Namada Security
The Namada protocol's open-source code has been reviewed by a broad community of developers and auditors.
Due to its innovative and experimental nature, there are inherent risks of bugs or performance issues that fall outside of the intended scope of the code. The purpose of the Security Program is to establish a constructive process for identifying and addressing these bugs in a timely manner.
It is important to note that all participants in the Namada ecosystem are free to address bugs in any way they see fit, whether or not they choose to participate in this Security Program.
Security Audits
Organization | Scope | Audit Completion Date | Link to report |
---|---|---|---|
Inference / JP Aumasson | MASP | June 2022 | Report |
Informal Systems | Namada Cubic Proof of Stake (Quint specification) | October 2023 | Report |
Informal Systems | Namada Cubic Proof of Stake (TLA+ specification) | January 2023 | Report |
Informal Systems | Namada Cubic Proof of Stake (Model based testing framework) | January 2023 | Report |
Informal Systems | Namada ABCI Application | April 2024 | Report |
Informal Systems | Namada IBC & MASP Integrations | August 2024 | Report |
Informal Systems | Namada Governance and PGF | December 2024 | Report |
Antithesis | Continuous Simulation, Testing & QA of the Namada Protocol | Ongoing | |
Least Authority | Namada Interface | July 2023 | Report |
Oak Security | Ethereum IBC | March 2023 | Report |
Namada Mainnet Security Program
The Namada Mainnet Security Program is an initiative by the Anoma Foundation to reward teams and individuals for discovering and submitting new security-critical bugs in the Namada protocol.
All security-critical Namada designs and implementations are covered by the Anoma Foundation security program. We are committed to working in good faith with anyone who believes that they have found a bug in the Namada stack.
Versions of Namada currently in scope:
(mainnet release candidate)
Level | Example | Reward |
---|---|---|
Minor | Unclear code, confusing CLI, interaction patterns in which users can easily make mistakes | No reward, but submissions are still appreciated |
Medium | Causing clearly unintended state machine behaviour, such as a mismatch between the proof-of-stake reward algorithm in the specs and in the actual implementation | Up to CHF 5,000 |
Serious | Halting the ledger, continuously DoS-ing a node with a standard/reasonable configuration | Up to CHF 50,000 |
Critical | Stealing funds, withdrawing funds without user authorization, double-spending, breaking critical security properties (e.g taking over the chin as one validator | Up to CHF 100,000 |
Exact scoring and payout amounts are up to the discretion of the Foundation. Bounty payment depends on cooperation and responsible disclosure. We are committed to working with whitehat security researchers in good faith. Should you discover and report an issue, we will coordinate together to confirm it, figure out the appropriate operational response, co-publish a report and analysis after it is safe to do so, and execute the bounty payment via a mutually acceptable method.
If you believe that you may have found a bug in the Namada protocol design or implementation, please email: security@anoma.foundation
User security in practice depends on smart defensive design, active participation and good-faith cooperation of the community, and careful, diligent behavior by users. If you are unsure about some Namada-related application, token, or project, ask around on a community coordination channel for advice before taking any actions.
Security
Security of Namada in practice requires both protocol security (correctness of the design and implementation of the protocols) and user security (privacy education, spam/phishing avoidance, etc.).
Protocol security in practice is not a matter of "correct or not", but rather one of defense-in-depth. The Namada community uses various tools, including specifications, third-party audits, internal and external code reviews, and public testnets, in order to minimize the likelihood of unexpected protocol bugs or behaviors.
Those efforts notwithstanding, the most important factor for security is effective cooperation between developers, community members, and security researchers.
If you believe that you may have found a bug in the Namada protocol design or implementation, please email:security@anoma.foundation
All security-critical Namada designs and implementations are covered by the Anoma Foundation security program. We are committed to working in good faith with anyone who believes that they have found a bug in the Namada stack.
Versions of Namada currently in scope:
v0.31.0 (Shielded Expedition release)
Bugs found during the Shielded Expedition will be rewarded through the Shielded Expedition program. Please see the Shielded Expedition announcement and the special task submission’s page.
User security in practice depends on smart defensive design, active participation and good-faith cooperation of the community, and careful, diligent behavior by users. If you are unsure about some Namada-related application, token, or project, ask around on a community coordination channel for advice before taking any actions.
As a reminder, the Anoma Foundation will never ask for your seed phrase or any key materials. Beware anyone who does!