Ampleforth completes second security audit

Stax Inc. teams up with Coleman Research

Ampleforth, a decentralized store of value protocol, has just announced the completion of a second security audit. The first audit was completed by Chinese security firm SlowMist over the course of 1 week and reported no vulnerabilities. The second audit was conducted by Trail of Bits, a New York-based security firm. From November 5, 2018 to November 20, 2018, Trail of Bits, evaluated the security of the Ampleforth protocol codebase and determined it was of high-quality.

Ampleforth is a digital asset protocol for creating fair, independent money. The Ampleforth protocol moves volatility from unit price to unit count and achieves price stability by algorithmically expanding and contracting supply among holders based on demand.

During the rigorous two-week evaluation, Ampleforth’s ERC20 token, Monetary Policy, and Market Oracle contracts including all of the Solidity smart contracts that will be deployed on-chain were examined. Contracts were reviewed with special consideration for the complex arithmetic calculations performed in the token as well as the bespoke integer arithmetic library implementation used by the Ampleforth token contract. Following the evaluation, Trail of Bits determined that Ampleforth’s code is of high quality and only identified three low severity (LS) issues.

The completion of this security audit on the Ampleforth protocol marks a major milestone for us,” said Brandon Iles, Ampleforth co-founder and CTO. “By identifying risks and vulnerabilities early, we can work toward improving the codebase and reducing the potential of future hacks, which may result in losses of millions of dollars overnight.

Assessments from major auditors have become the norm as more stablecoins are issued and the competition in the space continues to grow. SlowMist’s and Trail of Bits’ full security audit report on the Ampleforth protocol will be published on GitHub and Ampleforth is electing to make this, and all future audits publicly available.

Read Also: