Audits
Code4rena collaborated with zkSync to audit its smart contracts
We are delighted to announce that Code4rena ran a successful audit competition for zkSync’s Baby Alpha launch.
Code4rena’s mission is to leverage our community of skilled security researchers and smart contract experts to help make DeFi platforms more secure. Sponsors like zkSync create prize pools to attract auditors to review their code. Auditors, also known as Wardens, protect the DeFi ecosystem from threats by auditing code, and Judges decide the severity, validity, and quality of Warden findings. This allows us to run audit competitions in a gamified manner, rewarding Wardens and Judges for their efforts, and Sponsors, like zkSync, for their diligence.
Security is a top priority for zkSync, and when going through the launch motions for their Baby Alpha, they wanted to make sure risks were minimized as much as possible for the entire ecosystem. That’s exactly why Code4rena became involved.
Audit competitions are the best way of ensuring high-severity vulnerabilities don’t ever make it to production, and this ethos fit perfectly with zkSync’s mission for their Baby Alpha launch.
The Code4rena competitive audit had # Warden participants, who uncovered 3 total medium-risk findings, 2 of which were unique. There were also 10 gas findings, and 13 QA findings. You can review the in-depth report here.
This audit allowed Code4rena and zkSync to collaboratively ascertain that Baby Alpha was performing as expected. The vulnerabilities found will be addressed before launch, adding to users’ assurances when interacting with the new contracts.
About zkSync
zkSync is an open-source Layer-2 blockchain that eliminates Ethereum’s costly gas fees, scaling constraints, and performance barriers using zero-knowledge proofs. Built by a distributed team of leading cryptographers and engineers, zkSync is designed to unlock the full potential of blockchain technology while scaling the core values of Ethereum.
Bootstrapped by initial funding from the Ethereum Foundation, zkSync has powered over 10 million transactions, fuels major web3 applications including Argent and Gitcoin, and recently launched the first EVM-compatible zero-knowledge rollup allowing developers to deploy general-purpose applications written in Solidity.