Halborn Security Issues First Audit Progress Update

Halborn’s first week of audits includes an unplanned investigation into the root cause of last week’s exploit. They have noted that their primary directive is not incident response, but after the series of exploits, took it upon themselves to conduct an investigation. Over the next week, they will primarily be penetration testing bifröst and the router contracts.

Why this is important

• Halborn is a leading cybersecurity agency, and their extended audit of the THORChain codebase will help minimize further exploits and allow users to gain back confidence in the protocol.
• TrailOfBits is also conducting an audit, and the THORChain team is working on a more clear and comprehensive bug bounty program to encourage black and grey-hat hackers to properly disclose vulnerabilities.

What led to this

THORChain sought an in-depth code review after the first major exploit earlier this month, but after the second exploit occurred just as the network was coming back online, a proposal was made by the team at Halborn to begin working on both a comprehensive audit of the platform, and an “Always-On” protection service that would actively try to find weaknesses in the network.

Going forward

• Halborn expects the audit to continue for at least 6 more weeks. They will be covering most of the core pieces of the THORChain stack, including bifröst, the router contract, TSS implementation, and more.
• Plans for resuming the THORChain network are still under discussion. At this time, the most likely path forward is to disable inbound and outbound transactions while bringing the chain back online to continue paying block rewards to liquidity providers.
• It is possible that the network will be unavailable for swaps until audits are complete, or an interim solution is developed.

Halborn’s progress can be tracked on their public dashboard.