POA Network – POSDAO Security Audit

Download Audit Report
Summary

ChainSecurity performed a smart contract audit of POSDAO, with a main focus on the configuration for the xDAI POSDAO AuRa implementation.

The smart contracts reviewed implement the configurable logic for the operation of a POSDAO network. The actual configuration implemented corresponds to the settings for the xDAI POSDAO AuRa network. These smart contracts are used by the client software (currently OpenEthereum or Nethermind) to determine how to run the proof of stake network. Amongst others, this includes the logic to determine the set of active validators and the block rewards. The client software is configured accordingly through the genesis configuration of the chain and the core smart contracts expose standardized functions which the client queries. A staking contract deployed on chain allows participants to stake (either the native coin of the chain or tokens, depending on configuration) and to participate in the consensus.

See the report for more information on our findings.

About POA Network – POSDAO

POSDAO is a project from POA:

“POA Core is an autonomous network secured by a group of trusted validators. All validators on the network are United States notaries, and their information is publicly available. This distributed group of known validators allows the network to provide fast and inexpensive transactions.

POA organization also develops products and tools to improve interoperability, infrastructure and transparency throughout the ecosystem. These include BlockScout, an open-source explorer, TokenBridge, a multi-chain asset-transfer solution.”

(Source: https://www.poa.network/)

ChainSecurity has a thoughtful and thorough approach to their auditing process, which is not always the case with security auditing firms. Communication was excellent throughout; their high level of scrutiny, attention to detail, and understanding of complexities helped improve our OmniBridge contracts.
Igor Barinov, POA Network