Summary
The most critical subjects covered in our audit are functional correctness, access control, signature handling, and precision of arithmetic operations. Security regarding functional correctness is good but improvable, see Insurance Fund Cannot Always Be the Deleverager. Security regarding access control and signature handling is high. Security regarding arithmetic rounding has been improved after the intermediate report, see Rounding Is Not Always in Favor of the System.
The general subjects covered are upgradeability and trustworthiness. Security regarding upgradeability is high. The operator could tweak the operations to some extent, thus affecting the trustworthiness, see Loosely Restricted Liquidations and Signed Price May Be Submitted Multiple Times.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Starkware Starknet Perpetual
StarkWare implements Starknet Perpetual contract that enables synthetic trading. It allows users to trade synthetic assets without the need for actual ownership of the underlying assets, providing flexibility and efficiency in trading operations.