From 7c41df796f5626b8adb41490a13f0098a942e69c Mon Sep 17 00:00:00 2001 From: Turupawn Date: Fri, 20 Jun 2025 11:14:06 -0600 Subject: [PATCH 1/3] added audit your code + aside for areta market --- public/locales/en/translation.json | 1 + public/locales/es/translation.json | 2 + src/config/sidebar.ts | 4 ++ .../developers/guides/auditing-your-code.mdx | 51 +++++++++++++++++++ .../security/audits-and-bug-bounty.mdx | 14 +++-- 5 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 src/content/docs/en/developers/guides/auditing-your-code.mdx diff --git a/public/locales/en/translation.json b/public/locales/en/translation.json index 8fbda645..7587e3a4 100644 --- a/public/locales/en/translation.json +++ b/public/locales/en/translation.json @@ -98,6 +98,7 @@ "contractDeploymentTutorial": "Contract Deployment Tutorial", "crossChainInteraction": "Scroll Messenger Cross-chain Interaction", "runningNode": "Running a Scroll Node", + "auditingYourCode": "Auditing your code", "bridgingERC20TokenThroughCustomGateway": "Bridge an ERC20 through the Custom Gateway", "bridgingERC721NftThroughCustomGateway": "Bridging ERC721 NFT through Custom Gateway", "bridgingERC1155ThroughCustomGateway": "Bridging ERC1155 through Custom Gateway", diff --git a/public/locales/es/translation.json b/public/locales/es/translation.json index 242184b7..3e378419 100644 --- a/public/locales/es/translation.json +++ b/public/locales/es/translation.json @@ -95,6 +95,8 @@ "future": "Futuro", "guides": "Guías", "contractDeploymentTutorial": "Tutorial de Despliegue de Contratos", + "runningNode": "Corre Nodo de Scroll", + "auditingYourCode": "Audita tu código", "crossChainInteraction": "Interacción Cross-chain del Scroll Messenger", "bridgingERC20TokenThroughCustomGateway": "Bridging de un ERC20 a través de una Gateway Personalizada", "bridgingERC721NftThroughCustomGateway": "Bridging de un ERC721 NFT a través de una Gateway Personalizada", diff --git a/src/config/sidebar.ts b/src/config/sidebar.ts index 3cc4d78f..71cda2eb 100644 --- a/src/config/sidebar.ts +++ b/src/config/sidebar.ts @@ -162,6 +162,10 @@ export const getSidebar = () => { title: t("sidebar.developers.runningNode"), url: formatUrl("developers/guides/running-a-scroll-node"), }, + { + title: t("sidebar.developers.auditingYourCode"), + url: formatUrl("developers/guides/auditing-your-code"), + }, { title: t("sidebar.developers.canvasBadge"), url: formatUrl("developers/guides/canvas-badge-integration"), diff --git a/src/content/docs/en/developers/guides/auditing-your-code.mdx b/src/content/docs/en/developers/guides/auditing-your-code.mdx new file mode 100644 index 00000000..d49f4c9a --- /dev/null +++ b/src/content/docs/en/developers/guides/auditing-your-code.mdx @@ -0,0 +1,51 @@ +--- +section: developers +date: Last Modified +title: "Auditing your code" +lang: "en" +permalink: "developers/guides/bridge-erc20-through-the-custom-gateway" +whatsnext: { "Running a Scroll Node": "/developers/guides/running-a-scroll-node" } +excerpt: "This guide will walk through how to use Scroll's bridge for ERC20s that need custom functionality using the Custom Gateway." +--- + +import Aside from "../../../../../components/Aside.astro" + +The [Scroll Audit Marketplace](https://areta.market/scroll) is a dedicated platform built on [Areta Market](https://areta.market/) that gives Scroll builders a faster, cheaper, and more transparent path to securing audits from top-tier providers. + +The Scroll Audit Marketplace is open to all Scroll builders, offering access to ~10 pre-vetted, whitelisted audit firms approved for your project by Areta and the Scroll Foundation. + + + +### Requesting an Audit via Scroll Audit Marketplace + +1. **Sign up to join the Scroll Audit Marketplace on Areta Market** using this [link](https://scroll.areta.market). +2. **Submit your audit scope**: Use a guided form or upload your specific requirements. +3. **Get 6-8 quotes**: From trusted firms like Hacken, Spearbit, Nethermind, and Zellic. +4. **Choose your auditor**: Based on price, timeline, or personal preference. +5. **Start your audit**: With clear, standardized terms. + +### Whitelisted Audit Firms + +The Scroll Audit Marketplace is launching with the following audit providers. This list will continue to grow, and updates will be maintained here: + +- [Certora](https://www.certora.com/) +- [Hacken](https://hacken.io/) +- [Hexens](https://hexens.io/) +- [Immunefi](https://immunefi.com/) +- [Nethermind](https://www.nethermind.io/) +- [Sherlock](https://www.sherlock.xyz/) +- [Runtime Verification](https://runtimeverification.com/) +- [Spearbit](https://spearbit.com/) +- [Zellic](https://www.zellic.io/) + +### How to Get Started + +The [Scroll Audit Marketplace](https://areta.market/scroll) is open to anyone building on Scroll. + +To get started, sign up for Areta Market using [this link](https://scroll.areta.market/register/client), follow the guided flow to set up your account, submit your first audit request, and connect with the right firm to help launch your project with confidence. \ No newline at end of file diff --git a/src/content/docs/en/technology/security/audits-and-bug-bounty.mdx b/src/content/docs/en/technology/security/audits-and-bug-bounty.mdx index 306a058f..10553b99 100644 --- a/src/content/docs/en/technology/security/audits-and-bug-bounty.mdx +++ b/src/content/docs/en/technology/security/audits-and-bug-bounty.mdx @@ -16,11 +16,14 @@ Scroll treats security as a top priority. Aside from rigorous testing, an internal security team, and comprehensive code reviews, we have also engaged with multiple security audit firms to conduct audits on our codebase. We have also launched a bug bounty program to encourage the community to participate in the security of our protocol. -