diff --git a/docs/security-reviews/2022_12-DepositTransaction-RuntimeVerification.pdf b/docs/security-reviews/2022_12-DepositTransaction-RuntimeVerification.pdf new file mode 100644 index 000000000000..36d31dfb7f9c Binary files /dev/null and b/docs/security-reviews/2022_12-DepositTransaction-RuntimeVerification.pdf differ diff --git a/docs/security-reviews/2023_12_Trust_SuperchainConfigUpgrade.pdf b/docs/security-reviews/2023_12_SuperchainConfigUpgrade_Trust.pdf similarity index 100% rename from docs/security-reviews/2023_12_Trust_SuperchainConfigUpgrade.pdf rename to docs/security-reviews/2023_12_SuperchainConfigUpgrade_Trust.pdf diff --git a/docs/security-reviews/README.md b/docs/security-reviews/README.md index 99bde07a77b1..2d86af45b770 100644 --- a/docs/security-reviews/README.md +++ b/docs/security-reviews/README.md @@ -5,21 +5,25 @@ The following is a list of past security reviews. Each review is focused on a different part of the codebase, and at a different point in time. Please see the report for the specific details. -| Date | Reviewer | Focus | Report Link | -| ------- | ------------------- | ------------------------- | ---------------------------------------------------------------------------------------------- | -| 2020-10 | Trail of Bits | Rollup | [2020_10-TrailOfBits.pdf](./2020_10-Rollup-TrailOfBits.pdf) | -| 2020-11 | Dapphub | ECDSA Wallet | [2020_11-Dapphub-ECDSA_Wallet.pdf](./2020_11-Dapphub-ECDSA_Wallet.pdf) | -| 2021-03 | OpenZeppelin | OVM and Rollup | [2021_03-OVM_and_Rollup-OpenZeppelin.pdf](./2021_03-OVM_and_Rollup-OpenZeppelin.pdf) | -| 2021-03 | ConsenSys Diligence | Safety Checker | [2021_03-SafetyChecker-ConsenSysDiligence.pdf](./2021_03-SafetyChecker-ConsenSysDiligence.pdf) | -| 2022-05 | Zeppelin | Bedrock Contracts | [2022_05-Bedrock_Contracts-Zeppelin.pdf](./2022_05-Bedrock_Contracts-Zeppelin.pdf) | -| 2022-05 | Trail of Bits | OpNode | [2022_05-OpNode-TrailOfBits.pdf](./2022_05-OpNode-TrailOfBits.pdf) | -| 2022-08 | Sigma Prime | Bedrock GoLang | [2022_08-Bedrock_GoLang-SigmaPrime.pdf](./2022_08-Bedrock_GoLang-SigmaPrime.pdf) | -| 2022-09 | Zeppelin | Bedrock and Periphery | [2022_09-Bedrock_and_Periphery-Zeppelin.pdf](./2022_09-Bedrock_and_Periphery-Zeppelin.pdf) | -| 2022-10 | Spearbit | Drippie | [2022_10-Drippie-Spearbit.pdf](./2022_10-Drippie-Spearbit.pdf) | -| 2022-11 | Trail of Bits | Invariant Testing | [2022_11-Invariant_Testing-TrailOfBits.pdf](./2022_11-Invariant_Testing-TrailOfBits.pdf) | -| 2023-01 | Trail of Bits | Bedrock Updates | [2023_01-Bedrock_Updates-TrailOfBits.pdf](./2023_01-Bedrock_Updates-TrailOfBits.pdf) | -| 2023-01 | Sherlock | Bedrock | [Sherlock Bedrock Contest](https://audits.sherlock.xyz/contests/38) | -| 2023-03 | Sherlock | Bedrock Fixes | [Sherlock Bedrock Contest - Fix Review](https://audits.sherlock.xyz/contests/63) | -| 2023-12 | Trust | Superchain Config Upgrade | [2023_12_Trust_SuperchainConfigUpgrade.pdf](./2023_12_Trust_SuperchainConfigUpgrade.pdf) | -| 2024-02 | Cantina | MCP L1 | [2024_02-MCP_L1-Cantina.pdf](./2024_02-MCP_L1-Cantina.pdf) | -| 2024-03 | Sherlock | MCP L1 | [Sherlock Optimism Fault Proofs Contest](https://audits.sherlock.xyz/contests/205) | +| Date | Reviewer | Focus | Report Link | +| ------- | -------------------- | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 2020-10 | Trail of Bits | Rollup | [2020_10-TrailOfBits.pdf](./2020_10-Rollup-TrailOfBits.pdf) | +| 2020-11 | Dapphub | ECDSA Wallet | [2020_11-Dapphub-ECDSA_Wallet.pdf](./2020_11-Dapphub-ECDSA_Wallet.pdf) | +| 2021-03 | OpenZeppelin | OVM and Rollup | [2021_03-OVM_and_Rollup-OpenZeppelin.pdf](./2021_03-OVM_and_Rollup-OpenZeppelin.pdf) | +| 2021-03 | ConsenSys Diligence | Safety Checker | [2021_03-SafetyChecker-ConsenSysDiligence.pdf](./2021_03-SafetyChecker-ConsenSysDiligence.pdf) | +| 2022-05 | Zeppelin | Bedrock Contracts | [2022_05-Bedrock_Contracts-Zeppelin.pdf](./2022_05-Bedrock_Contracts-Zeppelin.pdf) | +| 2022-05 | Trail of Bits | OpNode | [2022_05-OpNode-TrailOfBits.pdf](./2022_05-OpNode-TrailOfBits.pdf) | +| 2022-08 | Sigma Prime | Bedrock GoLang | [2022_08-Bedrock_GoLang-SigmaPrime.pdf](./2022_08-Bedrock_GoLang-SigmaPrime.pdf) | +| 2022-09 | Zeppelin | Bedrock and Periphery | [2022_09-Bedrock_and_Periphery-Zeppelin.pdf](./2022_09-Bedrock_and_Periphery-Zeppelin.pdf) | +| 2022-10 | Spearbit | Drippie | [2022_10-Drippie-Spearbit.pdf](./2022_10-Drippie-Spearbit.pdf) | +| 2022-11 | Trail of Bits | Invariant Testing | [2022_11-Invariant_Testing-TrailOfBits.pdf](./2022_11-Invariant_Testing-TrailOfBits.pdf) | +| 2022-12 | Runtime Verification | Deposit Transaction | [2022_12-DepositTransaction-RuntimeVerification.pdf](./2022_12-DepositTransaction-RuntimeVerification.pdf) | +| 2023-01 | Trail of Bits | Bedrock Updates | [2023_01-Bedrock_Updates-TrailOfBits.pdf](./2023_01-Bedrock_Updates-TrailOfBits.pdf) | +| 2023-01 | Sherlock | Bedrock | [Sherlock Bedrock Contest](https://audits.sherlock.xyz/contests/38) | +| 2023-03 | Sherlock | Bedrock Fixes | [Sherlock Bedrock Contest - Fix Review](https://audits.sherlock.xyz/contests/63) | +| 2023-12 | Trust | Superchain Config Upgrade | [2023_12_SuperchainConfigUpgrade_Trust.pdf](./2023_12_SuperchainConfigUpgrade_Trust.pdf) | +| 2024-02 | Runtime Verification | Pausability | [Kontrol Verification][kontrol] | +| 2024-02 | Cantina | MCP L1 | [2024_02-MCP_L1-Cantina.pdf](./2024_02-MCP_L1-Cantina.pdf) | +| 2024-03 | Sherlock | MCP L1 | [Sherlock Optimism Fault Proofs Contest](https://audits.sherlock.xyz/contests/205) | + +[kontrol]: https://github.com/ethereum-optimism/optimism/blob/876e16ad04968f0bb641eb76f98eb77e7e1a3e16/packages/contracts-bedrock/test/kontrol/README.md