Ethereum
$609.14 1.67%
ETH · 34w

Request for Proposal: Prysm External Security Assessment

Prysmatic Labs is particularly interested in assessing:

Operational threats

Docker deployment ./prysm.sh start script

Potential security pitfalls in client side interaction and configuration

Data flows

Data to/from external sources Data to/from internal sources

Control flow integrity

Potential current exploitable active vulnerabilities

Potential security gaps in user interaction

Security assumptions, potential future weaknesses in design and implementation

Strength of existing security controls and potential improvements that could be made

A high-level security review of Prysm dependencies

The selected vendor will be provided with a specific Git commit hash for Prysm at the start of the engagement, which will be the target of the assessment.

Deliverables

The chosen vendor shall provide a security assessment report, in a PDF format, comprised of the following sections:

Executive summary, including

An overview of the testing performed (methodology and approach). A statement describing the overall security posture of the Prysm software. A summary of the vulnerabilities identified, with their related severity.

For each vulnerability, detailed information containing:

Vulnerability description

Likelihood of exploitation Impact qualification Overall vulnerability severity

Recommended mitigative action

Detailed actions to perform to mitigate the vulnerability. Recommendation complexity analysis Reproducible/automatable verification of mitigation, where applicable

Appendix explaining the vulnerability severity classification model applied to the security review.

Appendix listing the toolset (open source and proprietary) used during the engagement.

After submitting the security assessment report, Prysmatic Labs will make any amendments required to the relevant codebases in order to mitigate the vulnerabilities identified throu...

Continue on medium.com
Recent news
ETH +1.67% · defisuperpowers.space · 3h

YFI and SUSHI Rally as DeFi Superpowers Headed for Merger

The DeFi protocol Yearn.Finance is set to merge with SushiSwap, another leading DeFi protocol, with their respective tokens surging. Per a blog post from Yearn founder Andre Cronje, the former’s wor...
ETH +1.67% · en.cryptonomist.ch · 6h

Ethereum 2.0 is being launched today

Today there will be the launch of Phase Zero of Ethereum 2.0. The countdown reveals that the Beacon Chain will start operating from 1:00 PM CET. 
ETH +1.67% · btcethereum.com · 7h

Ethereum flips Bitcoin’s node count

A surge of validators awaiting Eth2 staking has pushed Ethereum’s node count to 11,259 — surpassing Bitcoin by more than 100. Ethereum 2.0 genesis stakers have pushed the total number of Ethereum node...
ETH +1.67% · duckdao.medium.com · 7h

DuckDAO Community Update

The loot box mechanism launched last week and it was an immaculate success. We sold 266 loot boxes containing 1,308 NFTs. The launch of the feature set the final piece of our NFT collection game in…
12