We received our second comprehensive audit report back this week. Lets recap the contract audit history and timeline.
Audit Phase One: Nov 3rd → Dec 15th
This was the initial audit phase for the newly written Solidity contracts. It covered the entirety of Augurs contracts. The Augur team ran an internal audit in parallel, and discovered that the original system had an economic security problem. In the process of fixing that, we realized we could make the whole reporting system significantly simpler while also fixing the problem at the same time.
Specifically, it turned out that all that really matters is getting REP holders to show up for a fork should one occur. Technically, Augur doesn’t need disputing, but it helps keep the system working smoothly and quickly.
We removed the concept of crowdsourced reporting and replaced it with crowdsourced disputes, which are not needed for a market to resolve, but are a faster deterrent to liars than always forking. This is the model reflected in the newly published white paper.
This simplified reporting to just be an initial report and a series of disputes that eventually lead to a fork. These changes then required our auditors to re-review the majority of contracts related to reporting.
Audit Phase Two: Jan 8th → Feb 23rd
The second audit included all of the changes made to reporting, plus any other issues found. We have received the second report, and the current issues are all technical fixes. We have no plans to do any major code changes or refactoring, unlike the previous phase. Changes required this time around are roughly estimated at 75% less than prior changes.
Our team is addressing the issues now and you can track its progress on GitHub. Once completed, we will hand the fixes back off to the auditors for review.
When will they be done?
We estimate there will be at least two more back and forths addressing fixes. With the scope of changes being significantly narrower (ex: not the entirety of reporting), this should not take as long as prior phases have. Audits are not complete until we have production ready code fully reviewed.
Trading is almost done, it’s functional within the UI, however the transactions wont succeed on Rinkeby yet as we’re still finishing integration with the contracts. Reporting and forking are the final remaining screens and are being worked on, viewable at dev.augur.net. Below is a screen-cap of the market creation process with MetaMask.
Market Creation Process
Jack was on a panel about prediction markets for insurance with Ron Bernstein of AugmentPartners and Martin Köppelmen of Gnosis at the D1 conference in Cancun, right before Devcon3. Etherisc published and video and wrote a great recap of the panel.
Fireside Chat: Prediction Markets For Insurance — Video
We have two submissions in the queue for the portable Solidity debugger bounty, one of which was recently published by the Truffle team. A few others teams are working on EIP-758, with no submissions yet. You can find out more at augur.net/bounties.
We’re still looking for Spanish and Chinese white paper translations. Please reach out if you’d like to do this!
<div class="infobox"><span class="appendinfo">This article was originally published on: <a href="https://medium.com/@augurproject">The Augur Blog</a> on </span></div>