Lenfi Successfully Concludes Its Bug Bounty Program

We are pleased to announce the successful conclusion of our V2 Bug Bounty program. The initiative passed with flying colors, and no critical bugs or breaches were found during the period. As part of the Lenfi V2 Aiken Audit + Bug Bounty proposal funded by the Catalyst Fund 10, this milestone is the pinnacle of our efforts towards enhancing the security and robustness of our V2 contracts.

With a total allocated funding of approximately 265,000 ADA, our Catalyst Fund proposal outlined three primary components for the use of the funding:

Audit: 158,000 ADA was allocated for a detailed audit from Anastasia Labs, estimated to take 176 hours at a rate of €250 per hour. The audit was crucial for ensuring that Lenfi V2 Aiken was secure and met high industry standards.Audit2: The TxPipe team conducted a second audit to ensure the security and reliability of the system, focusing on identifying and addressing any potential bugs or vulnerabilities. This thorough review was carried out to minimize risks and enhance overall safety. The audit came at a cost of 64,000 ADA, reflecting the investment in maintaining a robust and secure infrastructure.The cost of the second audit was covered directly by the project’s own funds.Development Phase: The proposal set aside 43,000 ADA for backend and blockchain development, specifically for a developer working at €60 per hour over 200 hours. This phase focused on enhancing the platform’s backend architecture, preparing the smart contracts for open-sourcing, and starting the Bug Bounty program.Bug Bounty: The bug bounty amounted to 64,000 ADA and aimed to incentivize community contributions from external developers and ethical hackers to identify bugs or vulnerabilities in the V2 smart contracts. The program ran for six months, but no findings were made during the period. The bug bounty reward covered the costs of the second audit.

Although no bugs were reported during the six-month Bug Bounty period, Lenfi took proactive steps to ensure the V2 app is battle-tested for mainnet release. To achieve this, the team allocated funds for a second audit, utilizing the unclaimed Bug Bounty reward for the purpose. TxPipe conducted the follow-up check, further reinforcing Lenfi’s commitment to security and transparency.

Looking ahead, we remain dedicated to maintaining the highest security standards across our apps. In this regard, we will guarantee consistency in the safety and robustness of our smart contracts with more external audits for our future upgrades. Additionally, we will continue to improve our platform to make it more accessible and easier to use while providing our users with all the necessary primitives to facilitate and manage DeFi loans on Cardano.

Lenfi is a decentralized platform for lending and borrowing, allowing users to lend and borrow various Cardano native tokens (CNTs). It offers an all-in-one solution for p2p and isolated pool markets backed by secure and permissionless smart contracts. The signature feature of the Lenfi app is the tokenized loans, which allow lenders and borrowers to transfer and trade their positions.

For more information about Lenfi and future developments, please visit https://linktr.ee/lenfi.