Back to Overview

Polymarket NegRiskAdapter Security Audit

Summary

The most critical subjects covered in our audit are correct accounting and access control. All covered subjects provide a high level of security.

It is worth to mention that the ambiguous guidelines for creating questions can lead to problematic cases in certain circumstances as can be seen in Emergency resolution mechanism possibly not sufficient.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Polymarket NegRisk adapter

Polymarket implements an adapter contract that plugs between a conditional token exchange and the
actual conditional tokens contract to enable prediction markets with multiple binary questions where
exactly one question resolves to YES while all other questions resolve to NO. Additionally, an auxiliary
contract is implemented that permissions the question creation.

“Polymarket is an information markets platform that lets you trade on the world’s most highly-debated topics (e.g. coronavirus, politics, current events, etc). On Polymarket, you build a portfolio based on your forecasts and earn a return if you are right. When you decide to buy shares in a market, you are weighing in with your own knowledge, research, and view of the future. Market prices reflect what traders think are the odds of future events, turning trading activity into actionable insights that help people make better decisions. As a result, Polymarket is a leading source of unbiased and real-time data about future events.”

#Source

Hats off to the ChainSecurity team for their stellar work on our security audit. The process was smooth from start to finish thanks to their clear communication style, and our codebase benefited immensely from their thorough analysis. We look forward to working with them in the future!
Mike Shrieve - Protocol Lead