Back to Overview

Makina Lite

Quotation mark icon

Working with ChainSecurity was a great pleasure. The team is extremely professional, highly knowledgeable about DeFi protocols, and their risks. They were a great partner on a complex and in-depth audit. The responsiveness, flexibility and thoroughness were highly appreciated!

Jenna Zenk
CEO, Makina

Summary

The most critical subjects covered in our audit are escalation of privileges, functional correctness,

and trustworthiness. Security regarding escalation of privileges is good.

In a previous iteration, the issues Manager Can Steal Bridged Assets via Deliberate Non-Fill and No Rate Limit on Operator Enables Repeated Slippage Loss were identified; both have been addressed in the latest version. Security regarding functional correctness is good after issues such as Queued Safe Transaction Can Invalidate Accounting Snapshot and Incoming Token Transfers Corrupt Slippage Check have been addressed.

To resolve the latter, Makina changed the specification to ban management instructions that can yield execution control to an attacker, who could exploit it to mask a loss, see Restrictions on Whitelisted Management Instructions. This places considerable responsibility on the user, who must carefully review all management instructions before whitelisting them. Security regarding trustworthiness is good: the trust model is layered and well-defined, with the Safe retaining ultimate control and neither the Provider nor infrastructure roles able to move funds out of the Safe. The general subjects covered are specification and code complexity. Security regarding both is high.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.


About Makina Lite


Makina provides Makina Lite, a Gnosis Safe module through which authorized operators manage DeFi positions, harvest rewards, swap tokens, and bridge tokens to other chains on behalf of a user who stores their assets in the Safe. The user has to whitelist all operations that can be performed.

Makina Lite operates in one of three modes: operators are fully trusted in OPEN mode, while FENCED and WALLED add increasing protection against a malicious or compromised operator through slippage limits and cooldowns.