Security Audit Reports

Our audit reports provide a highly detailed analysis on the areas of coverage and concern, and we are happy to share them with our community to help anyone better understand how the Element Protocol works.

The following traditional security audits have been performed on the Element Protocol’s core contracts:

Runtime Verification Final Audit Report

Runtime Verification Inc. is a company aimed at using runtime verification-based techniques to perform security audits on virtual machines and smart contracts on public blockchains. They are dedicated to using its dynamic software analysis approach to improve the safety, reliability, and correctness of software systems in the blockchain field. Therefore, we contracted them to do a formal audit on the Element Protocol.

Summary of Findings

Runtime Verification’s Audit discovered a total of nine reported bugs with impact. This includes 3 Critical, 0 High, 2 Medium, 4 Low vulnerabilities, as well as informational findings and suggestions. All identified issues were either patched or resolved.

Read the Runtime Verification final audit report here.

PeckShield Final Audit Report

PeckShield is a leading blockchain security company with the goal of elevating the security, privacy, and usability of current blockchain ecosystems by offering top-notch, industry-leading services and products (including the service of smart contract auditing).

Summary of Findings

PeckShield’s Audit discovered 1 medium-severity vulnerability, 2 low-severity vulnerabilities, and 2 informational recommendations. PeckShield’s audit started at a later date than RV’s audit so reviewed the code which had been bug fixed as part of the RV audit. All identified issues were either patched or resolved.

Read the PeckShield final audit report here.

Summary

Our security efforts have resulted in the discovery of a number of bugs, including some critical- and medium-severity issues. The team has taken the appropriate actions to evaluate and mitigate these issues, and we look forward to continuing to work with our auditors as we get closer to the official launch of the Element Protocol.