Before going into production, the Atlendis Labs team follows security best practices in order to ensure that the code is as safe as possible to use. Atlendis Labs’ highly skilled technical team aims to be extremely thorough when it comes to the long term development and testing of the code. Independent audits constitute one crucial aspect of the general security strategy, along with other topics such as bug bounty programs, or the integration of risk prevention tools with X-Margin for instance. 

Following an initial audit with Runtime Verification, a second external audit by PeckShield demonstrates Atlendis Labs’ commitment to making the Atlendis protocol a success and unlocking new opportunities for both lenders and borrowers.

The Atlendis protocol’s smart contracts are complex and innovative pieces of code, at the forefront of what is being built in DeFi today. The Atlendis Labs team decided to proceed with an additional audit of these contracts as a continuous effort on security.

Audit report context and summary

Security is a focal point for the Atlendis Labs’ development team. It has been a clear objective from the beginning to have third-party auditors review and test the Atlendis protocol’s smart contracts, to ensure a high standard of security for lenders and borrowers.

PeckShield was charged with this task and the second audit was conducted in May 2022. 

First, the auditors reviewed the design documentation, whitepaper and related smart contracts code.

Then, they studied the smart contracts source code and ran their in-house static code analyzer through the code database. They manually reviewed business logics, examined system operations, and placed DeFi related aspects under scrutiny to uncover possible pitfalls and/or bugs. If necessary to explore any found issue, PeckShield would deploy the contract on their own testnet to replicate and confirm the finding.

Finally, they provided additional suggestions or recommendations for improvement.

The PeckShield team found that “overall, these smart contracts are well-designed and engineered, though implementation can be improved by resolving the identified issues.”

On their 6-degree risk classification scale, the PeckShield team could not identify issues above the 4th degree – degree 5 is high severity and 6 is critical. Only medium-severity and low-severity vulnerabilities were found and immediately addressed by the Atlendis Labs team. 

As replicating real-life usage conditions is nearly impossible and manual code reviews are not a guarantee to find all possible security vulnerabilities, the Atlendis Labs team will soon launch a Bug Bounty program for the Atlendis community to participate in strengthening the protocol’s security.

Atlendis Labs would like to extend their gratitude to the PeckShield team for their feedback and suggestions that have helped improve the Atlendis protocol. The Atlendis Labs team looks forward to developing a long-term relationship with PeckShield, to advance the development of the Atlendis protocol.

Audit report 

The Atlendis protocol audit report by PeckShield can be found here.  

About PeckShield

PeckShield is a leading blockchain security company with the goal of elevating the security, privacy, and usability of current blockchain ecosystems by offering top-notch, industry-leading services and products (including the service of smart contract auditing). The company was founded by forward-looking, passionate entrepreneurs and veteran researchers, with a strong desire to improve state-of-the-art security of large-scale systems.

With a recent focus on blockchains, PeckShield publishes trending reports and provides services and products to identify hidden vulnerabilities (e.g., in smart contracts and consensus protocols), expose zero-day exploits, and defend against emerging threats. Notable PeckShield audits include AAVE and MakerDAO.

What’s next

Also, now that the audit of the Atlendis protocol’s smart contracts is completed, the smart contracts’ code has been open sourced and is hosted on the Atlendis Labs’ GitHub. The launch of Atlendis Labs’ Bug Bounty program is therefore the logical next step and will be announced shortly. Subscribe to Atlendis Labs’ newsletter to be informed as soon as it launches.

Additional resources

Atlendis.io | Whitepaper | LinkedIn | Twitter | Discord | Newsletter | Audit Report by Runtime Verification | Audit Report by PeckShield