April 12, 2023
Security at Stride

Security at Stride 

Appchain security is a complex problem. However, if we use careful planning and engineering, we can minimize the chance of attacks occurring, and mitigate any potential damage in a worst-case scenario.

Stride’s top priority is security; it always has been and always will be. Security is particularly important in the interchain, where value flows between interconnected sovereign chains. 

Overview

Stride is a secure minimalist blockchain, with no smart contracts and no other apps beside the core liquid staking protocol. The Stride codebase has been fully audited by numerous security firms, and receives continuous auditing from Informal Systems, a leading expert on the Cosmos SDK and IBC. And the Stride blockchain is protected by IBC rate-limiting. 

Stride security is powered by a combination of:

1. Minimalistic design at its core: small attack surface, fewer moving parts means fewer edge cases to consider. 

- No features that aren’t core to liquid staking. Rather, do liquid staking simply and safely, do it right.

2. Proof-of-stake decentralized Tendermint consensus.

- No funds are ever under admin key control.

3. On-chain fail safes that monitor and mitigate malicious behavior

- If the protocol detects any anomalies with a host zone, it will prevent transfers of those tokens off of Stride, and disable liquid staking until protocol governance can verify nothing harmful occurred.

- Working on per-transaction protection against infinite mint bugs

- Working on unbonding cancellation failsafe for malicious unbondings

4. IBC rate limiting limits how much can be IBC transferred over a time period.

- In the event of an attack (e.g. an infinite mint), this limits the total funds lost to a small percentage of staked assets.

5. Rigorous point-in-time audits: Informal Systems (2x), Oak, Certik 

6. Ongoing quarterly audits from Informal Systems

7. Incredibly rigorous SDK testing processes

- Deployment integration tests 

- Unit tests across the codebase

- Custom firehose testing framework simulates thousands of users

- Full state verification and local simulation for software upgrades: (1) Test local chain with the software upgrade (2) Use “localstride” to run the software upgrade on mainnet state (3) Use custom infrastructure to compare state before and after an upgrade, and independently verify that only state that we expect is changing

8. Novel interchain testing suite

  • IBC and ICA mocking tests
  • Four-step multichain testing pipeline before onboarding new zones: (1) Local <> Local (2) Local <> Testnet (3) Local <> Mainnet (4) Mainnet <> Mainnet

9. Bug bounties. Immunefi onboarding in process for $500k bounty, one of the largest in the space.

10. Extensive mainnet monitoring and alerting stack to track protocol logic (delegations, reinvestment etc.)

And last but not least...

(Soon) Highest economic security in Cosmos; Interchain Secured by the Cosmos Hub

Caveat

While Stride's top goal will always be security, there are risks with any DeFi protocol. Like any piece of software, Stride could get hacked or have unexpected bugs that could result in a loss of funds or other unexpected behavior. Nothing in this document should be considered legal advice.