We propose to improve the security of the Avalanche network as a whole by:

1. Auditing the source code of the Avalanche tools and some of the libraries on which they depend. To audit we will follow the methodology of OpenBSD
2. Porting the libraries and the fundamental avalanche tools to OpenBSD/adJ (at least avalanchego, subnet-evm, coreth, avalanche-network-runner, precompile-evm and avalanche-cli)
3. On OpenBSD/adJ run the tests of the Avalanche tools and use them with different use cases (including a validator and developing dApps) and with loads as close as production as possible to discover runtime failures that could point to security flaws.
4. Report the problems found and recommend ways to improve and/or propose Pull Requests to fix them.

Up to now we have been advancing in the porting effort, and it has shown fruits, in particular in the library supranational/blst used by Avalanchego and that was improved as a result of our testing on OpenBSD/adJ. See its security improvement at commit dae1f and commit 6cca1 --a constant table required for the cryptographic BLS12-381 signature library now is in a section for constants (.rodata) making more difficult for an attacker to modify it after avalanchego starts), see the details of our report and feedback at the issue 206.

Please see more about this project in its description in the Forum and in its status page