While significant steps have been taken to minimize the risk surface area of the Ante protocol, Ante v0.6 is intended as an alpha release. You should exercise appropriate caution and never deposit more than you can afford to lose into Ante or any other smart contract.

<Trust Summary coming soon!>

Trust assumptions

An admin role is involved in configuring the Ante Pool Factory settings, and has the power to whitelist supported ERC-20 tokens for staking/challenging pools. However, this only affects pools created in the future; existing pools are immutable once created and will operate predictably.

Ante v0.6 has no ability to recover funds sent to its smart contracts. All funds deposited into Ante Pools created by users that are settled by user-generated Ante Tests are non-custodial smart contracts.

Development practices

Ante v0.6's core smart contracts are fully open source and all deployed code is verified.

Ante v0.6 does use a lightweight proxy pattern to make deploying pools more accessible; however, the pools themselves are non-upgradeable once deployed so their behavior won't change.

The DTS is upgradable, but is a view-only contract that never touches user assets.

Audits

Ante v0.6 contracts have been audited (report coming soon).

Bug Bounty

Ante has an active bug bounty program on Immunefi, with up to $50,000 bounty for critical vulnerabilities.

Ante Tests

We stake Ante Tests for Ante!

Responsible Disclosure

While we have taken significant steps to minimize the risk surface area of the Ante protocol, undiscovered vulnerabilities may still exist. Ante encourages the community to audit the core contracts and responsibly disclose any vulnerabilities discovered to the team so we can address it as quickly as possible.

Previously undiscovered vulnerabilities can be submitted (including conditions/steps to reproduce the vulnerability) through our Immunefi bug bounty program and/or to security@ante.xyz for priority escalation. Ante will follow up within 48 hours to acknowledge the disclosure and discuss next steps.

Any vulnerabilities should not be disclosed publicly or to other parties until the Ante team has had a chance to triage and address the vulnerability. All testing or proof of concepts should be done on private testnets, and must not have already been exploited for damage.

We are happy to publicly credit you for your discovery (unless you prefer otherwise), and eligibility for existing bug bounty programs (e.g. Immunefi) will not (subject to our discretion) be voided by communicating with security@ante.xyz.

Known issues

The following vulnerabilities are known and not eligible for a reward:

• Challenger decay slightly overestimates decay paid by challengers (overall error is <1%/year even in worst case)

• Staker and challenger balances are slightly underestimated due to rounding in arithmetic. Overall loss is extremely small and never results in pool insolvency

• Test verification can be frontrun by challengers who challenge the minimum amount in every pool.

• Because anyone can write Ante Tests, malicious Ante Tests could steal/lock user funds

• Any exploits already covered in audit reports for Ante