.svg)
Summary
The most critical subjects covered in our audit are accounting correctness, reentrancy protection, and access control. Security regarding accounting correctness is high after issues such as Bridge Transfer Can Be Counted as Profit and Linked Positions Can Be Updated Separately have been addressed. Security regarding reentrancy protection is high, after issues such as Reentrancy Can Cause Incorrect Share Price and Reentrancy Can Circumvent Slippage Check have been addressed. Security regarding access control is high.
In summary, we find that the codebase provides a high level of security.
A correct configuration is critically important for the system to behave correctly. We have compiled a summary of important behaviors that risk managers should be aware of in the Notes for Risk Managers section.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Makina Core
Makina implements a cross-chain asset management protocol that defines roles that can manage the assets deposited by users. The system leverages the Weiroll VM to allow the execution of arbitrary instructions that have been pre-approved by the risk manager. Furthermore, it implements slippage checks that ensure there can be no unexpectedly large losses when executing instructions or swaps. This framework allows a flexible way to manage assets across multiple chains while ensuring that losses can be limited, even in the event of an operator secret key compromise.