References (this is a heading2)
- This is a list for references
- reference 2
- reference 3
This is additional reference text
Audits for V3
0xmacro audited V3 in the week of May 15th. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts to keep the smart contract stable for the next audit.
AfterDark’s @sjkelleyjr and @securerodd audited V3 in the week of May 29th. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts so that we could proceed with the upgrade without restarting the audit process.
Previous audits (V1)
Certik security audit
- We addressed the first two by implementing a multisig wallet controlled by a governance council.
- We resolved the third by downgrading to a solidity release that Certik deemed stable. Our codebase is open source, and you can review the pull request here.)
Upgrading from V1 to V2
On April 3rd, the Glo team identified a critical security vulnerability. This vulnerability allowed any holder of Glo Dollar to increase their balance by sending any amount of Glo Dollar to themselves, after which their total balance would be increased by the sent amount. A malicious actor could have exploited this issue to steal funds.Once we identified the issue, we took immediate action to confirm that it had not been taken advantage of, and then fixed the issue by upgrading from V1 to V2 on April 4th. (We describe this in more details, and how we changed our processes to better address threats like this, in this blogpost.)