Security Tab

This page provides details about the security tab mentioned under overview of Alterscope App.

The Security tab is listed under the Overview tab on upper left when a user clicks on specific DeFi project. See screenshot below for reference.

Components of Security Tab

Here is a breakthrough of what information is listed under the Security Tab. The information is categorised into following sections:

• General Security Parameters

• Vulnerabilities

• Dev Statistics

• Dev Activity

• Audits

• Security Score

Details about each section is provided below with screenshots.

General Security Parameters

General security parameters form the foundational security measures that remain constant.

Here is a list:

• Bounty Amount: The highest permissible reward offered for identifying and reporting a critical vulnerability within the protocol's smart contracts.

• Active Contract Transactions: This factor involves monitoring the number of transactions conducted on the project's smart contracts.

• Upgradable: This term refers to whether the smart contracts within the DeFi project are designed to be upgradable or have the ability to be modified after deployment. - With protocols that employ upgradable smart contracts, users typically interact with a proxy contract as an intermediary instead of direct communication with the underlying smart contract. This proxy contract facilitates smooth updates and modifications to the smart contract's code. - The changes are also executed through the proxy and are subject to the protocol's governance or upgrade mechanism. Therefore, users must understand the governance model to ensure the security and reliability of their interactions with the contract. This combination provides a comprehensive understanding of upgradable smart contracts and their usage.

• Most Active Contract: This parameter identifies the most active contract within the DeFi project that is experiencing the highest number of transactions.

• Hacks: Hacks refers to the total count of unauthorized or illicit modifications, breaches, or exploits recorded for a specific protocol version.

• Team Data Public: This parameter indicates whether data about the DeFi project's development team is publicly available.

Vulnerabilities

This section likely highlights any identified vulnerabilities in the DeFi project. The severity of vulnerabilities is often categorised into three levels: High, Medium, and Low.

• High-severity vulnerabilities are critical weaknesses that pose a significant threat to the security of a protocol.

• Medium-severity vulnerabilities are less critical than high-severity ones but still pose a notable risk to the security of a protocol.

• Low-severity vulnerabilities are the least critical, representing weaknesses that have a relatively minor impact on security.

Security Vulnerabilities

Dev Statistics

For more information on a specific parameter click on its (i) button. The (i) button is highlighted in black box in screenshot below for reference.

Dev Activity

This section might detail recent development activities related to security features, bug fixes and enhancements of DeFi project. Here are some parameters related to Dev Activity.

Contribution Weight Chart: This chart provides a detailed breakdown of contribution weight, highlighting the top contributors and the remaining contributors.

Last Week Commits Chart: This chart provides a detailed breakdown of weekly commits, highlighting the total commits of last week.

For more information about metrics around a protocol's developer activity you can find detailed information in following section in concepts.

• Dev Activity Concepts

Audits

The Audits section encompasses reports and findings derived from security audits performed on the DeFi project. Users can refine the displayed audits based on specific timeframes, such as today, yesterday, the current week, or the current month.

Clicking on a particular audit will list the vulnerabilities but also categorize them based on their severity, providing you with a clear understanding of potential risks(see screenshot below for reference).

Moreover, these audit reports will also show you the changes in source code of the smart contracts to mitigate the found vulnerabilities. This ensures that you not only grasp the extent of potential threats but also gain valuable insights into the remedial actions taken to enhance the security and reliability of the protocol.

Security Score

The parameters mentioned below contribute directly to the security score of a protocol or blockchain:

1. The frequency of protocol breaches.

2. TVL for the said protocol

3. The scale of the protocol's bounty program

4. The quantity of vulnerabilities detected within the protocol's source code

5. The number of vulnerabilities identified by independent third-party auditors

6. The programming language and compiler employed in the source code

7. The level of transparency exhibited by the protocol's development team

The resulting score will fall within a range of 0 to 100.