Back to Overview

Sky Governance OApp

download report
Quotation mark icon

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!

Deniz Yilmaz
Tech Lead, Sky
external-link

Summary

The most critical subjects covered in our audit are functional correctness, access control, and compatibility with Sky governance. After the intermediate report, Arbitrary Call in lzReceive has been resolved and security regarding all the aforementioned subjects is now considered high.

The general subjects covered are gas efficiency and documentation. Documentation can be enriched. Further, some general considerations are provided for secure integration with LayerZero V2, in particular:

• LayerZero V2 Considerations
• Message Passing Considerations
• OApp Call Validation

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky Governance OApp

Sky implements a Governance OApp using the LayerZero V2 stack to facilitate the relaying of messages in a standardized manner for EVM chains and Solana.