.svg)
.svg)
Summary
The most critical subjects covered in our audit are signature handling, event handling, and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are functional correctness, upgradability, trustworthiness, and documentation. The core contracts in the scope of this review are upgradeable and fully controlled by an admin role. In addition, several accounts are required to be trusted, see Roles and Trust Model andPotential Single Points of Failure. The project has extensive documentation and inline code specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About CCTP V2 Smart Contracts
Circle implements a new version of Cross-Chain Transfer Protocol (CCTP) that implements new features, such as fast burn messages and hook data. CCTP v2 uses new message formats that are incompatible with the previous version. Two versions of CCTP are treated as distinct networks in the smart contract level and use a different set of attesters.