Security - Deployment
The Foundation has required deployment through GitHub CI and OpenZeppelin's Defender product. For off-chain assets, critical pull requests must go through a required review that upon the merge are gated by successful tests, node scanner software is gated through an state update in the ScannerNodeVersion contract, and smart contract deployments/changes are handled through OpenZeppelin’s Defender product and relayers and are controlled by multisigs. This process ensures that the Forta Network cannot be changed, even in the event of a security breach by an individual involved in any development processes.
Forta is managed through three main Gnosis Safe Multi Sig contracts:
- 0xC0eb11fBC755D31c6FECEaAc8760ddCb88C64fE1 (Ethereum mainnet). 4/7 controlled by the Council members
- 0x30ceaeC1d8Ed347B91d45077721c309242db3D6d (Polygon mainnet). 4/7 controlled by the Council members
- 0xd1d4FaFd400fCD643132bb7eAF7682eE97E09C3e (Polygon mainnet). The Council members may delegate certain roles and corresponding signing authority. Currently, administrative roles have been delegated to a 4/6 multisig with members of the Foundation staff and certain members of the original core development team.
The Council multisigs have the following roles:
- Forta Token (0x41545f8b9472D758bB669ed8EaEEEcD7a9C4Ec29): ADMIN_ROLE, MINTER_ROLE, WHITELISTER_ROLE
- Airdrop (0x988a7Bc24A9D0fa49989FB9734bDa30f55760cEb): DEFAULT_ADMIN_ROLE, AIRDROP_MANAGER_ROLE, ADDITIONAL_CLAIM_MANAGER_ROLE, UPGRADER_ROLE
- Forta Token (Bridged) (0x9ff62d1FC52A907B6DCbA8077c2DDCA6E6a9d3e1): ADMIN_ROLE, WHITELISTER_ROLE, MINTER_ROLE
- Access (0x107Ac13567b1b5D84691f890A5bA07EdaE1a11c3): SLASHER_ROLE, UPGRADER_ROLE, AGENT_ADMIN_ROLE, ROUTER_ADMIN_ROLE, ENS_MANAGER_ROLE, SCANNER_VERSION_ROLE
The administrative multisig has the following roles:
- Access (0x107Ac13567b1b5D84691f890A5bA07EdaE1a11c3): SLASHER_ROLE, UPGRADER_ROLE, AGENT_ADMIN_ROLE, ROUTER_ADMIN_ROLE, ENS_MANAGER_ROLE, SWEEPER_ROLE, SCANNER_VERSION_ROLE, DISPATCHER_ROLE The council member multisigs have the following roles:
Forta contracts are managed through OpenZeppelin's Defender product utilizing relays to manage smart contract deployment and maintenance.
Forta On-Chain Monitoring
Forta on-chain activity is monitored by Forta Detection Bots and feeds into Forta Network's incident response process. The following detection bots were developed specifically for the Forta smart contracts. The code is available on GitHub.
- Forta Access Control Role Changed
- Forta Access Manager - Router Updated
- Forta Admin Bot Scanner Disable
- Forta Agent Updated
- Forta Agents Linked
- Forta Core Monitoring
- Forta Emitting Upgraded
- Forta Mint Mainnet
- Forta Scanner Node Software Updated
- Forta Staking Events
- Forta Staking Parameters
- Forta High Number Of Bot Deployments
- Forta Routing Updated
- Forta Stake Controller Changed
- Forta Stake Threshold Changed
- Forta Token Role Changes
- Forta Whitelist Disabling
Forta is also monitored by the bots in the Threat Detection Kits.
Forta Off-Chain Monitoring
Lastly, several operational monitors exist around the performance of the network, such as latency, API usage, deployments, etc.