Primary Lending Platform Audit Release Statement
After undertaking a number of rounds of smart contract audits, code rework, and audit rechecks, Fringe Finance can now release its final audit findings and position. Below, you can find some details about the auditing process, as well as links to the results.
Smart contract audit firms
The smart contract audits were undertaken by HashEx and CyberUnit’s Audit Group. Additionally, Fringe Finance had internal and independent smart contract developers review the codebase as part of the overall quality assurance process.
The primary audit was undertaken by HashEx. Cyberunit’s Audit Group undertook a secondary audit. Though some of our development is also undertaken by CyberUnit, CyberUnit’s Audit Group is a separate group within the same organization. This group undertook the secondary audit without influence from our CyberUnit development team members. Nevertheless, HashEx’s audit is considered the primary audit.
Treatment of residual items
Most audit items are fully resolved. It is usual for smart contract audits to contain some residual items such as ‘acknowledged’ or ‘partially fixed’ that may warrant attention in the future.
The attached paper under “PLP residual audit items”, written by CTO Brian Pasfield, presents details of how Fringe Finance is treating such residual items. The auditors reflect Fringe’s position in their rating of each audit item.
Links to audit reports and code
For audit report details, Fringe Finance’s treatment of residual audit items, and relevant Github source code repositories, please use the following links:
Update to release contracts announcement
As considered Fringe’s latest monthly update, a few of the deployed contracts published at that point could require updates and changes. This announcement has now been updated to reflect the contracts in HashEx’s audit, which now permanently integrate the Primary Lending Platform.
To view the said announcement, click here.
Bug bounty program
Additionally, Fringe Finance will soon be releasing the details of a bug bounty program for the Primary Lending Platform. This program is designed to assure the robustness of the PLP and incentivizes the white hat hacker community to identify any security issues, offer possible resolutions, and allow Fringe Finance to address such issues to protect users’ funds and the platform’s stability.
Fringe’s bug bounty program will be posted and managed via Immunefi, which we consider a leading smart contract bug bounty platform. Immunefi has run bounty programs for well-known DeFi projects, including MakerDAO, Wormhole, The Graph, Lido, Balancer, Aurora, Olympus, Optimism, Polygon, Arbitrum, and many others.
About Fringe Finance
Fringe Finance is a decentralized money market designed to unlock the capital spread in crypto assets regardless of their capitalization and supported network. With a next-generation DeFi lending & borrowing ecosystem, Fringe aims to unlock the dormant capital from traditional financial markets and all-tier cryptocurrencies.