README

Last updated 1 year ago

README

NEAR Audit Database

Public Audits in the NEAR Ecosystem. Here is google sheets version for easier edit https://docs.google.com/spreadsheets/d/1YrQNaWV6JB6vM5iDuv9MmwHD5RbnmFlICA0UCdgWoco/edit#gid=0

🔑 Key

✅ audit public, doesn’t mean no vulnerabilities, and doesn't mean audit has been checked or its been by firm listed below, just that it exists. This also doesn’t mean that an audit was done for all smart contract and dApp functionality.
📦 audit may exist somewhere but private. Or publicly mentioned an audit but the audit isnt public.
👀 = looking for an audit make a PR
🟡 = getting an audit
😡 = as of last talking to team no audit

Project

Audit stage

Audited By

Date

Report

Type

✅

Blaize Security

June 7, 2022

DeFI

✅

May 8, 2024

Liquid Staking

✅

Jan 17, 2024

Claims

✅

Oct 15, 2023

GameFi

✅

June 8, 2022

DeFI

✅

Jul 5, 2022

Near FT token

Vote Token & Election Contract Aurora

✅

January 18, 2023

Contracts

✅

March 27, 2023

Contracts

✅

Dec 11, 2023

L1 Protocol

✅

March 14, 2023

Contracts

✅

May 9, 2023

Contracts

✅

Halborn

March 25, 2022

DeFi

Octopus Network - App Chain Anchor

✅

July 10, 2022

Infrastructure

Rainbow Bridge Smart Contract

✅

Sigma Prime

June 1, 2022

Rainbow Bridge Smart Contract

✅

October 5, 2022

Infrastructure

Proximity Labs - NearETH - NETH

✅

OtterSec

May 06, 2022

Infrastructure

AstroDAO

👀

DAO

Keypom

👀

Infrastructure

Tonic

✅

Veridise

February 13 2023

DeFi

v2.ref-finance.near v2.ref-farming.near (1)

✅

Jita

March 2022

DeFi

v2.ref-finance.near v2.ref-farming.near (2)

✅

Jita

May 2022

DeFi

Ref DCL Contracts (1)

✅

Blocksec

Dec 9, 2022

DeFi

Ref DCL Contracts (2)

✅

Blocksec

Feb 10, 2023

DeFi

xRef Token Contract

✅

Blocksec

October 12, 2022

DeFi

Ref Exchange (1)

✅

Blocksec

Nov 2, 2022

DeFi

Ref Exchange (2)

✅

Blocksec

Nov 20, 2022

DeFi

Ref-ve

✅

Blocksec

July 14, 2022

DeFi

Ref-Boost-Farm

✅

Blocksec

July 26, 2022

DeFi

Pembrock

✅

BlockSec

June 27th, 2021

DeFi

Stader

✅

OtterSec

September 09, 2022

DeFi

Metapool

✅

Blocksec

March 1, 2022

DeFi

Metapool - AuroraStNEAR

✅

BlockSec

March 20th, 2022

DeFi

Orderly

📦

Halborn

📦

DeFi

Orderly

✅

Certik

Sep 16th, 2022

DeFi

Spin Finance

✅

BlockApex

July 19, 2022

DeFi

Burrow Finance

✅

BlockSec

Feb 14, 2022

DeFi

Burrow Finance

✅

BlockSec

March 19, 2022

DeFi

Veax

✅

January 25, 2023

DeFi

👀

DeFi

Jumbo.Exchange

👀

DeFi

😡

DeFi

Sender Wallet - Android

✅

Slowmist

July 15, 2022

Wallet

Sender Wallet - iOS

✅

Slowmist

July 15, 2022

Wallet

Sender Wallet - Browser Extension

✅

Slowmist

July 6, 2022

Wallet

👀

Wallet

HERE Wallet Liquid Staking

✅

OtterSec

January 6, 2023

Wallet

👀

Wallet

👀

Wallet

😡

Wallet

Welldone Wallet

👀

Wallet

Nightly Wallet - NEAR

👀

Wallet

Opto Wallet - NEAR

Wallet

Math Wallet - NEAR

👀

Wallet

👀

Wallet

Coin98 Wallet

👀

Wallet

Metamask Snaps (NEAR Snap)

😡

Wallet

👀

Wallet

👀

Wallet

👀

NFT

✅

Ottersec

March 29, 2023

NFT

👀

NFT

👀

NFT

✅

Pessimistic

Aril 26, 2023

NFT

PlayEmber

👀

Gaming

✅

OtterSec

August 26, 2022

Bridge

👀

Bridge

👀

Bridge

😡

dApp

👀

Tenamint

NFT

✅

BlockSec

April 1, 2022

DeFi

✅

BlockSec

January 12, 2023

DeFi

🪲 Bug Bounty Programs

Protocol

Bug Bounty Page

NEAR General

Aurora

Ref finance

SweatCoin

Stader on NEAR

Known NEAR Auditing Firms

Firms that are known for auditing NEAR dApps & Contracts

Firm

Public Audits

To add into table

NEAR Smart Contracts Tools | Kudelski | May 5th, 2023 | https://github.com/NEARFoundation/near-sdk-contract-tools/blob/develop/documents/NEAR%20Contract%20Tools%20-%20Final%20-%2005.05.2023.pdf
MetaPool LaunchPad (Katherine Fundraising & Bond Market) | Halborn | May 12th, 2023 | https://github.com/HalbornSecurity/PublicReports/blob/master/NEAR%20Smart%20Contract%20Audits/MetaPool_Katherine_Fundraising_and_Bond_Market_NEAR_Smart_Contract_Security_Audit_Report_Halborn_Final%20.pdf
NEAR Genesis Smart Contract | SmartState | May 18th, 2023 | https://smartstate.tech/reports/near-genesis-report-18052023.html
NEAR-IBC | BlockSec | September 18th, 2023 | https://github.com/octopus-network/near-ibc/blob/main/auditing/blocksec_near-ibc_v1.0_signed.pdf
Aurora FT Connector | Zokyo | June 8th, 2023 | https://www.datocms-assets.com/50156/1689941745-zokyo-near-ft-connector-audit.pdf
NEAR Snap | Ottersec | September 12th, 2023 | https://github.com/NEARBuilders/audits/blob/main/Audits/2023-09-12-Ottersec-NEAR_SNAP.pdf
Potlock Quadratic Funding | Ottersec | Feburary 15th | https://github.com/PotLock/core/blob/main/audits/Potlock-NEAR-Smart-Contracts-Quadratic-Funding-Audit-Ottersec-February-15-2024.pdf
Potlock Contracts | Guvenkaya | January 19th | https://github.com/Guvenkaya/public-reports/blob/master/Potlock-NEAR-Rust-Smart-Contract-Security-Assessment.pdf
Sweat Economy Defer Feature | Guvenkaya | January 30 | https://github.com/Guvenkaya/public-reports/blob/master/The-Sweat-Foundation-Ltd-Defer-NEAR-Rust-Smart-Contract-Security-Assessment.pdf

Firms That Audits Have Failed to Detect Critical Vulnerabilities

dont slip up and get added to this list

Exploits

Slip Ups

Description

Link

Near Protocol Discloses Wallet Breach That May Have Exposed Private Keys

To-do

Finish finding all audits
Backup all the audits on Arweave + IPFS and archive all instances of audit on wayback machine
Work with ecosystem aggregator like NEAR Horizon to reference audits
Compile all the exploits
Let projects and NEAR Founders know to make a PR
Contact all projects without audits and let them know they can’t be lacking in these streets like that
Publish this on BOS

Contribution Guidelines

Last updated 1 year ago