MAGIC Grants Approves Security Retainer with HashCloak
The security retainer focuses on building out Firo’s fuzz testing infrastructure, expanding unit test coverage, and augmenting Firo’s existing PR review process. Additionally, the retainer also ensures Firo is abreast of the latest vulnerabilities and security techniques along with assessing vulnerabilities in other chains and their applicability to Firo.
Fuzz testing uses the same tools that threat actors use to find exploits and helps to find bugs and vulnerabilities that are not covered by unit tests or even manual audits. Firo’s fuzz testing infrastructure will be extended and built out especially those concerning Lelantus Spark, which is expected to go live on mainnet later this year. Once set-up it can run for as long as required in the background and extended to cover new code.
HashCloak will also examine Firo’s existing unit test coverage and extend them beyond the standard ones covering newer test cases and edge cases.
As part of the security retainer, Hashcloak will also augment Firo’s existing review process, especially those that touch critical parts of Firo’s codebase. This will add fresh and unbiased eyes to PR reviews.
Firo is a privacy-preserving blockchain that seeks to protect users’ financial privacy. Its core team is behind the protocol design and implementation of the Lelantus and Lelantus Spark privacy protocols. Formerly known as Zcoin, it has also implemented various privacy-preserving protocols over its existence, leveraging discrete-log based zero-knowledge primitives. Further, they provided the anonymous voting infrastructure for the Thai Democrat Party elections in 2018.
HashCloak Inc. is an R&D lab and consultancy focused on privacy, anonymity and scalability for blockchains and cryptocurrencies. Founded in 2019, the Toronto-based team specialises in ZKPs, anonymous networks, MPCs and other privacy-enhancing techniques. HashCloak has previously worked with Firo in auditing both the design and implementation of Lelantus Spark.
About MAGIC Grants
MAGIC Grants is a 501(c)(3) public charity that supports cryptocurrency networks, which they believe are essential public payment infrastructure and also supports privacy. MAGIC Grants empowers communities to set up MAGIC Funds for various projects deemed essential. These Funds are semi-autonomous and can choose to fund various qualifying activities, including educational materials, essential developer maintenance, research, and security audits.
About MAGIC Firo Fund
The MAGIC Firo Fund was established in December 2022 and is administered by the MAGIC Board independently from the Firo Core team. The MAGIC Firo Fund is funded by generous donations from Firo supporters such as Arcadia. Donations to the fund are tax deductible for US individuals and businesses.