Why there will never be any critical bug in Monero protocol? Because things are done as they should be. This was 4th audit of RandomX this time by Quarkslab. Before it was allready auditeted by Kudelski, X41 and TrailOfBits. Some may say it is overkill, but it is just to prevent wet dreams of "minting bugs" article writers.
Quarkslab has studied the security of the Monero Research Labs new Proof-of-Work algorithm called RandomX. The evaluation was spread over about three weeks for a total of 32 days with three engineers. It took over from three other security audits, all four made possible thanks to the Open Source Technology Improvement Fund.
Therefore, to maximize the value of a fourth review, Quarkslab focused part of its efforts on:
the analysis of a few areas less covered by the previous reports,
the analysis of the previous reports, the responses of Monero Research Lab, and the subsequent changes in the code and in the specifications.
Despite a highly complex and radically new subject, the documentation and code of RandomX were of very high quality. All the attack paths we could think of had already been taken into account or at least studied in the previous audits. Then we reviewed the previous reports, the Monero Research Lab replies and their subsequent code changes. We agree with them.
Moreover, we didnt find any significant optimization of the proof-of-work algorithm, even with approximations.