Llama
Llama is an onchain governance and access control framework for smart contracts. It uses non-transferable NFTs to encode access control, features programmatic control of funds, and includes modular strategies to define action execution rules.
Prerequisites
Foundry must be installed. You can find installation instructions in the Foundry docs.
We use just to save and run a few larger, more complex commands.
You can find installation instructions in the just docs.
All commands can be listed by running just -l from the repo root, or by viewing the justfile.
VS Code
You can get Solidity support for Visual Studio Code by installing the Hardhat Solidity extension.
Installation
$ git clone https://github.com/llamaxyz/llama.git
$ cd llama
$ forge install
# Configure git to ignore commits that aren't relevant to git blame. Read the
# comments in the `.git-blame-ignore-revs` file for more information.
$ git config blame.ignoreRevsFile .git-blame-ignore-revsSetup
Copy .env.example and rename it to .env.
The comments in that file explain what each variable is for and when they're needed:
- The
MAINNET_RPC_URLvariable is the only one that is required for running tests. - You may also want a mainnet
ETHERSCAN_API_KEYfor better traces when running fork tests. - The rest are only needed for deployment verification with forge scripts. An anvil default private key is provided in the
.env.examplefile to facilitate testing.
Commands
forge build- build the projectforge test- run tests
Deploy and Verify
just deploy- deploy and verify payload on mainnet- Run
just -lor see thejustfilefor other commands such as dry runs.
Deployments
Testnet deployments
Documentation
To read all of our documentation, visit https://docs.llama.xyz. To view Llama framework documentation only, visit the docs directory.
Smart contract reference
Run the following command to generate smart contract reference documentation from our NatSpec comments and serve those static files locally:
$ forge doc -o reference/ -b -sSecurity
Audits
We've received three audits from Spearbit and one from Code4rena. You can find links to the reports below:
- Llama Spearbit Audit (June 2023)
- Llama Code4rena Audit
- Llama Spearbit Audit (August 2023)
- Llama v1.1.0 Spearbit Audit (January 2024)
Bug bounty program
All contracts in the src/ directory except src/LlamaLens.sol are in scope for the bug bounty program. The root lib/ directory (not the src/lib/ directory) and acknowledged findings from our Spearbit and Code4rena audits are out of scope.
Llama policyholders are trusted participants of a Llama instance based on what their roles and permissions allow them to do. Any findings that require policyholders to take malicious action are out of scope for this program.
We adapted the Immunefi Vulnerability Severity Classification System to determine classification.
| Level | Example | Maximum Bug Bounty |
|---|---|---|
| 5. Critical | - Unauthorized action state transitions - Major manipulation of approval or disapproval results - Vulnerabilities in the roles and permissions system that result in unauthorized ability to create, approve, or disapprove actions - Permanent freezing of funds in accounts |
Up to 100,000 USDC |
| 4. High | - Minor manipulation of approval or disapproval results that are unlikely to affect outcomes - Minor vulnerabilities in the roles and permissions system that are unlikely to affect outcomes - Temporary freezing of funds in accounts |
Up to 20,000 USDC |
| 3. Medium | - Griefing that disrupts an instance's action flow | Up to 5,000 USDC |
| 2. Low | - Contract fails to deliver promised returns, but doesn't lose value | Up to 1,000 USDC |
| 1. None | - Best practices | |
| Not sure? | Email us |
Email us at security@llama.xyz to get in contact.
Slither
Use our bash script to prevent slither from analyzing the test and script directories. Running slither . directly will result in an AssertionError.
$ chmod +x slither.sh
$ ./slither.sh