.svg)
Summary
The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance. While security regarding all the aforementioned subjects is high, this reports contains some notes about the proper use of the contracts.
In a production setting, Deployment verification is strongly recommended. While Foundry does not atomically perform deployment, no frontrunning possibilities have been found. The current state of the deployment and initialization scripts shows a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Sky - Endgame Toolkit
Sky implements a toolkit for SubDAO governance including a governance token, a proxy contract for governance spell execution and a reward farming contract. This audit report reviews the security and correctness of the contracts as well as the corresponding deployment scripts.
In the latest version reviewed changes were made to update a farm's existing vest. Overall the endgame-toolkit offers a new governance token for SubDAO-level governance, a SubProxy for executing governance delegatecalls and a farming module allowing stakers to earn rewards.