First of Many: Trail of Bits Audit Summary
The Rover team has successfully completed its smart contract security assessment with Trail of Bits for the 3 major smart contracts comprising Rover’s codebase.
About Trail of Bits
Trail of Bits operates as a center of excellence for blockchain security. Notable projects include audits of Algorand, Chainlink, Compound, Ethereum 2.0, MakerDAO, Matic, Uniswap, and many more.
Founded in 2012 and headquartered in New York, Trail of Bits provides technical security assessment and advisory services to some of the world’s most targeted organizations. They combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.
Security Results
The Rover Protocol is made up of three core contracts.
The RoleManager Contract: manages all of the access controls for the system.
Trail of Bits checked that these roles are being granted properly and that there are no gaps in where they are being enforced in the other components.
The RovBtcToken Contract: the actual liquid staking token. It uses the OpenZeppelin ERC20 implementation as a base.
They checked that it was being initialized correctly and that the pause functionality was integrated properly. Similarly, Trail of Bits checked that the contract’s internal bookkeeping was sound, the deposit cap was enforced properly, and its pause functionality worked as intended.
The StakeManager Contract: the primary entry point for end users who want to stake BTC.
The contract’s internal bookkeeping was sound, the deposit cap was enforced properly, and its pause functionality worked as intended. They also reviewed the upgradeability pattern used by the contracts for any issues that could impact the upgrade process or cause a clash in storage.
Reassuringly, our security assessment did not uncover any critical security issues, affirming the robustness of our protocol’s code.
For the full report, visit Trail of Bits’ GitHub Page here.
We’re Setting the Groundwork for a $BTC DeFi Future:
Upon mainnet launch, you can deposit $BTC and hold $rovBTC to accumulate staking rewards without selling your underlying asset. However, the true benefits of liquid staking shines when paired with the accelerating Spiderchain DeFi ecosystem.
With nine other incredible partners recently announced, we’re part of a strong foundation on the Spiderchain from the start. We plan on utilizing rovBTC across multiple Dapps, including Silky, Palladium, and many more, to get you the most functionality possible with your LSTs. It all starts by making sure our code is secure!
For more details on the key partnerships on the Spiderchain, check out Botanix Labs’ latest article.
In Summary
We recognize that choosing to liquid-stake your BTC can be daunting in the fast-changing world of BTC DeFi. However, with Rover’s commitment to secure smart contracts and the first of many third-party security audits, we offer a promising avenue for stakers seeking yield while securely contributing to the OG chain’s health.
Welcome to the beginning of one of the most important developments in cryptocurrency (and Bitcoin) history. Join our socials below to keep up to date with the latest news!