We propose to harden Polkadot and increase its hacking resilience by:
During the 6-month effort, we will collaborate closely with Polkadot’s core developers and ecosystem stakeholders, with whom this proposal is closely aligned.
The effort’s first value contribution is embedding standardized TryState invariants into Polkadot SDK pallets (starting from prioritized high-impact logic), ensuring that critical code changes are systematically verified. This strengthens the network’s safety without slowing development.
The second pillar involves leveraging industry-leading fuzzing technologies, specifically: Adapting Google’s OSS-Fuzz approach into a Polkadot-specific DotFuzz. The project will reach near-complete coverage of the codebase logic, with robust reporting and a reproducible test corpus that fosters security assurance and continuous improvement at an early development stage.
Funding is sought to support the end-to-end development and deployment of these advanced security capabilities over the course of six months.
Security Research Labs is a cybersecurity consultancy committed to making the world more secure. Discover more about us on our website.
We have created two projects through referenda in the past (942 and 1045), and have collaborated with Parity and other Polkadot ecosystem partners since 2019.
How can we improve our proposal? Your input will help us refine our approach to better serve the Polkadot community.
We propose to harden Polkadot and increase its hacking resilience by:
During the 6-month effort, we will collaborate closely with Polkadot’s core developers and ecosystem stakeholders, with whom this proposal is closely aligned.
The effort’s first value contribution is embedding standardized TryState invariants into Polkadot SDK pallets (starting from prioritized high-impact logic), ensuring that critical code changes are systematically verified. This strengthens the network’s safety without slowing development.
The second pillar involves leveraging industry-leading fuzzing technologies, specifically: Adapting Google’s OSS-Fuzz approach into a Polkadot-specific DotFuzz. The project will reach near-complete coverage of the codebase logic, with robust reporting and a reproducible test corpus that fosters security assurance and continuous improvement at an early development stage.
Funding is sought to support the end-to-end development and deployment of these advanced security capabilities over the course of six months.
Security Research Labs is a cybersecurity consultancy committed to making the world more secure. Discover more about us on our website.
We have created two projects through referenda in the past (942 and 1045), and have collaborated with Parity and other Polkadot ecosystem partners since 2019.
How can we improve our proposal? Your input will help us refine our approach to better serve the Polkadot community.
Threshold
Threshold