README
NEAR Audit Database
Public Audits in the NEAR Ecosystem. Here is google sheets version for easier edit https://docs.google.com/spreadsheets/d/1YrQNaWV6JB6vM5iDuv9MmwHD5RbnmFlICA0UCdgWoco/edit#gid=0
🔑 Key
✅ audit public, doesn’t mean no vulnerabilities, and doesn't mean audit has been checked or its been by firm listed below, just that it exists. This also doesn’t mean that an audit was done for all smart contract and dApp functionality.
📦 audit may exist somewhere but private. Or publicly mentioned an audit but the audit isnt public.
👀 = looking for an audit make a PR
🟡 = getting an audit
😡 = as of last talking to team no audit
AstroDAO
👀
DAO
Keypom
👀
Infrastructure
Orderly
📦
Halborn
📦
DeFi
Jumbo.Exchange
👀
DeFi
Welldone Wallet
👀
Wallet
Nightly Wallet - NEAR
👀
Wallet
Opto Wallet - NEAR
Wallet
Math Wallet - NEAR
👀
Wallet
Coin98 Wallet
👀
Wallet
Metamask Snaps (NEAR Snap)
😡
Wallet
PlayEmber
👀
Gaming
Tenamint
NFT
🪲 Bug Bounty Programs
NEAR General
Ref finance
Stader on NEAR
Known NEAR Auditing Firms
Firms that are known for auditing NEAR dApps & Contracts
To add into table
NEAR Smart Contracts Tools | Kudelski | May 5th, 2023 | https://github.com/NEARFoundation/near-sdk-contract-tools/blob/develop/documents/NEAR%20Contract%20Tools%20-%20Final%20-%2005.05.2023.pdf
MetaPool LaunchPad (Katherine Fundraising & Bond Market) | Halborn | May 12th, 2023 | https://github.com/HalbornSecurity/PublicReports/blob/master/NEAR%20Smart%20Contract%20Audits/MetaPool_Katherine_Fundraising_and_Bond_Market_NEAR_Smart_Contract_Security_Audit_Report_Halborn_Final%20.pdf
NEAR Genesis Smart Contract | SmartState | May 18th, 2023 | https://smartstate.tech/reports/near-genesis-report-18052023.html
NEAR-IBC | BlockSec | September 18th, 2023 | https://github.com/octopus-network/near-ibc/blob/main/auditing/blocksec_near-ibc_v1.0_signed.pdf
Aurora FT Connector | Zokyo | June 8th, 2023 | https://www.datocms-assets.com/50156/1689941745-zokyo-near-ft-connector-audit.pdf
NEAR Snap | Ottersec | September 12th, 2023 | https://github.com/NEARBuilders/audits/blob/main/Audits/2023-09-12-Ottersec-NEAR_SNAP.pdf
Potlock Quadratic Funding | Ottersec | Feburary 15th | https://github.com/PotLock/core/blob/main/audits/Potlock-NEAR-Smart-Contracts-Quadratic-Funding-Audit-Ottersec-February-15-2024.pdf
Potlock Contracts | Guvenkaya | January 19th | https://github.com/Guvenkaya/public-reports/blob/master/Potlock-NEAR-Rust-Smart-Contract-Security-Assessment.pdf
Sweat Economy Defer Feature | Guvenkaya | January 30 | https://github.com/Guvenkaya/public-reports/blob/master/The-Sweat-Foundation-Ltd-Defer-NEAR-Rust-Smart-Contract-Security-Assessment.pdf
Firms That Audits Have Failed to Detect Critical Vulnerabilities
dont slip up and get added to this list
Exploits
Slip Ups
Near Protocol Discloses Wallet Breach That May Have Exposed Private Keys
To-do
Finish finding all audits
Backup all the audits on Arweave + IPFS and archive all instances of audit on wayback machine
Work with ecosystem aggregator like NEAR Horizon to reference audits
Compile all the exploits
Let projects and NEAR Founders know to make a PR
Contact all projects without audits and let them know they can’t be lacking in these streets like that
Publish this on BOS
Contribution Guidelines
To learn how to contribute to the public repo go to Contribution Guidelines
Last updated