Audits and Security Strategy of Atlendis Labs regarding the Protocol’s V2 Smart Contracts

12/06/2023Blog

by Stéphane Coquet

Audits and Security Strategy of Atlendis Labs regarding the Protocol’s V2 Smart Contracts

This article provides an overview of Atlendis Labs security strategy and the Atlendis V2 audit reports.

Atlendis Labs security and V2 audit

Introduction

Before deploying any software, the Atlendis Labs team follows security best practices in order to ensure that the code is as safe as possible. Atlendis Labs’ technical team aims to be extremely thorough when it comes to the long term development and testing of the code. Independent audits constitute one crucial aspect of the general security strategy, along with other topics such as bug bounty programs. 

Following initial audits (by Runtime Verification and PeckShield) of the Atlendis V1 smart contracts, new external audits of the V2 contracts by Trail of Bits and Nethermind demonstrate Atlendis Labs’ commitment to making the Atlendis protocol V2 as resilient as possible to safely provide new opportunities to both lenders and borrowers.

Part 1: A word from Atlendis Labs’ CTO about Atlendis Labs’ Security Strategy

With billions of dollars worth of cryptocurrencies having been hacked in the last few years, it’s no wonder that security has to play a central role when working on smart contracts. Security has to be in line with our ambition, which is to become a major player in the peer to peer private credit space. 

At Atlendis Labs, we perceive security as a continuous process while architecting, specifying, implementing, testing and monitoring smart contracts. Security is everyone’s business, all the time. With this series of articles, we announce the audits we have been conducting on the set of smart contracts that constitute the Atlendis V2 protocol

During our development cycle, our priority was to follow the industry's security best practices. Each addition to our codebase was carefully peer reviewed. In terms of testing, a total of almost 900 unit tests were implemented to cover the protocol usage as best as possible. Furthermore our integration test suite enabled us to test the system as a whole. All our tests leveraged Foundry’s fuzzing capabilities to make sure that tests caught as many edge cases as possible. On top of these tests a series of randomized simulations guaranteed that some key properties would hold under all kinds of stress scenarios.

At different stages of the development process, we conducted two audits to evaluate the state of the codebase. The first audit was conducted by Trail of Bits, and started in February 2023. At that stage, the smart contracts’ structure and functional scope was done, but we did not consider the codebase to be  mature, since we had not finished all of our testing efforts. Trail of Bits helped us identify some critical issues that were addressed immediately. Since these  fixes had a significant structural impact on the codebase, we felt it was prudent to conduct an additional audit after our testing suite and code base had reached the state we considered complete. Our second audit was led by Nethermind, and started in April 2023. We considered our smart contracts to be production ready at that stage, and while Nethermind helped us identify additional issues, these were mostly minor vulnerabilities that were quickly resolved. 

Following these two audits we are confident that Atlendis V2 protocol is production ready and securely handles user funds. However, security is a journey, and our efforts will not stop there. While we announce today the completion of these two audits in this series of articles, we will also start a bug bounty program in the near future, to allow whitehats to always improve the security of the Atlendis protocol. We will also constantly monitor our smart contracts that are deployed in production, to ensure safety and fast remedy in case of an unexpected event.

As always, and in the spirit of transparency, we encourage our community to engage with us on Discord, and will be happy to answer any question on our security strategy.

Part 2: Trail of Bits’ Audit

Trail of Bits completes independent third-party audit of Atlendis V2 smart contracts. Read the article here.

Part 3: Nethermind’s Audit

Atlendis Labs has successfully concluded an audit of the Atlendis protocol V2 by Nethermind. Read the article here

Conclusion

Atlendis Labs would like to extend their gratitude to the Trail of Bits and Nethermind teams for their feedback and suggestions that have helped improve the Atlendis protocol. The Atlendis Labs team looks forward to developing a long-term relationship with them to advance the development of the Atlendis protocol.

Audit Reports

Nethermind audit report.

Trail of Bits audit report.

About Atlendis Labs

Atlendis is a capital-efficient lending protocol connecting DeFi with real-world use cases. Atlendis fills the gap that traditional finance (TradFi) has not been successfully able to cover. Leveraging blockchain technology and open banking, Atlendis enables Fintech and institutional actors to open dedicated liquidity pools and access one-time loans and revolving lines of credit, thus facilitating alternative financing for the growth and development of SME and startup customers across the globe. Atlendis makes it possible for any lender to control their portfolio while earning sustainable yield and making a meaningful impact helping real-world businesses. 

Additional Resources 

app.atlendis.ioAtlendis.ioWhitepaperLinkedInTwitterDiscordIntern | Newsletter 

img@atlendis

Stéphane Coquet

Co-Founder & CTO

Stéphane Coquet is a Co-Founder and CTO of Atlendis Labs. Stéphane started his career in consulting, and quickly switched to developer roles in the digital marketing field. He then fell down the blockchain rabbit hole and figured that since he already spent the majority of his time exploring the Ethereum blockchain ecosystem, he might as well make it his day job. He joined ConsenSys as a software engineer and worked on several global projects, helping institutions build private blockchain consortia to change the rules of their respective industries. He aspires to build a more open and inclusive financial system, but this time on the public side of the chain. Stéphane is a graduate of the Ecole Polytechnique and Ecole des Mines de Paris.