The iExec V3 contracts went public on May 15. One year since V2 mainnet, it was important to once again carry out an audit on the security, trust and overall design of the new V3 smart contracts before going live. The updated code underwent an independent and external review.

ChainSecurity provided an expert analysis and audit on each of the iExec V3 smart contracts (mainly the iexecHub and iexecClerk contracts). After an extensive review of thousands of lines of code, Chain Security produced a detailed report which is public and open for everyone to read.

Overall, we found that iExec employs good coding practices and has clean, well-documented code. All properties verified by CHAINSECURITY hold. However, CHAINSECURITY raised minor security and design issues, which have been fixed in the latest code commit. — ChainSecurity

We are happy to announce that the invariants of the iExec V3 smart contracts were all verified manually by ChainSecurity and none were labeled as having a security impact. The iExec team would like to thank you ChainSecurity for such a rigorous and detailed report!

Read Chainsecurity’s full iExec V3 security audit here:

Or on the iExec Github:

↘️ https://github.com/iExecBlockchainComputing/security-audit ↙️

About ChainSecurity: As a smart contract audit firm, ChainSecurity has earned the reputation as the industry standard. They were recently responsible for flagging a critical security vulnerability in the Ethereum EIP 1283, resulting in a necessary delay of the Constantinople hard fork. ChainSecurity is composed of blockchain experts from ETH Zurich and are official research partners of the Ethereum Foundation and Web3 Foundation and ICE research center.