Augur -Updated details+ New devlopment update



  • Augur (REP) Release JavaScript API v3.3.4

    @AugurProject

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v 4.6.7

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Core Release v0.10.8

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.6.16

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Core Release v0.10.10

    Ethereum contracts for a decentralized prediction market platform.

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.6.17

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.7.0-6

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.7.0-17

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Core Release v0.11.0-8

    Downloads

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.7.0-19

    Download:

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.7.0-28

    Download:

    https://github.com/AugurProjec...



  • Augur Core (REP) Release  v0.12.0-0 - Reporting Refactor

    Release of the new dispute only reporting system

    Download:

    https://github.com/AugurProjec...



  • Augur - Solidity Compiler Audit Report

    In September 2017, Augur engaged Coinspect to perform a security audit of the Solidity Compiler. The objective of the audit was to evaluate the security of the compiler. Sergio Lerner lead the audit, and has delivered a thorough report of the codebase.

    The full report can be found here, and summary of the audit and issues can be found next.

    Assessment

    During the assessment, Coinspect identified 0 high-risk issues, 0 medium-risk issues, and 10 low-risk issues. The issues identified during the assessment do not lead to the compilation of vulnerable code. Some of the low-risk issues were communicated to the Solidity team and fixed in newer releases, while some other issues remain unfixed.

    Development teams of products which one or more of these issues may effect were notified on Friday, December 8th, 2017.

    The audited project can be found in the ethereum/solidity Github repository.

    Introduction

    A white box security audit was conducted on the Solidity Compiler in order to detect detect compiler flaws that can result in:

    • Reduction of the security of the deployed contracts.
    • Result in non-deterministic behavior.
    • Malicious code execution or crashes when parsing specially crafted Solidity source code.
    • Resource exhaustion during compilation, either CPU, memory or disk.
    • Compiled code that consumes a non-constant amount of gas (e.g. depending on arguments), where the programmer would have expected constant cost.
    • Facilitating underhanded code (trojans in open code).

    Also common application security vulnerabilities were searched, including:

    • Input validation.
    • Denial of service prevention.
    • Brute-forcing prevention.
    • Information disclosure.
    • Memory corruption vulnerabilities: buffer overflows, user supplied format strings.
    • Integer overflows.
    • Pointer management vulnerabilities: Double-free, use-after-free.

    The audit was completed on October 2017, but the the report was completed on November 2017. This reports includes all the results from the audit.

    Findings [LOW]

    SOL-001 — O(n2) compiler output blow-up by forced warnings/errors.

    SOL-002 — O(n3) compiler output blow-up by function name duplicates.

    SOL-003— RAM blow-up by constants cycles.

    SOL-004 — RAM blow-up by exponential steps in constant cycle findings.

    SOL-005 — Unbounded gas cost when deleting dynamically sized arrays.

    SOL-006 — Duplicated super-constructor calls not reported.

    SOL-007 — Error-prone Multi-Assignment with empty LValues.

    SOL-008 — CPU blow-up using huge bignums literals.

    SOL-009 — Output messages size blow-up using huge bignums literals.

    SOL-010 — Easy underhanded code using false overrides.

    Full Report

    The full audit report can be seen here: Solidity Compiler Audit Report.

    Please reach out to [email protected] with any questions, or join the #dev chat in our Discord channel.



  • Augur (REP) Update Contracts v3.5.0-1

    Download:

    https://github.com/AugurProjec...




  • Augur (REP) Release JavaScript API v4.7.0-30

    Download:

    https://github.com/AugurProjec...



  • Augur (REP) Release JavaScript API v4.7.0-42

    Download:

    https://github.com/AugurProjec...



  • Augur (REP) Update Contracts v3.5.0-11

    Download:

    https://github.com/AugurProjec...



  • Augur [REP] Update Core v1.0.0-1

    Source code

    https://github.com/AugurProjec...



  • Augur (REP) Update :JavaScript API v4.11.0-6

    Source code

    https://github.com/AugurProjec...



  • Augur Weekly Development Update — June 13th

    The Augur bounty program will be launching on HackerOne tomorrow. It will begin in a private invite-only mode for the first week, and afterwards it will be opened to the public. If you wish to be invited during the first week, please send us an email.

    This past week we disclosed some details surrounding deployment in the Augur Discord. The deployment of Augur will be its full set of contracts, with no filtering or limitations within the reference UI. After a successful deployment and the automatic migration of REP is complete, all of Augurs functionally will be available to users who choose to use the Augur protocol. The Forecast Foundation will not be creating any markets nor facilitate the creation of any markets.

    Joey had a few media appearances this past week, first appearing on Laura Shins Unconfirmed podcast talking about Augur and stablecoins:

    He also gave a talk in New Zealand about ‘Creating Your Own Financial Market’ where he describes what drove him to found the Augur project:

    We’re still hunting for bugs, improving Augur Node, and polishing off Augur App. If you want to help us search for bugs, have some feedback on the UI, or just have something you want to share with us, come chat!

    Come chat with us in Discord and follow our Twitter for the latest updates. Track our development progress on Github or in the #dev channel of Discord.

    The bounty program is rolling and accepting all submissions. Test out the UI at dev.augur.net on Rinkeby, take a look at our Github, and let us know your feedback!

    Updated Repositories:

    AugurProject/augur-core
    augur-core — Augur back-end (Ethereum contracts)github.com
    AugurProject/augur
    augur | clientgithub.com
    AugurProject/augur.js
    augur.js — Augur JavaScript APIgithub.com
    AugurProject/augur-node
    augur-node — Public Augur node for serving market datagithub.com
    AugurProject/docs
    docs — Augur documentationgithub.com
    AugurProject/whitepaper
    whitepaper — The Augur Project Whitepapergithub.com

    Cheers,

    The Augur Team


Log in to reply
 

Looks like your connection to Cryptocentral was lost, please wait while we try to reconnect.