Parallel Wallet Extension Security Overview
Due to the increasing rate of cryptocurrency wallet hacks and compromises perpetrated across the globe, it becomes important for wallets to be secured to keep the assets of users safe. Security is a top priority because no one wants to lose their money and in light of this, Parallel Finance ensures that the Parallel Wallet extension is safe for users.
We understand that there are concerns regarding on-chain security due to exploits that have been reported within the Dotsama ecosystem. However, we find it necessary to explain to our users and community members the extra measures we’ve taken to ensure the overall safety of our wallet extension.
These security steps ensure the safety of assets within the wallet. As a result, users will peacefully work on their financial goals as they leverage the platform for DeFi participation and profit. Since our launch, all the attacks on the ecosystem have been repelled with security measures we put in place and these measures are also the ones we incorporated into the newly launched wallet extension.
We discussed below the security steps taken to ensure the safe use of the Parallel Wallet extension and other protocols within our DeFi ecosystem.
We discussed below the security steps taken to ensure the safe use of the Parallel Wallet extension and other protocols within our DeFi ecosystem.
Security Steps to Ensure Secure Use of Parallel Wallet Extension
Open-Source Code Base
Our engineering team went through the intense process of extracting Wallet Services from the Parallel Wallet Extension code base. This gives us the benefit of being an open-source wallet service provider without proprietary restrictions. With this, developers, testers and other users are constantly reviewing the code, performing audits, suggesting improvements, and closing security gaps.
Apart from these, it also make integration with other Parachain Dapps possible and create a foundation of core functionality that can be extended and consumed in various platforms such as browser extension, mobile development, web embedded, etc.
Security Audit and Testing
Rust-based smart contract is one of the most secure cryptocurrency systems and this is because top security auditors have audited it multiple times. In the details below, we outlined the different auditing companies that reviewed Parallel code base to rule of vulnerability.
SlowMist: SlowMist is a globally recognized blockchain security firm that has worked with top blockchain companies like Binance, Crypto.com, Huobi, PancakeSwap, and others. They execute security audits to determine the level of security of the protocol and how any perceived vulnerability can be exploited for illicit activities.
They reviewed scopes such as account and transaction model security, code static check, DeFi logical security, and encrypted signature security with their complete blockchain security audit. They notified the Parallel Team about certain security risks, which were rectified immediately by the team. You can download the comprehensive report here.
Halborn: Halborn has risen to the top 1% of blockchain, and smart contract auditors trusted globally by different crypto projects such as Polygon and Terra. Halborn contract terms were to identify security issues within the bridge solidity smart contracts. When they discovered them and notified the Parallel Finance team, we addressed those risks without delay. Read the full report here.
Likewise, they conducted an audit on the bridge substrate pallet, and the Parallel team addressed the raised security issues without delay. And the money market substrate pallet security audit revealed defects of high significance. You can read more details in the full report.
Secfault: Known for its security services, Parallel Finance hired Secfault to test major products and determine if any security enhancements need to be done to ensure that wallet users will have their funds secure.
Bug Bounty Program
As a way to ensure that the Parallel Wallet extension is safe for users to use and entrust with their funds, the Parallel Team initiated the Parallel Bug Bounty Program that rewards bounty hunters appropriately based on the impact a vulnerability can have on the wallet.
The vulnerability impact is based on the Immunefi Vulnerability Severity Classification System V2.2. A simplified 5-level scale, with separate scales for websites/apps, smart contracts, and blockchains/DLTs. The bug reports must come with suggestion(s) to fix the bug in order to be considered for a reward. Payouts are executed by the Parallel Team immediately after the review is completed and the reward for critical wallet vulnerabilities is pegged at $10,000.
However, you only receive the rewards if you are the first person to report the bugs via the form link and haven’t shared the information with the public. The rewards are paid in PARA token.
Wallet Integrations
The wallet supports Parallel native assets — PARA and Heiko plus other Relaychain and Parachain assets as shown in the table below.
Our integrations are done with XMP/HRMP messaging format to communicate with other Parachains. Parallel wallet also supports ledger. With this, users can sign deploys and transactions plus transfer our native assets (PARA/HKO) and send DOT/KSM on the Relaychain. The communication methods employed with Parallel supported integrations embody the same security the overall system upholds.
Parallel Wallet Extension: the New Lightweight, Multi-Asset Wallet Extension
The recent liquidation occurring in the crypto space due to the crypto market crash has increased the rate at which individual crypto wallet is hacked, and funds are stolen. As such, traders and investors seek alternatives to a bugged crypto wallet that can cost them their funds.
Parallel Finance recognized this. And as a result, we created the Parallel Wallet extension for crypto users to securely store their crypto funds and interact with the DeFi ecosystem. Thus, you have no worries about wallet security when you use the Wallet Extension.
