This marks a new initiative to strengthen security for dApps on Oasis’ confidential EVM, Sapphire, with decentralized audits and bug bounties.
Oasis is proud to announce the launch of a 1 million $ROSE pool dedicated to secondary audits and bug bounties for projects within our ecosystem. Researchers and hackers on Hats’ platform will be able to earn rewards by finding vulnerabilities in selected dApp code.
The first dApp to undergo the expert eyes of hundreds of hackers will be illumineX. The competition will go live sometime in July, so stay tuned for further announcements.
Oasis has always prioritized the security and reliability of our network and ecosystem. This collaboration is the next step to offer Oasis ecosystem projects comprehensive audits and bug bounties. It is funded by a 1 million $ROSE pool to reduce overhead for dApps, making the entire process more efficient. These audits follow the first round of audits, with bounties paid upon finding vulnerabilities that have yet to be found.
Hats Finance specializes in auditing ready-to-deploy protocols through time-bound events where security experts and hackers identify potential vulnerabilities. In addition to these audits, Hats Finance offers bug bounties for already deployed dApps, ensuring that all identified vulnerabilities are valid and significant.
“Given our previous success with such audits for other privacy-focused protocols, partnering with Oasis seemed like a no-brainer that helps further protect dApps that use newer technology on the market,” said Ofir, head of growth of Hats. “Doing more rounds of auditing projects on Sapphire and allowing bounty winners a great prize for finding exploits will give users and developers extra protection — backed by Hats and Oasis.”
Hats Finance will deploy their subgraph and all related contracts on Sapphire, leveraging EVM compatibility and support by Safe to establish a registry and governance multisig Safe on Sapphire. This integration will enhance our ecosystem’s security infrastructure significantly.
Allocating $ROSE
The 1 million $ROSE pool will initially be allocated for secondary and tertiary audits of our ecosystem projects, ensuring no vulnerability remains before going to production. This method ensures that any significant flaws missed in prior audits are addressed. Oasis will begin with illumineX, and based on the outcomes and payouts, Oasis may replenish the pool and change the auditing process as necessary.
“Choosing illumineX to be the first in the auditing process will give them a leg up in their security and dApp maintenance,” said Will Wendt, Ecosystem Growth Manager of Oasis. “Our first round of audits are usually extremely thorough, so that’s why offering up a pool of 1 million $ROSE with the help of Hats auditing protocols helps not only legitimize our recommended auditing protocols, but offers real bounties for problems that have been overlooked.”
Moving forward, the pool will also support continuous bug bounty programs for our ecosystem projects and undergo continuous improvements, reinforcing security in the Oasis ecosystem.