Question 55: Has SCDO undergone a third-party security audit?
Answer: As of now, the SCDO core protocol code has not been published with a comprehensive audit report from a well-known security company. However, as an open-source project, SCDO has undergone extensive review by community developers and has been tested through long-term mainnet operation.
Since the mainnet went live in 2021, there have been no major security incidents, which indirectly proves the reliability of the code.
In addition, the team members include experienced blockchain researchers and algorithm experts who have conducted rigorous testing and formal verification during the development process.
Some blockchain security communities have also researched and discussed SCDO's consensus algorithm, and no obvious vulnerabilities have been found. Of course, a formal third-party audit can further increase trust. SCDO or its community may invite independent auditing agencies in the future to review key modules (such as consensus, security protocols, contract VM) and publish the results.
If users are concerned about security audit conditions, they can follow the project’s official website announcements.
Currently, users can assess the project's security by reviewing SCDO's GitHub commit history and issues, as well as mainnet operation data.
The absence of an audit does not mean it is unsafe, but a formal audit is a kind of professional endorsement. In short, the SCDO core code has been running in a public environment for many years, and its security has undergone some verification. If authoritative audit reports can be introduced in the future, it will further enhance the community's confidence in the project's security.