Audit Comp | Anvil

Anvil is a decentralized finance (DeFi) protocol for the issuance of fully secured credit. The protocol's Ethereum-based smart contracts allow users to deposit collateral in a vault, issue letters of credit, and supply assets to staking pools. For more information about Anvil, please visit https://anvil.xyz/

Solidity

Status

Finished

Rewards Pool

$50,000

Vault TVL

Started

16 October 2024

Ended

06 November 2024

Rewards Token

USDT

nSLOC

1,384

Status

Finished

Findings Report

Triaged by Immunefi
PoC required
Vault program
KYC required

Findings Report

Leaderboard Information Scope Resources

This Audit Competition Is Over

Audit Competition cards for security researchers with paid reports are available here

All paid bug reports are available in original format here

Started

16 October 2024 08:00 UTC

Ended

06 November 2024 08:00 UTC

Immunefi vault program

Funds available

30d Avg. Funds availability

Assets in vault

0.00 USDT

Public vault address

0x1E9F4544098913a887Df48dD59aC27333A7b66A3

Rewards

Audit Comp | Anvil provides rewards in USDT, denominated in USD.

Rewards by Threat Level

Smart Contract

Critical

Portion of the Reward Pool

High

Portion of the Reward Pool

Medium

Portion of the Reward Pool

Low

Portion of the Reward Pool

All categories *

Insight

Portion of the Reward Pool

The following reward terms are a summary. For the full details read our Anvil Audit Competition Reward Terms

A reward pool of $50,000 USD will be distributed among participants, even if no valid bugs are found.

Duplicates and private known issues are valid for a reward.

Rewards are distributed according to the impact of the vulnerability based on the Immunefi Vulnerability Severity Classification System V2.3.

Rewards will be distributed all at once based on Immunefi’s distribution formula after the event has concluded and the final bug reports have been resolved.

Insight Rewards Payment Terms

Insight Rewards: Portion of the Rewards Pool

*The "Insight" severity was introduced on Boost (Audit Competitions) & Attackathon programs to recognize contributions that extend beyond identifying immediate vulnerabilities. Currently, it's not an option to select the Insight severity when submitting a report. However, our team or program will designate it accordingly if applicable. "Insights" underscores our commitment to valuing all types of contributions that contribute to a more secure environment and will always be rewarded. View more information about Insights

Duplicates of Insight reports are not eligible for a reward.

View impacts in scope

Program Overview

Anvil is a decentralized finance (DeFi) protocol for the issuance of fully secured credit. The protocol's Ethereum-based smart contracts allow users to deposit collateral in a vault, issue letters of credit, and supply assets to staking pools. Anvil's mission is to provide flexible building blocks to bring efficient and transparent collateralized finance into an increasingly decentralized world.

For more information about Anvil, please visit https://anvil.xyz/

Anvil provides rewards in USDT on Ethereum, denominated in USD.

KYC is required.

This Audit Competition is running on mainnet. The following conditions apply:

Anvil team will freeze the codebase during the duration of the Audit Competition:
Duplicates are rewarded

Audits

Auditor	Link	Completed at
Trail Of Bits Audit	https://github.com/trailofbits/publications/blob/master/reviews/2023-12-acronym-foundation-securityreview.pdf	23 December 2023
OpenZeppelin Audit # 2	https://blog.openzeppelin.com/anvil-protocol-audit	11 October 2024
OpenZeppelin Audit # 1	https://blog.openzeppelin.com/anvil-audit	11 October 2024