A collection of security resources relating to the HydraDX blockchain:
- Audit Reports
- Critical Vulnerability Reports
- Invariants Specification
- Mitigation Mechanisms - a set of mechanisms designed to safeguard against economic exploits
- Threat Modelling - a collection of known attack vectors
Conducted by 27 independent security researchers that participated in an audit challenge on Code4rena.
Scope: Omnipool, Stablepools, Oracles, Circuit Breaker.
Read the full report in this repo or on the Code4rena website.
Conducted by Runtime Verification, published in June 2022.
Read the full report here.
Conducted by Runtime Verification, published in June 2022.
Read the full report here.
Conducted by Runtime Verification, published in September 2022.
Read the full report here.
Conducted by BlockScience, published in March 2022.
Addendum by the HydraDX team elaborating on some changes which were made after the audit was finished (pp 41 et seq), published in November 2022.
Read the full report here.
You can find the specification of the following groups of invariants:
- System-level invariants - these relate to the global state of the system and must always hold
- Function-level invariants - these must hold in relation to the execution of specific state-transition functions (extrinsics)