The Polkadot Claims Audit

Web3 Foundation engaged Chain Security for an audit of the Polkadot Claims smart contract. The audit found 0 Critical, 0 High, 2 Medium and 9 Low level issues, all of which have been resolved in the latest commits to the code.

By PolkadotAugust 7, 2019

Web3 Foundation engaged Chain Security for an audit of the Polkadot Claims smart contract. The audit found 0 Critical, 0 High, 2 Medium and 9 Low level issues, all of which have been resolved in the latest commits to the code.

The Polkadot Claims contract is an Ethereum smart contract that allows holders of the DOT allocation indicator token to claim their balances of DOTs to a Polkadot public key ahead of Polkadot genesis.

In order to launch Polkadot in a transparent and decentralized way, an Ethereum smart contract was required to hold data necessary to the genesis of Polkadot including the Polkadot public key to associate to a specific allocation, the index of the public key, and the vested status of the allocation.

Submission of this data to the Ethereum blockchain enables the community to generate and verify the genesis chain specification themselves in an independent manner. It is an integral piece to the launch of Polkadot in a transparent way.

For this reason, the security of the contract was of the utmost importance, especially regarding the certain immutability of the state of the contract after claiming actions have taken place.

To guarantee that the Claims contract is secure and functionally correct, ChainSecurity formally verified the contract's code with respect to its intended specification. In more detail, ChainSecurity formalized 12 critical functional requirements and verified them using their state-of-the-art tool for formal verification. Examples of the properties that were verified include the immutability of the state after the initialization, access-control requirements, and safety of the contract set-up period.

In addition to the formal verification, the full audit report details each of the issues that were found in the categories of Security Issues, Trust Issues, and Design Issues. It also describes the fixes that were applied to each and reasoning of the Web3 Foundation.

You can find the full audit report here.

From the blog

Uplifting new voices and validators: Polkadot's path to sustainable decentralization

Decentralized Nodes and Decentralized Voices programs by the Web3 Foundation offer pathways for validators and governance participants to gain influence based on merit, helping to build a fairer, more resilient Polkadot ecosystem that aligns with the core principles of web3.

Is large-scale, high-quality Web3 education possible?

The Polkadot Blockchain Academy (PBA) is taking Web3 education to the next level with PBA-X, an online course crafted to deliver high-quality blockchain knowledge at scale. Learn how we’re preserving educational standards, fostering a global community, and creating new opportunities for learners everywhere.

Blockchain explained: A practical guide from concepts to use cases

Blockchain has grown far beyond its roots in cryptocurrency, reshaping industries from finance to healthcare. This guide walks you through the basics, benefits, and groundbreaking potential of blockchain and its impact on the future of the open internet.

Empowering the next wave of founders: Welcome to EasyA x Polkadot University

Unlock a structured path to start building on Polkadot with EasyA x Polkadot University.

Dynamic & Modular: Scaling Ambition with Agile Coretime

Polkadot’s Agile Coretime simplifies launching and scaling blockchain projects with dynamic blockspace allocation and flexible cost options. Learn how Agile Coretime makes it easier to build, launch, and scale ambitious Web3 projects.

How play-to-earn (P2E) is transforming onchain mobile sports gaming

Play-to-earn games are transforming mobile sports gaming. Learn how blockchain, NFTs, and platforms like Polkadot create new opportunities for digital asset ownership and cross-chain gameplay.

Polkadot Token 2049 and Decoded Asia 2024: A multichain ecosystem in action

At Token 2049 and Decoded Asia 2024 in Singapore, Polkadot teams and contributors showcased a multichain future for real-world applications. Key moments included Dr. Gavin Wood’s vision for digital individuality, Chrissy Hill’s regulatory insights, and announcements from emerging projects shaping the Web3 ecosystem.

What is a crypto wallet? Your all-access pass to the future web

In Web3, your wallet is your most valuable digital tool. It’s more than just a place to store, send, and receive cryptocurrencies securely—it’s your passport to the decentralized world.

July 2024: Key network metrics and insights

Welcome to your go-to source for the latest tech updates, key metrics, and discussions within Polkadot, brought to you by the Parity Success Team. This blog series covers a variety of topics, drawing insights from GitHub, project teams, and the Polkadot Forum.

Polkadot 2.0: The rebirth of a network

Polkadot 2.0 reimagines blockchain with a bold rebrand and powerful features: Agile Coretime, Async Backing, and Elastic Scaling. Step into a more flexible, faster, and scalable network. Learn about the improvements and changes that led to this next era of Polkadot.

Meet the Decentralized Futures grant recipients: transforming ideas into impact on Polkadot

The Decentralized Mic is here to spotlight the innovative projects and teams driving Polkadot’s growth. Join us as we explore the achievements of Decentralized Futures grant recipients and their contributions to the Polkadot ecosystem on the new ecosystem community call series.

The ultimate 2024 Polkadot grants and funding guide

Explore Polkadot ecosystem funding: grants, venture capital, bounties, and community initiatives. Discover opportunities for blockchain builders today.