xDai
xDai
Staking on xDai
Staking on Ethereum
xDai Bridge
Omni Bridge
Welcome to xDai
About xDai
Features
Projects & DApps
Use Cases
News & Information
Roadmaps
FAQs
For users
Getting Started with xDai
xDai Stable Token
Bridges
Wallets
Applications
Block Explorers
Governance
For Stakers
STAKE Token
Staking on xDai
EasyStaking on Ethereum
POSDAO Staking Roadmap
For developers
Developer Resources & Tools
Install xDai Client - Run a Non-Validator Node
Stable Chain Network Deployment
On-Chain Random Numbers
Grants for building on xDai
Immunefi Bug Bounty
Security Audits
For validators
About xDai Validators
New Validator Process Flow
Consensus Validators Additional Info
Bridge Validator Info
Consensus Info: AuRa, POSDAO
Hard Forks
POSDAO Whitepaper
Contact & Media Info
xDai Dev Team
Social Media & Community Channels
Media Kit
Contact us
Careers
Elixir Developer (BlockScout)
Powered by GitBook

Security Audits

Audits of xDai and related infrastructure

OmniBridge v6.0 Smart Contracts Audit by ChainSecurity

Completed: September 7, 2021

Conclusion: The assessment uncovered a number of potential issues which were resolved by the team. Two additional issues were acknowledged and largely mitigated by the team, and the original severities are no longer applicable. These upgrades to the Omnibridge provide additional functionality which will be implemented in the future.

POSDAO Audit by ChainSecurity

Completed: June 25, 2021

Conclusion: The assessment uncovered several issues which were addressed or acknowledged by the team. No "critical" severity security flaws preventing continued usage or launch of contracts in future contexts were found. 0 Critical Issues, 1 High Risk Issue Accepted, 4 Medium Issues Accepted/Acknowledged, 4 Low Risk Issues Accepted/Acknowledged.

OmniBridge Audit by ChainSecurity

Completed: April 27, 2021

Conclusion: 0 Critical or High Risk Issues, 2 Medium Issues Accepted, 3 Low Risk Issues Accepted/Acknowledged

Contracts: https://github.com/poanetwork/omnibridge

TokenBridge Audit by Quantstamp (covers OmniBridge)

Completed: November 6, 2020

Conclusion: No high and medium risk issues found, all low risk issues addressed.

Contracts: Revised in version 5.5.0-rc0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/5.5.0-rc0

Quantstamp Security Audit PDF

EasyStaking Audit by Quantstamp

Completed: August 3, 2020

Conclusion: All high/medium/low risk issues resolved.

TokenBridge Audit by Quantstamp (covers xDai bridge functionality)

Completed: January 8, 2020

Conclusion: All high risk issues resolved and low risk issues addressed. More information available in this post.

Contracts: Revised in version 3.3.0 to address audit. https://github.com/poanetwork/tokenbridge-contracts/releases/tag/3.3.0

Quantstamp TokenBridge Security Audit PDF

STAKE Token Distribution by Quantstamp

STAKE Token Distribution Audit

Completed: June 24, 2020 Conclusion: No High or Medium risks, all low and informational risks addressed

Quantstamp STAKE Security Audit PDF

DPOS Audit

In the original audit, the working name for the staking token was DPOS. This changed to STAKE.

DPOS Audit Completed: September 5, 2019 Conclusion: All risks resolved. Contracts: Version 1.0.1 addressed items in audit. https://github.com/xdaichain/stake-token/releases/tag/v1.0.1

Quantstamp DPOS Security Audit PDF

STAKE Legal Opinion

The token constitutes a VFA in terms of Maltese law. Please contact [email protected] to request access to the document.

POSDAO Initial Security Audit by PepperSec

Completed: August 2019

Conclusion: All issues fixed or addressed. Due to scalability concerns, teams created a new methodology to accumulate and later “pull” their stakes and rewards instead of the “push” strategy as implemented in the audited version of the contracts.

Contracts: Version 0.1.0 addresses issues present in audit. https://github.com/poanetwork/posdao-contracts/releases/tag/v0.1.0

POSDAO v1 Consensus Contracts audit

For developers - Previous
Immunefi Bug Bounty
Next - For validators
About xDai Validators
Last updated 3 weeks ago
Contents
OmniBridge v6.0 Smart Contracts Audit by ChainSecurity
POSDAO Audit by ChainSecurity
OmniBridge Audit by ChainSecurity
TokenBridge Audit by Quantstamp (covers OmniBridge)
EasyStaking Audit by Quantstamp
TokenBridge Audit by Quantstamp (covers xDai bridge functionality)
STAKE Token Distribution by Quantstamp
POSDAO Initial Security Audit by PepperSec