polkavm icon indicating copy to clipboard operation
polkavm copied to clipboard
verified publisher icon koute

Audit the PolkaVM interpreter

Open athei opened this issue 10 months ago • 2 comments

The interpreter will be deployed to the Polkadot runtime. It has to be audited. Audit to be done internally.

athei avatar May 21 '25 13:05 athei

The audit was completed by April 30th. Shared the findings with @athei and @koute.

Gioyik avatar May 21 '25 21:05 Gioyik

May I ask where I can find the audit results? I want to study what vulnerabilities exist in RISC-V virtual machines.

Subway2023 avatar Sep 15 '25 14:09 Subway2023

When I heard "internal audit" I understand "go horse mode", usually the audit is not performed by the contributors themselves, not judging because I know they are competent and in their place I would had no idea where to find a Company equally competent to audit a project like this.

I also noticed the addition of the kani tests, so I know there was work to guarantee the code correctness.

Lohann avatar Nov 22 '25 01:11 Lohann