FYEO is pleased to announce the completion of the Sui staking system security assessment.
Sui is a first-of-its-kind Layer 1 blockchain and smart contract platform designed from the bottom up to make digital asset ownership fast, private, secure, and accessible to everyone. Based on the Move programming language, its object-centric model enables parallel execution, sub-second finality, and rich on-chain assets. With horizontally scalable processing and storage, Sui supports a wide range of applications with unrivaled speed at low cost. Sui is a step-function advancement in blockchain and a platform on which creators and developers can build amazing, user-friendly experiences.
The audit performed by FYEO was focused on Sui's staking system, which operates on a Delegated Proof of Stake (DPoS) mechanism. Token holders can participate by staking their SUI tokens to validators, who operate and secure the network. Most token holders delegate their tokens to validators they trust, providing support for the validators' stake. These delegated tokens help validators meet the minimum requirements to be part of the active set of validators. Delegated tokens are locked for a specific period, and in exchange for their role, validators receive staking rewards in the form of SUI tokens. The rewards are distributed among all token holders who delegated to the validator's stake, minus a small commission fee paid to the validator manager.
The FYEO Process
When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete.
Our goal is to give our clients the following:
A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.
An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.
Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.
Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.
Findings & Report
During the security assessment, FYEO uncovered the following findings:
2 findings with LOW severity rating.
3 findings with INFORMATIONAL severity rating.
Following the audit, the Sui team worked in conjunction with the FYEO team to remediate all security vulnerabilities identified and shared.
Please see the attached full report to learn more.
Comments