Share this page!

Chad Barraford #BRINGTHECHAOS Profile picture
Twitter logo
17 Sep, 9 tweets, 2 min read
Now that @THORChain is BACK, we should reflect on what it took to get here. Follow the 🧵

1/ Multiple external audits have been conducted, of which those audits found nothing critical (will be released publicly soon).
2/ Internal audits did find critical issues, which were of course patched.
3/ A new team was born comprised of highly experienced white hat hackers. This "red team" takes an adversarial perspective on all code changes and must approve all changes. As well as pierce current code for potential threats/exploits they can find.
4a/ The core dev team took a step back to take a "blue team" stance. Instead of looking for specific exploits, the team took actions to protect the network from unknown threats. New changes were made to the protocol to make it more resilient, such as...
4b/ halting the network when there is insolvency. This would have protected the network from previous attacks. When large amounts of funds are being pulled out the network, the network delays those outbounds (up to an hour). This gives the community time to block an active attack
4c/ Node operators now have the capability to halt the network for 1 hour, every 3 days. Its enough power to protect the network from an ongoing attack, but not enough to significantly interrupt legit trading.
4d/ Changes were made to bifrost to block smart contracts from interacting with the network. This greatly reduces ACE (arbitrary code execution) threats to the network. Specific contracts (ie $XRUNE) can be reviewed and whitelisted access.
5/ While the project has always had bug bounties in the past, the team started a relationship with @immunefi to create a more formal process. This official channel should call on white hats to get more active with this code base and responsibly disclose any issues for profit.
Many thanks to the community for their support, encouragement, engagement, etc. The @THORChain community has one of the strongest communities in crypto, and recent events have proven that to me. Thank you, and see you in Valhalla!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chad Barraford #BRINGTHECHAOS

Chad Barraford #BRINGTHECHAOS Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @CBarraford has new unrolls!

Check out other threads from @CBarraford!

Read all threads by @CBarraford

:(