.svg)
Summary
The most critical subjects covered in our audit are functional correctness of the migration spells and migration procedure integrity. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity, documentation, specification, and operational procedures. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that the successful and secure execution of the migration depends on following the documented procedures in the README. Specifically, newly deployed contracts must be manually inspected (see Deployment Verification), parameters must be verified, results of spell 0 must be verified on both chains prior to executing spell 1, and for the token bridge migration it must be ensured that no funds are in flight before proceeding.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Sky Wormhole LayerZero Migration Library
Sky offers a library for migrating the Ethereum-Solana governance and token bridges from Wormhole stack to LayerZero V2 stack. This review covers the governance spells facilitating the migration. The underlying contracts involved in the migration have been reviewed in separate reports, as detailed in the Assessment Overview.