Fluent: Fluentbase audit report
Project Information
CATEGORY
Zero-Knowledge Virtual Machines (zkVM), Smart Contracts
NETWORK
Fluent
WEBSITE
https://www.fluent.xyz/
DESCRIPTION
From Sep. 22, 2025 to Oct. 27, 2025, Fluent engaged Veridise to conduct a security assessment of Fluentbase. The security assessment covered a fork of revm and Fluentbase, the core runtime manager for the Fluent blockchain. Veridise conducted the assessment over 10 person-weeks, with 2 security analysts reviewing the project over 5 weeks. The review strategy involved a tool-assisted analysis of the program source code performed by Veridise security analysts, as well as a thorough code review.
Audit Report
SCOPE
The scope of this security assessment is limited to the following locations:
For the repository at https://github.com/fluentlabs-xyz/revm-rwasm/tree/devel, the scope encompassed all files within crates that have been modified since version v82.
For the repository at https://github.com/fluentlabs-xyz/fluentbase/tree/devel, the scope comprised the directories crates/runtime and crates/revm, with the following files explicitly excluded:
- crates/revm/Cargo.toml
- crates/revm/README.md
- crates/runtime/Cargo.toml
- crates/runtime/README.md
- crates/runtime/src/executor/global_executor.rs
- crates/runtime/src/runtime/wasmtime_runtime.rs
- crates/runtime/src/utils/testing_store.rs