Back to Overview

Republic Protocol Security Audit

ChainSecurity Ltd has completed a security audit of the Republic Protocol project. Four security experts from our team were involved in the audit, which took fifteen days to complete. See the full report to learn more about the scope of the audit and considered properties.

Summary

Republic Protocol is a decentralized open-source dark pool protocol facilitating atomic swaps between cryptocurrency pairs across the Bitcoin and Ethereum blockchains. Trades are placed on a hidden order book and are matched through an engine built on a multi-party computation protocol. While the order matching engine is placed off-chain, trade orders themselves are first encrypted and committed on-chain and then later revealed after matching. This ensures that once the information becomes public the trade already happened and allows to monitor matching nodes for malicious activity and retrospectively challenge their bond when they were misbehaving.

Our audit investigated the Republic Protocol itself, which allows for custom settlement solutions to be used by future participating brokers, as well as the reference implementation of a full Dark pool by the team called RenEx. During the investigation ChainSecurity Ltd noted that the project is of high quality, employs good coding practices and has clean, well-documented code which is impressive considering the complexity of the project.

While the audit was scoped, a specification covering core parts of the system was derived by both teams and verified under a set of general and adversarial assumptions and an attacker model. All of the previous is clearly defined in the whitepaper and audit report. ChainSecurity Ltd was able to propose several design optimizations and improvements, but more so uncover several vulnerabilities of varying severity. These were swiftly reviewed and addressed by the Republic Protocol team, leading to a more resilient, efficient and secure system.

We are excited to follow the further development of the Republic Protocol and the adoption of their trading pools.

About Republic Protocol

Republic Protocol is a dark pool platform designed for trading large volumes of cryptocurrencies.

Ren is powered by a decentralized network of Darknodes that use secure multiparty computation to run privacy preserving applications. Using it, they are building hidden order books and privacy preserving settlement layers.

Dark pools built on Ren are the first in the history of financial markets that are mathematically provable to be fair.

Find out more here: https://renproject.io/