Building a Safer Firo: MAGIC approves Security Retainer with HashCloak

Testing infrastructure, expand unit test coverage, and improve the PR review process

We are pleased to announce that the MAGIC Board has approved a security retainer with HashCloak for Firo that would utilise the MAGIC Firo Fund.

The security retainer focuses on building out Firo’s fuzz testing infrastructure, expanding unit test coverage and augmenting Firo’s existing PR review process. Additionally, the retainer also ensures Firo is abreast of the latest vulnerabilities and security techniques along with assessing vulnerabilities in other chains and their applicability to Firo.

Fuzz testing uses the same tools that threat actors use to find exploits and helps to find bugs and vulnerabilities that are not covered by unit tests or even manual audits. Firo’s fuzz testing infrastructure will be extended and built out especially those concerning Lelantus Spark, which is expected to go live on mainnet later this year. Once set-up it can run for as long as required in the background and extended to cover new code.

HashCloak will also examine Firo’s existing unit test coverage and extend them beyond the standard ones covering newer test cases and edge cases.

As part of the security retainer, HashCloak will also augment Firo’s existing review process, especially those that touch critical parts of Firo’s codebase. This will add a fresh and unbiased eyes to PR reviews.

About HashCloak

HashCloak Inc. is an R&D lab and consultancy focused on privacy, anonymity and scalability for blockchains and cryptocurrencies. Founded in 2019, the Toronto-based team specialises in ZKPs, anonymous networks, MPCs and other privacy-enhancing techniques. HashCloak has previously worked with Firo in auditing both the design and implementation of Lelantus Spark.

About MAGIC Grants

MAGIC Grants is a 501(c)(3) public charity that supports cryptocurrency networks, which they believe are essential public payment infrastructure and also supports privacy. MAGIC Grants empowers communities to set up MAGIC Funds for various projects deemed essential. These Funds are semi-autonomous and can choose to fund various qualifying activities, including educational materials, essential developer maintenance, research, and security audits.

About MAGIC Firo Fund

The MAGIC Firo Fund was established in December 2022 and is administered by the MAGIC Board independently from the Firo Core team. The MAGIC Firo Fund is funded by generous donations from Firo supporters such as Arcadia. Donations to the fund are tax deductible if you’re based in the US.