Audit status¶
ELI5: This stack is tested and internally reviewed on Sepolia — but no independent audit firm has signed off. Treat as educational / testnet until audited.
Current state¶
| Item | Status |
|---|---|
| Network | Sepolia testnet only |
| External audit | Not completed — audit scope pack ready for engagement |
| Internal composition review | Documented 2026-06 |
| Fuzzing | Hypothesis stateful fuzz across repos |
| CI | nightly_fuzz.sh, per-repo mox test |
| Mainnet params | config/mainnet-params.toml (draft) |
| Phased launch plan | Mainnet bootstrap |
Per-protocol review artifacts¶
| Protocol | Tests | Security doc |
|---|---|---|
| TARE | 73+ unit/integration + fuzz | SPEC.md |
| Keep | Unit + inflation tests | docs/SECURITY.md |
| Coil | 103+ tests | SECURITY.md |
| veForge | 111 tests + fuzz machines | SECURITY.md |
veForge audit rounds (internal)¶
| Version | Findings closed |
|---|---|
| v0.2.0 | 24 findings |
| v0.3.0 | Curve compatibility |
| v0.4.0 | A1–A9 audit-hardening |
Status: awaiting third-party audit before mainnet recommendation.
Before mainnet checklist¶
- Independent audit using audit scope — all four pillars + routers
- Timelock/multisig on Keep admin roles (
INTENDED_GOVERNANCEin manifest) - Run
./script/mainnet/pre_launch_check.sh(deploy_verifier + composition hints) - Re-read trust model — engine vs vault scope
- Execute phased bootstrap — do not launch all four at once
- Fill deployments/mainnet.json after deploy
What can go wrong¶
No mainnet safety claim
Fuzzing and self-review reduce risk but do not replace professional audit. Blueprint products in products/ are educational packages — independent review required.
Agent suite (read-only)¶
Seven agents under AGENTS_FLYWHEEL/agents/ — deterministic, do not control funds:
- composition-auditor, deploy-verifier, watchtower, diffrisk, stresssim, overseer, herald
Not part of on-chain trust boundary.