Introduction
This document provides an overview of the current status of audits for Optimism Fractal's open-source applications and protocols, detailing ongoing audits, potential future audits, and the importance of ensuring software security as the community grows.
This software is an essential core component at the heart of Optimism Fractal weekly events and videos, as well as other communities or organizations that implements the Respect Game and onchain governance protocols built by Optimism Fractal developers.
Table of Contents
- Introduction
- Context
- Current Audit Status
- Potentially Upcoming Audits
- Communications about Audits
- Hats Protocol Integrations
- Snapshot Audits
- Audit History
- Mathematical Analysis
Context
There are several different types of software that are used by the Optimism Fractal community and there are over five developers who are actively building Optimism Fractal apps.
Software being developed by the Optimism Fractal community includes next generation versions of Respect Games app, Fractalgram app, and onchain governance protocols such as ORDAO and OREC.
Current Audit Status
Optimism Fractal software is currently in the process of receiving audits from professional auditing firms, including Nethermind Security.
Optimism Fractal and Optimystics cofounder Tadas has requested the Nevermind Secuirty to audit the new smart contracts for ORDAO and OREC, which is proposed as the next generation of Optimism Fractal EVM software.
The Nevermind Security team said that they expect to complete the audit in mid-October.
Potentially Upcoming Audits
In addition to the audit provided above, another development team (composed of Vlad and Lennar) who expressed interest in getting an audit are building the Respect Games app.
Another team of developers (composed of Abraham and Howard) are focused on building a secure front-end for the next generation Fractalgram app and may be interested in getting an audit in the future.
You can learn more about these apps in the links above and explore their audit status in the messages below.
Communications about Audits
Dan Singjoy contacted these three teams of developers who are building Optimism Fractal Respect Games applications and encouraged them to apply for an audit in the Audit Hub in this upcoming cycle. You can find the following messages here.
Hats Protocol Integrations
Optimism Fractal uses Hats Protocol to organize onchain roles and authorities. Hats Protocol has been audited by Sherlock, as you can see here.
You can learn more about Optimism Fractal’s integrations with Hats Protocol at OptimismFractal.com/41.
Snapshot Audits
Snapshot is a widely-used decentralized governance tool that is used by the Optimism Fractal community in three snapshot spaces:
Optimism Fractal Snapshot Space
Optimism Town Hall Snapshot Space
Optimism Town Hall Snapshot Space
Snapshot has not undergone an official audit as far as public sources suggest. However, because Snapshot is primarily a voting tool that doesn’t handle funds directly, it is a lower risk than protocols that manage financial transactions.
Audit History
We have not completed a code audit throughout the first year of Optimism Fractal primarily because it hasn't been necessary, but we fully intend to do so in the future.
The reason it's not currently needed is that there is no monetary value secured in the contracts, making them unlikely to be targeted or attacked. Additionally, all participants have full transparency, as they can monitor the explorer themselves. The distribution of Respect is publicly posted each week on our Discord server to ensure awareness and accessibility, and any proposed changes are visible on Snapshot.
Even if an error were to occur in the Respect distributions, we have the capability to address it. By viewing the blockchain from an earlier state, we could reset any potential issues and redeploy a new token distribution based on the pre-error state. The Council would then determine the best course of action to resolve the situation via our consensus process.
Mathematical Analysis
Furthermore, several in-depth mathematical analyses have been conducted on the distribution mechanisms and the zoom room randomization process. Contributions from experts have provided rigorous evaluation and validation of these processes.
More details about this and links to their research can be provided upon request.