> For the complete documentation index, see [llms.txt](https://docs.stacks.co/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.stacks.co/learn/zh/network-fundamentals/audits.md).

# 审计

<div data-with-frame="true"><figure><img src="/files/e739f97da17d8a70243fc1d9faf68cbc4f71c3a3" alt=""><figcaption></figcaption></figure></div>

#### 审计只是其中一部分

对于任何项目，多层安全都至关重要。审计代表一层，而核心开发者和贡献者则协作提供更多保障。除审计外，值得注意的安全项目、设计和合作伙伴包括：

* 嵌入式安全研究人员 [由 Asymmetric Research 提供](https://stacks.org/asymmetric-joins-stacks-ecosystem)
* 与 Immunefi 合作开展的 Attackathon 项目
* sBTC 的去中心化 [验证者/签名者网络](https://www.stacks.co/sbtc) （无需信任单一实体，并降低对手方风险）
* Stacks 的底层设计提供 100% 比特币最终性，在一个 25 亿美元网络的共识层面保障 sBTC 安全。
* 应用层支持通过 [Hypernative](https://hackernoon.com/hypernative-bolsters-bitcoin-l2-security-as-stacks-ecosystem-gets-real-time-protection)
* Bitcoin L2 Labs 的 [白帽安全计划](https://bitcoinl2-labs.github.io/2024/06/04/orange-hats.html)
* Stacks 基金会与 Staking Defense League 的合作
* Stacks 基金会持续进行的 [Immunefi 漏洞赏金计划](https://immunefi.com/bug-bounty/stacks/information/)
* 专门的 Stacks 基金会驻场人员，专注于模糊测试和渗透测试（创建 [Rendezvous](https://stx-labs.github.io/rendezvous/))

{% hint style="warning" %}
*审计中列出的所有“高”或“严重”问题都已得到缓解，或已因其他原因失去效用，即使报告另有说明。*
{% endhint %}

#### Stacks 核心

Stacks 核心的审计

{% file src="/files/d57ca8485835cb61417081055748d6c41fb9dd44" %}

{% file src="/files/439a509b9fb753b8a7287c229e3eb98c115e5c46" %}

{% file src="/files/07c1d5156d781e7a94ee1ec2a805915691305758" %}

{% file src="/files/592cd8b0df201d02d1c9273b8f72d685671029d3" %}

{% file src="/files/beb8207385bd7ec7ed603c4434db883d6ffbc2eb" %}

{% file src="/files/a1240262a4ca93532e1bd9851360b22d9419305d" %}

#### 其他审计

{% file src="/files/1038001e8d1ac166a21b0104f633d4397408a148" %}

{% file src="/files/4a4680858c4c05fd1dc19dfe82f564aabd97cd3d" %}

{% file src="/files/bc3592c0166d4bb82847d4746ac90f12432709ba" %}

Trail of Bits 报告，Stacks 区块链（无 PDF， [提供的 GitHub 问题列表](https://github.com/diwakergupta/stacks-blockchain-tob-audit/issues))


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.stacks.co/learn/zh/network-fundamentals/audits.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.