Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added summary and report of FEVM audit report from Oak Security #1317

Merged
merged 5 commits into from
Jul 15, 2023
Merged

Added summary and report of FEVM audit report from Oak Security #1317

Changes from 3 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
21d526c
Added summary and report of FEVM audit report from Oak Security
parthshah1 Mar 17, 2023
491055a
Merge branch 'master' into updating_audit_reports
smagdali Jul 14, 2023
244f6bf
Update audit_reports.md
smagdali Jul 14, 2023
b3d6ddf
prettier --write
ianconsolata Jul 15, 2023
25ee0b4
Merge branch 'master' into updating_audit_reports
ianconsolata Jul 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions content/appendix/audit_reports.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,17 @@ dashboardAudit: n/a

Security is a critical component in ensuring Filecoin can fulfill its mission to be the storage network for humanity. In addition to robust secure development processes, trainings, theory audits, and investing in external security research, the Filecoin project has engaged reputable third party auditing specialists to ensure that the theory behind the protocol and its implementation delivers the intended value, enabling Filecoin to be a safe and secure network. This section covers a selection of audit reports that have been published on Filecoin's theory and implementation.

## Filecoin Virtual Machine

### `2023-03-09` Filecoin EVM (FEVM)

- Report: [Filecoin EVM Audit](https://github.com/oak-security/audit-reports/blob/master/Filecoin%20Foundation/2023-03-09%20Audit%20Report%20-%20Filecoin%20EVM%20(FEVM)%20v1.1.pdf)
- Audit conducted by **Oak Security**

The audit covers the implementation of:

- FEVM's [builtin actors](https://github.com/filecoin-project/builtin-actors/tree/1b11df4b399550753a4105f45f58bc07015af2a3/actors/evm) out of which only [actors/evm](https://github.com/filecoin-project/builtin-actors/tree/1b11df4b399550753a4105f45f58bc07015af2a3/actors/evm) and [actors/eam](https://github.com/filecoin-project/builtin-actors/tree/1b11df4b399550753a4105f45f58bc07015af2a3/actors/eam) were included in scope along with code base of [ref-fvm](https://github.com/filecoin-project/ref-fvm). The report included auditing EVM runtime action and implementation, correctness of EVM opcodes, including Ethereum Address Manager(EAM). The report also included issues and enhancements methods for gas model and F4 addresses. The audit team also reviewed the message execution flow and kernel setup, WASM integration and FVM logs. All the valid issues raised by the audit were resolved and acknowledged including a few informational issues. More details on these issues are available in the report.

## Lotus

### `2020-10-20` Lotus Mainnet Ready Security Audit
Expand Down
Loading