service in September to support Kusama & Polkadot parachain slot liquidity release. The current cumulative TVL has reached $181,221,222.
Since Substrate is a forkless iterative blockchain framework, auditing is a continuous iterative process for Bifrost, which is built on top of Substrate. Given the innovative and complex nature of the DeFi application, continuous auditing is necessary to ensure that the security of the product is maintained at a high level under fast read iterations. Currently, Bifrost’s audit work is divided into internal and external, with internal audits conducted by teams and joint cross-team reviews.
In the case of Zenlink, a Bifrost Derivatives Liquidity partner, before a Zenlink code module is deployed or upgraded, Bifrost conducts a cross-team code review with both teams to ensure that there are no issues with the code integration and business logic details, and that a rigorous internal audit process eliminates most security issues. This is followed by an external audit with a third-party auditor to eliminate risk points one by one by traversing the audit use cases.
As the underlying asset protocol of DeFi LEGO, Bifrost attaches great importance to security. In addition to a strict audit process, we have made corresponding plans for possible risks, for example, in order to cooperate with emergency security event scheduling, the Bifrost network has reserved the function of emergency pause opened/closed through the Technical Committee Governance, which can be used as a fast and effective intervention in case of malicious events through Governance for effective proactive intervention to reduce or even recover the loss caused by security events.
The design and development is based on the principle of decentralization as much as possible, reducing the invocation of centralized components. Bifrost was one of the first parachains to go live, adding a lot of extra work to achieve SALP decentralization before the XCM functionality was perfect, but these efforts have established a solid, reliable and secure impression for Bifrost, providing security for assets.
Today, Bifrost is pleased to announce that it has entered into a partnership with two professional blockchain auditors, SlowMist and CertiK, who have completed a full audit of Bifrost and a partial audit of Pallet, respectively. The security audits will continue as the Bifrost parallel chain protocol continues to improve.
About SlowMist
SlowMist is a company focused on blockchain ecological security. It was founded in January 2018. It was founded by a team with more than ten years of front-line network security attack-defense experiences, and the team members have created the security project with world-class influence. SlowMist Technology is already a top international blockchain security company, served many global well-known projects mainly through “the security solution that integrated the threat discovery and threat defense while tailored to local conditions”, there are thousands of commercial customers, customers distributed in more than a dozen major countries and regions.
About CertiK
CertiK was established in 2018 by Yale University, the chair of the Yale Department of Computer Science and Columbia University professors. CertiK takes the mission of guarding the encrypted world, starting from the blockchain field, step by step to extend the cutting-edge innovative technology of academia to the industry, so that enterprise mission-critical software and applications can be built in a sufficiently safe and correct environment.
As a pioneer in blockchain security, CertiK leverages the most advanced formal verification technology and AI auditing technology available to scan and monitor the security of blockchain protocols and smart contracts, and continues to launch SaaS products represented by Skynet to provide the highest level of security solutions for enterprises and users in the crypto world. CertiK has provided blockchain security services to over 1,800 enterprise customers, uncovered over 31,000 code vulnerabilities, and secured over $300 billion in digital assets.
Slowmist & CertiK has completed Bifrost code audit was originally published in Bifrost — DeFi for PoS. Staking and Liquidity. on Medium, where people are continuing the conversation by highlighting and responding to this story.
