Back to Overview

Sky Permissioned Action System

download report
Quotation mark icon

ChainSecurity has been an invaluable partner throughout years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!

Deniz Yilmaz
Tech lead (Sky)
external-link

Summary


The most critical subjects covered in our audit are functional correctness, access control, and compatibility with the Sky system. Security regarding all the aforementioned subjects is high.

The general subjects covered include extensibility with ALM Controller changes and compliance with Laniakea specifications. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.


About Sky Permissioned Action System


Sky implements PAS (Permissioned Action System), a governance framework for managing rate limited operations through authorized actors called cBEAMs (Configurator BEAMs, Bounded External Access Modules that modify the guardrails of external systems). PAS provides timelocked proposal execution, configurable rate limits, and role-based access control for cBEAMs to interact with external controllers (e.g. ALM controllers, rate limiters). It is intended to be deployed on both Ethereum mainnet and L2s.