No announcement yet.

Loom PlasmaChain Completes Third-Party Security Audit and Is Now Open Source!

  • Filter
  • Time
  • Show
Clear All
new posts

  • Loom PlasmaChain Completes Third-Party Security Audit and Is Now Open Source!

    Loom PlasmaChain Completes Third-Party Security Audit and Is Now Open Source!

    [IMG]*JP_gEuzZlVhQoK3i5UoGhQ.png[/IMG]A couple months ago, we hired an external firm to audit our PlasmaChain and Transfer Gateway*code.
    PlasmaChain is Loom’s mainnet, which bridges other Loom sidechains to Ethereum and other major blockchains. It is optimized for highly-scalable user-facing dapps, and enables secure asset transfers between*chains.
    Why Do a Security*Audit?

    Blockchains are no joke. The codebase is often complex, and a lot is at stake (no pun intended*😜).
    Public blockchains are designed to be decentralized — meaning there is no central authority that can censor transactions. However, this also means there is no central authority you can appeal to in case of fraudulent transactions or*hacks.
    Hence, ensuring the security of a blockchain is paramount. And since we take security so seriously here at Loom, we made sure to have a proper security audit done by a reliable third*party.
    Meet Our Auditor: Trail of*Bits

    Trail of Bits is an information security company founded in 2012 by industry leaders Dan Guido, Dino Dai Zovi, and Alexander Sotirov.
    Some of their notable clients include Western Digital, Facebook, and DARPA. In the blockchain industry, they’ve done security audits for Parity, Gemini, and Tendermint, among many*others.
    We wanted the best security experts to test our code, and based on their track record, we hired Trail of Bits for the*audit.
    Audit Details

    The PlasmaChain security audit was done from April 1 to May 3 of*2019.
    The auditors did a manual code review of the loom binary, the Ethereum mainnet smart contracts that make up the Transfer Gateway, and the Delegated Proof of Stake (DPoS) system, and further tested the code as following:
    • Loom binary: reviewed the loomchain repository, developed a fuzzer, and performed manual dynamic*testing
    • Transfer Gateway: reviewed the transfer-gateway-v2 repository, ran Slither on the code, and performed manual dynamic*testing
    • DPoS system: reviewed the dposv3 repository, developed a fuzzer and invariant checker, and performed manual dynamic*testing

    All issues uncovered in the audit have been acknowledged, fixed, and tested thoroughly, and additional security enhancements have been implemented — making PlasmaChain more secure than*ever.
    And to maintain this high level of blockchain security, we plan on having regular third-party security audits performed in the*future.
    Open Sourcing the Code*Base

    Now that we’ve ensured the security of PlasmaChain, we’ve made the code open source. This is an important step toward making the chain a fully decentralized network.
    You can view the code on our*GitHub.
    Loom Network is a platform for building highly scalable DPoS sidechains to Ethereum, with a focus on large-scale games and social*apps.
    Want to stake your LOOM tokens and help secure PlasmaChain? Find out*how.
    And if you enjoyed this article and want to stay in the loop, go ahead and sign up for ourprivate mailing*list.

    Loom PlasmaChain Completes Third-Party Security Audit and Is Now Open Source! 🔒 was originally published in Loom Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

    More Loom Network Updates on Medium...
    Cryptocurrency Trading Courses