top of page
Writer's pictureFYEO
48 minutes ago2 min read

FYEO performed a secure code assessment of AR.IO Network for PDS


FYEO performed a secure code assessment of AR.IO Network for PDS

About AR.IO Network

The AR.IO network facilitates a permanent decentralized cloud, offering long-term data storage, smart contract operations, and seamless integrations across multiple blockchain environments. 


The security model for the AR.IO network is designed to ensure data integrity, decentralized governance, and the secure operation of its modular infrastructure. It leverages cryptographic safeguards, redundant architectures, and incentivized participation to maintain a robust security posture.


This project implements the ar.io network contract, which is written in Lua and deployed on the Arweave blockchain via the AO supercomputer. It manages critical functions such as maintaining network state, processing transactions, and enforcing network rules. It provides a structured framework for operations like balances, registry management, and state tracking.


The codebase demonstrates a thoughtful design and structure, with well-documented functions and logical separation of responsibilities.


The FYEO Process

When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete. 


Our goal is to give our clients the following:

  • A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.

  • An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.

  • Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.

  • Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.


Findings and Report

During the Security Code Review of the AR IO Network, we discovered:

  • 3 findings with HIGH severity rating.

  • 2 findings with MEDIUM severity rating.

  • 4 findings with LOW severity rating.

  • 2 findings with INFORMATIONAL severity rating.


Once the findings were identified, the PDS team was quick to address and remediate all issues. FYEO looks forward to our continued security work with PDS.

bottom of page