Back to Overview

Sulu Extension XXVI

download report
Quotation mark icon

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.

Mona El Isa
CEO, Enzyme
external-link

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness, integration with the external protocol, and access control. The general subjects covered are testing, gas efficiency, and trustworthiness. Security regarding the aforementioned subjects is good.

The most notable, now resolved, findings are:

• Share Price Manipulation by Triggering Hooks which illustrates how access control could have been bypassed. Additionally, the finding had implications on asset solvency.

•Incorrect Reference ID which highlighted the potential for improving functional correctness. Additionally, it illustrated how testing can be improved by mirroring the expected behavior of the external protocol more accurately.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sulu Extension XXVI

Enzyme Foundation implements an external position for integrating with Alice v2 which allows for placing orders that can be taken by Alice v2 protocol.