The Polkadot Claims Audit

Web3 Foundation engaged Chain Security for an audit of the Polkadot Claims smart contract. The audit found 0 Critical, 0 High, 2 Medium and 9 Low level issues, all of which have been resolved in the latest commits to the code.

By Polkadot•August 7, 2019

The Polkadot Claims contract is an Ethereum smart contract that allows holders of the DOT allocation indicator token to claim their balances of DOTs to a Polkadot public key ahead of Polkadot genesis.

In order to launch Polkadot in a transparent and decentralized way, an Ethereum smart contract was required to hold data necessary to the genesis of Polkadot including the Polkadot public key to associate to a specific allocation, the index of the public key, and the vested status of the allocation.

Submission of this data to the Ethereum blockchain enables the community to generate and verify the genesis chain specification themselves in an independent manner. It is an integral piece to the launch of Polkadot in a transparent way.

For this reason, the security of the contract was of the utmost importance, especially regarding the certain immutability of the state of the contract after claiming actions have taken place.

To guarantee that the Claims contract is secure and functionally correct, ChainSecurity formally verified the contract's code with respect to its intended specification. In more detail, ChainSecurity formalized 12 critical functional requirements and verified them using their state-of-the-art tool for formal verification. Examples of the properties that were verified include the immutability of the state after the initialization, access-control requirements, and safety of the contract set-up period.

In addition to the formal verification, the full audit report details each of the issues that were found in the categories of Security Issues, Trust Issues, and Design Issues. It also describes the fixes that were applied to each and reasoning of the Web3 Foundation.

You can find the full audit report here.

From the blog

CBDCs vs. Stablecoin: Competing visions for digital currency

Two forms of digital money, two opposing visions for finance. From centralized control to decentralized participation, explore how CBDCs and stablecoins differ and how Polkadot supports a decentralized financial future shaped by community governance and open access.

DEX vs CEX: A beginner's guide to crypto exchanges

Centralized and decentralized exchanges offer different paths into crypto. This beginner-friendly guide breaks down how they work, why DEXs matter for financial access, and how Polkadot supports a more open, permissionless future for global users.

What’s in a DOT? The fuel powering Polkadot's decentralized economy

DOT is more than just a token. It keeps the Polkadot network secure, runs onchain governance, and supports builders and users alike. Discover how it works and what it means for you.

Security isn’t optional: What builders are factoring into chain choice

Security is no longer an afterthought in blockchain development. Builders are looking beyond incentives to long-term infrastructure stability. Here's why resiliency is critical and how the Polkadot Assurance Legion is helping developers launch safely.

How to set up a Polkadot wallet: A step-by-step guide

New to Polkadot? This beginner-friendly guide walks you through how to set up a Polkadot-compatible wallet, from choosing the right option to securing your seed phrase and getting started with staking and managing your DOT.

What is a DAO? How decentralized communities are reshaping governance

DAOs are changing how communities organize online. Learn what a DAO is, how decentralized governance works, the different types of DAOs, and how you can participate in blockchain-powered decision-making.

Governance, side by side: Polkadot, Ethereum, and NEAR

Decentralized Mic pulled together experts from leading experts from Polkadot, Ethereum, and NEAR to discuss decentralized decision-making approaches, address participation challenges, and explore the potential impact of AI on future governance models.

Where real-world value meets access: How Polkadot powers RWA and DePIN

Polkadot is making real-world assets and infrastructure accessible through tokenization, unlocking new opportunities in finance and energy for everyday participants and communities.

Understanding DeFi: A starter guide to decentralized finance

DeFi transforms traditional finance by replacing banks and brokers with smart contracts on blockchain networks. Discover how dapps enable lending, trading, and earning interest without intermediaries—and how Polkadot’s interoperability brings these tools together for a connected financial future.

The evolution of digital ownership: How tokenization is transforming gaming, music, and beyond

Tokenization is redefining digital ownership in gaming and music, enabling players and artists to control their assets. With blockchain, NFTs, and Polkadot’s interoperability, digital economies are becoming more decentralized, secure, and accessible.

Web3 funding playbook for builders, creators, and founders

Discover funding opportunities in the Polkadot ecosystem, from grants and bounties to venture capital and community-driven fundraising. Explore pathways for builders at every stage, with insights on securing support for DeFi, DePIN, AI, gaming, and real-world asset tokenization.

From speculation to sustainability: Top ETHDenver takeaways

ETHDenver 2025 highlighted Web3’s shift toward sustainability, emphasizing talent development, decentralized governance, and aligned incentives. Polkadot’s insights reinforced the industry’s move beyond speculation toward long-term, community-driven growth.