# README ![](/files/Moo7ju9Wcs7otIxB1P6M) ## NEAR Audit Database Public Audits in the NEAR Ecosystem. Here is google sheets version for easier edit ## πŸ”‘ Key * βœ… audit public, doesn’t mean no vulnerabilities, and doesn't mean audit has been checked or its been by firm listed below, just that it exists. This also doesn’t mean that an audit was done for all smart contract and dApp functionality. * πŸ“¦ audit may exist somewhere but private. Or publicly mentioned an audit but the audit isnt public. * πŸ‘€ = looking for an audit make a PR * 🟑 = getting an audit * 😑 = as of last talking to team no audit | Project | Audit stage | Audited By | Date | Report | Type | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | ----------------------------------------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | | [Aurora Staking Contracts](https://github.com/aurora-is-near/aurora-staking-contracts) | βœ… | Blaize Security | June 7, 2022 | [Click here](https://www.datocms-assets.com/50156/1660299853-blaize-staking-contract-final-report-8-6-2022.pdf) | DeFI | | [LiNEAR Protocol](https://github.com/linear-protocol/LiNEAR) | βœ… | [Hacken](https://hacken.io/) | May 8, 2024 | [Click here](https://wp.hacken.io/wp-content/uploads/2024/05/Final-Report_Hacken_Linear_SCA_May_2024.pdf) | Liquid Staking | | [Sweat Economy](https://github.com/sweatco/sweat-claim) | βœ… | [Hacken](https://hacken.io/) | Jan 17, 2024 | [Click here](https://wp.hacken.io/wp-content/uploads/2024/01/Hacken_The-Sweat-Foundation-Ltd._SCA-Sweatco_Claim_Dec2023_P-2023-071_6_20240119-10_38.pdf) | Claims | | [Sweat Economy](https://github.com/sweatco/sweat-jar) | βœ… | [Hacken](https://hacken.io/) | Oct 15, 2023 | [Click here](https://wp.hacken.io/wp-content/uploads/2023/11/The-Sweat-Foundation-Ltd.-SC_Audit_Report_16102023-SA-1853.pdf) | GameFi | | [Aurora Staking Contracts](https://github.com/aurora-is-near/aurora-staking-contracts) | βœ… | [Hacken](https://hacken.io/) | June 8, 2022 | [Click here](https://github.com/aurora-is-near/aurora-staking-contracts) | DeFI | | [Naramunz](https://github.com/CRG-AB/NARZ.git) | βœ… | [Hacken](https://hacken.io/) | Jul 5, 2022 | [Click here](https://wp.hacken.io/wp-content/uploads/2022/07/Crystals-of-Naramunz-and-Narz05072022Audit_Report4.pdf) | Near FT token | | Vote Token & Election Contract Aurora | βœ… | [Hacken](https://hacken.io/) | January 18, 2023 | [Click here](https://www.datocms-assets.com/50156/1675403586-hacken-election-vote-contracts-final-report.pdf) | Contracts | | [NEAR Plugins](https://github.com/aurora-is-near/near-plugins) | βœ… | [Hacken](https://hacken.io/) | March 27, 2023 | [Click here](https://www.datocms-assets.com/50156/1680101850-hacken-near-plugins-final-report-updated-march2023.pdf) | Contracts | | [NEAR Blockchain Protocol](https://github.com/near/nearcore) | βœ… | [Hacken](https://hacken.io/) | Dec 11, 2023 | [Click here](https://hacken.io/audits/near/) | L1 Protocol | | [NEAR Plugins](https://github.com/aurora-is-near/near-plugins) | βœ… | [AuditOne](https://www.auditone.io/) | March 14, 2023 | [Click here](https://github.com/NEARBuilders/audits/blob/main/\[https:/docsend.com/view/tmymbwh8kspswmys]\(https:/www.datocms-assets.com/50156/1680590522-auditone-near-plugins-final-report-updated-march2023.pdf\)) | Contracts | | [Aurora Fast Bridge](https://github.com/aurora-is-near/fast-bridge-service) | βœ… | [AuditOne](https://www.auditone.io/) | May 9, 2023 | [Click here](https://docsend.com/view/tmymbwh8kspswmys) | Contracts | | [Aurora Staking Farm](https://github.com/referencedev/staking-farm/tree/master/staking-farm) + [Factory](https://github.com/referencedev/staking-farm/tree/master/staking-factory) | βœ… | Halborn | March 25, 2022 | [Click here](https://www.datocms-assets.com/50156/1659612370-aurora_farm_near_smart_contract_security_audit_report_halborn_final-2.pdf) | DeFi | | Octopus Network - App Chain Anchor | βœ… | [Blocksec](https://blocksec.com/) | July 10, 2022 | [Click here](https://assets.blocksec.com/pdf/1660885048302-5.pdf) | Infrastructure | | Rainbow Bridge Smart Contract | βœ… | Sigma Prime | June 1, 2022 | [Click here](https://www.datocms-assets.com/50156/1659700568-sigma-prime-rainbow-bridge-final-report-10-06-2022.pdf) | | | Rainbow Bridge Smart Contract | βœ… | [Blaize Security](https://blaize.tech/) | October 5, 2022 | [Click here](https://blaize.tech/wp-content/uploads/2023/03/Rainbow-Bridge-audit-report-_compressed.pdf) | Infrastructure | | Proximity Labs - NearETH - NETH | βœ… | OtterSec | May 06, 2022 | [Click here](https://github.com/NearDeFi/neth/blob/main/audit/near-eth-audit-public.pdf) | Infrastructure | | AstroDAO | πŸ‘€ | | | | DAO | | Keypom | πŸ‘€ | | | | Infrastructure | | Tonic | βœ… | Veridise | February 13 2023 | [Click Here](https://veridise.com/wp-content/uploads/2023/04/VAR-Tonic.pdf) | DeFi | |

v2.ref-finance.near
v2.ref-farming.near (1)

| βœ… | Jita | March 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2Fh8mipVuJTakoLC6XmzfU%2FRef%20Finance%20Security%20Audit-1.pdf?alt=media\&token=cf0398d1-97d5-4367-9776-07bc8e4c67ea) All ref audits [here](https://guide.ref.finance/developers/audits) | DeFi | |

v2.ref-finance.near
v2.ref-farming.near (2)

| βœ… | Jita | May 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FsDi3tE2Q0HLrFYVlE2y2%2FRef%20Finance%20Security%20Audit-2.pdf?alt=media\&token=6f948b02-33d0-473c-9ab9-3435db526f40) | DeFi | | Ref DCL Contracts (1) | βœ… | Blocksec | Dec 9, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FJ2wgtouZJ7RnJqthMxgC%2Fblocksec_ref_finance_dcl_v1.0_signed.pdf?alt=media\&token=ec75b62a-2cc5-483d-a568-3ad352430553) | DeFi | | Ref DCL Contracts (2) | βœ… | Blocksec | Feb 10, 2023 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2F7wH9tvDSEpGkJLAylsKi%2Fblocksec_ref_finance_dcl_v2.0_signed.pdf?alt=media\&token=b8fc2145-0941-458e-b95b-a6d6b8271272) | DeFi | | xRef Token Contract | βœ… | Blocksec | October 12, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FBdE0q0geA1b9rqdx3UPS%2Fblocksec_ref_finance_xref_v1.0_signed.pdf?alt=media\&token=32f97a13-8310-4364-aef2-7bef2a2d911a) | DeFi | | Ref Exchange (1) | βœ… | Blocksec | Nov 2, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FanzjJnnb0CbegTjSxLkr%2Fblocksec_ref_finance_exchange_v1.0_signed.pdf?alt=media\&token=32f19674-6a76-466b-9edb-2ac698f87a8b) | DeFi | | Ref Exchange (2) | βœ… | Blocksec | Nov 20, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FkboyY9FkWMAgh0AKnZlN%2Fblocksec_ref_finance_exchange_v2.0_signed.pdf?alt=media\&token=7eb4496d-a3fd-41af-bc12-44db1e58640f) | DeFi | | Ref-ve | βœ… | Blocksec | July 14, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2Ff4hCQimDJp0GSY6IxKFl%2Fmain-signed-ve.pdf?alt=media\&token=74d48498-2c9d-4489-8fc1-e40a76cfd8d6) | DeFi | | Ref-Boost-Farm | βœ… | Blocksec | July 26, 2022 | [Click here](https://422665050-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MhIB0bSr6nOBfTiANqT-2910905616%2Fuploads%2FYS0OUzuBknE6Q90f9GRl%2Fmain-signed-new-farming.pdf?alt=media\&token=4daae465-91c3-414f-9a4d-2234a6204812) | DeFi | | Pembrock | βœ… | BlockSec | June 27th, 2021 | [Click here](https://github.com/PembROCK-Finance/audits/blob/main/2022-07-01%20BlockSec%20Security%20Audit%20Report%20for%20PembRock%20Contracts.pdf) | DeFi | | Stader | βœ… | OtterSec | September 09, 2022 | [Click here](https://www.staderlabs.com/docs/near/StaderLabs_NearX_SmartContract_Audit_by_OSEC2.pdf) | DeFi | | Metapool | βœ… | Blocksec | March 1, 2022 | [Click here](https://370551154-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MkhZe3MGAhTcvTLTzJF-887967055%2Fuploads%2F5dIIpOn4FkJ04xuwzRyu%2FMetaPool_BlockSec_Audit_signed_v1.1.pdf?alt=media\&token=d742d1c8-ba7e-4ed9-99dc-fb5dae247e0d) | DeFi | | Metapool - AuroraStNEAR | βœ… | BlockSec | March 20th, 2022 | [Click here](https://370551154-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MkhZe3MGAhTcvTLTzJF-887967055%2Fuploads%2FXE1zBF4pyaWCoR1zlKwW%2Fmain_signed.pdf?alt=media\&token=5068e60d-2905-4d4f-a1cb-9d5fa4c607a3) | DeFi | | Orderly | πŸ“¦ | Halborn | | πŸ“¦ | DeFi | | Orderly | βœ… | Certik | Sep 16th, 2022 | [Click here](https://skynet.certik.com/projects/orderly-network) | DeFi | | Spin Finance | βœ… | BlockApex | July 19, 2022 | [Click here](https://blockapex.io/spin-finance-audit-report/) | DeFi | | Burrow Finance | βœ… | BlockSec | Feb 14, 2022 | [Click here](https://github.com/NearDeFi/burrowland/blob/main/blocksec-audit-signed-1.pdf) | DeFi | | Burrow Finance | βœ… | BlockSec | March 19, 2022 | [Click here](https://github.com/NearDeFi/burrowland/blob/main/blocksec-audit-signed-2.pdf) | DeFi | | Veax | βœ… | [H-X Technologies](https://www.h-x.technology/) | January 25, 2023 | [Click here](https://docs.veax.com/overview/security/external-smart-contract-audits/) | DeFi | | [JumpDeFi](https://www.jumpdefi.xyz/) | πŸ‘€ | | | | DeFi | | Jumbo.Exchange | πŸ‘€ | | | | DeFi | | [HideYourCash](https://www.hideyour.cash/) | 😑 | | | | DeFi | | Sender Wallet - Android | βœ… | Slowmist | July 15, 2022 | [Click here](https://github.com/slowmist/Knowledge-Base/blob/master/open-report-V2/blockchain-application/SlowMist%20Audit%20Report%20-%20Sender%20Wallet%20Android_en-us.pdf) | Wallet | | Sender Wallet - iOS | βœ… | Slowmist | July 15, 2022 | [Click here](https://github.com/slowmist/Knowledge-Base/blob/master/open-report-V2/blockchain-application/SlowMist%20Audit%20Report%20-%20Sender%20Wallet%20iOS_en-us.pdf) | Wallet | | Sender Wallet - Browser Extension | βœ… | Slowmist | July 6, 2022 | [Click here](https://github.com/slowmist/Knowledge-Base/blob/master/open-report-V2/blockchain-application/SlowMist%20Audit%20Report%20-%20Sender-chrome-extension-wallet_en-us.pdf) | Wallet | | [Meteor Wallet](https://meteorwallet.app/) | πŸ‘€ | | | | Wallet | | HERE Wallet Liquid Staking | βœ… | OtterSec | January 6, 2023 | [Click here](https://docs.herewallet.app/technology-description/readme/security-audit) | Wallet | | [MyNEARWallet](https://mynearwallet.com/) | πŸ‘€ | | | | Wallet | | [Wallet.near.org](http://wallet.near.org/) | | | | | Wallet | | [NEARFi Wallet](https://nearfi.finance/) | πŸ‘€ | | | | Wallet | | [Salmon Wallet](https://salmonwallet.io/) | 😑 | | | | Wallet | | Welldone Wallet | πŸ‘€ | | | | Wallet | | Nightly Wallet - NEAR | πŸ‘€ | | | | Wallet | | Opto Wallet - NEAR | | | | | Wallet | | Math Wallet - NEAR | πŸ‘€ | | | | Wallet | | [Narwallets](https://narwallets.com/) | πŸ‘€ | | | | Wallet | | Coin98 Wallet | πŸ‘€ | | | | Wallet | | Metamask Snaps (NEAR Snap) | 😑 | | | | Wallet | | [Finer Wallet](https://finerwallet.io/) | πŸ‘€ | | | | Wallet | | [xDeFI Wallet](https://www.xdefi.io/fr/) | πŸ‘€ | | | | Wallet | | [FewNFar](https://fewfar.com/) | πŸ‘€ | | | | NFT | | [Mintbase](https://www.mintbase.xyz/) | βœ… | Ottersec | March 29, 2023 | [Click here](https://arweave.net/WvB-T_sg6HbpG08NLutna0bw65hq4tkZZoUJzw4iRK4) | NFT | | [Paras.id](http://Paras.id) | πŸ‘€ | | | | NFT | | [Tradeport.xyz](https://www.tradeport.xyz/) | πŸ‘€ | | | | NFT | | [Namesky](https://namesky.app/) | βœ… | Pessimistic | Aril 26, 2023 | [Click here](https://github.com/nameskyteam/assets/blob/113e1251c10692ca50023871449844b4d8cfcffd/NameSky%20Security%20Analysis%20by%20Pessimistic.pdf) | NFT | | PlayEmber | πŸ‘€ | | | | Gaming | | [Wormhole](https://www.portalbridge.com/) | βœ… | OtterSec | August 26, 2022 | [Click here](https://storage.googleapis.com/wormhole-audits/Wormhole_Near_OtterSec.pdf) | Bridge | | [Allbridge](https://allbridge.io/) | πŸ‘€ | | | | Bridge | | [XP.network](https://xp.network/) | πŸ‘€ | | | | Bridge | | [social.near](https://near.social/) | 😑 | | | | dApp | | [Roketo Payment Streams](https://roke.to/) | πŸ‘€ | | | | | | Tenamint | | | | | NFT | | [Bodega Marketplace](https://twitter.com/Bodega_NFT) | | | | | | | [LiNEAR Protocol](https://app.linearprotocol.org/) | βœ… | BlockSec | April 1, 2022 | [Click here](https://github.com/linear-protocol/audits/blob/main/BlockSec%20-%20Security%20Audit%20Report%20for%20LiNEAR%20-%20202204.pdf) | DeFi | | [Phoenix Bonds](https://linear.phoenixbonds.org/) | βœ… | BlockSec | January 12, 2023 | [Click here](https://github.com/linear-protocol/audits/blob/main/BlockSec%20-%20Security%20Audit%20Report%20for%20Phoenix%20Bonds%20-%20202301.pdf) | DeFi | ### πŸͺ² Bug Bounty Programs | Protocol | Bug Bounty Page | | :------------: | :-----------------------------------------------------------------------------------: | | NEAR General | [Bug Bounty Program For Near - HackenProof](https://hackenproof.com/near) | | Aurora | [Buy Bounty Program for Aurora - HackenProof](https://hackenproof.com/aurora) | | Ref finance | [Bug Bounty Ref Finance - ImmuneFi](https://immunefi.com/bounty/reffinance/) | | SweatCoin | [Sweat Economy Bug Bounties - Immunefi](https://immunefi.com/bounty/sweateconomy/) | | Stader on NEAR | [Stader for NEAR Bug Bounties - Immunefi](https://immunefi.com/bounty/staderfornear/) | ### Known NEAR Auditing Firms Firms that are known for auditing NEAR dApps & Contracts | Firm | Public Audits | | :------------------------------------------: | :------------------------------------------------------------------------------------------------------: | | [Veridise](https://veridise.com) | [Click here](https://veridise.com/audits/) | | [Ottersec](https://osec.io/) | [Click here](https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772) | | [FYEO](https://www.gofyeo.com/) | | | [Kudelski](https://kudelskisecurity.com/) | | | [Sigma Prime](https://sigmaprime.io/) | [Click here](https://github.com/sigp/public-audits) | | [Chain Security](https://chainsecurity.com/) | | | [Block Security](https://blocksec.com/) | | | [Halborn](https://www.halborn.com/) | [Click here](https://github.com/HalbornSecurity/PublicReports) | | [Hacken](https://hacken.io/) | [Click here](https://hacken.io/audits) | | [Guvenkaya](https://www.guvenkaya.co/) | [Click here](https://github.com/Guvenkaya/public-reports/tree/master) | To add into table * NEAR Smart Contracts Tools | Kudelski | May 5th, 2023 | * MetaPool LaunchPad (Katherine Fundraising & Bond Market) | Halborn | May 12th, 2023 | * NEAR Genesis Smart Contract | SmartState | May 18th, 2023 | * NEAR-IBC | BlockSec | September 18th, 2023 | * Aurora FT Connector | Zokyo | June 8th, 2023 | * NEAR Snap | Ottersec | September 12th, 2023 | * Potlock Quadratic Funding | Ottersec | Feburary 15th | * Potlock Contracts | Guvenkaya | January 19th | * Sweat Economy Defer Feature | Guvenkaya | January 30 | **Firms That Audits Have Failed to Detect Critical Vulnerabilities** dont slip up and get added to this list * ### Exploits * [Skyward Finance 2022](https://www.halborn.com/blog/post/explained-the-skyward-finance-hack-november-2022) * [StaderX on NEAR August 16, 2022](https://blog.staderlabs.com/stader-near-incident-report-08-16-2022-afe077ffd549#:~:text=Stader's%20smart%20contract%20on%20NEAR,corresponding%20%24NEAR%20staked%20against%20it.) * [Ref.finance $3 million hack in August 2021](https://chubk.com/ref-finance-hacked-for-nearly-3-million-dollars-and-plans-to-compensate-users/) #### Slip Ups | Description | Link | | :----------------------------------------------------------------------: | :-----------------------------------------------------------------------------------: | | Near Protocol Discloses Wallet Breach That May Have Exposed Private Keys | [Decrypt](https://decrypt.co/106819/near-protocol-wallet-breach-exposed-private-keys) | ## To-do * Finish finding all audits * Backup all the audits on Arweave + IPFS and archive all instances of audit on wayback machine * Work with ecosystem aggregator like NEAR Horizon to reference audits * Compile all the exploits * Let projects and NEAR Founders know to make a PR * Contact all projects without audits and let them know they can’t be lacking in these streets like that * Publish this on BOS ## Contribution Guidelines To learn how to contribute to the public repo go to [Contribution Guidelines](https://github.com/NEARBuilders/audits/blob/main/contribution.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.nearbuilders.com/near-public-audits/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.