No Image Available
Neulock
Smart Contract Audit - Neulock Smart Contracts - Neulock
Neulock
Neulock Smart Contracts

Summary

The most critical subjects covered in our audit are access control, functional correctness, and Denial-of-Service vectors.

Security regarding access control is high, after an issue that allowed bypassing the token-gating system has been fixed, see Subscription Can Be Passed Around. Functional correctness is high, after issues with the royalty implementation has been fixed, see Royalty Payments With Native Tokens Break Marketplace Integrations. Security regarding Denial-of-Service vectors is high after the previously implemented refund mechanism was removed, see Refund Mechanism Can Be Abused to DOS a Series.

A general subject covered is gas efficiency. Gas efficiency was improved, see Burning Can Increase Withdraw Gas Cost and Gas Optimizations.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Neulock Smart Contracts

Studio V implements a storage contract to be used with an on-chain password manager. The access to the contract is gated through an NFT contract, with a points system attached.

ChainSecurity approached our audit with exemplary professionalism and depth. Their team’s competence and thoroughness sharpened every aspect of our codebase, guiding us toward a cleaner, more correct implementation. Just as important, they were fantastic people to collaborate with: responsive, clear, and genuinely invested in our success. Thanks to their work, Neulock’s security posture is stronger than ever.on our security audit.
Lucas Neves, author of Neulock Web3 Password Manager
No Image Available
Decentralized USD (USDD)
Smart Contract Audit - Smart Allocator Smart Contracts - ChainSecurity
USDD Smart Allocator Smart Contracts
USDD Smart Allocator Smart Contracts

Summary

The most critical subjects covered in our audit are access control, functional correctness, and precision of arithmetic operations. The general subjects covered are documentation, specifications, and gas efficiency.

Security regarding all aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDD Smart Allocator Smart Contracts

Decentralized USD implements smart contracts for onboarding Smart Allocator as collateral for the USDD 2 system. The new contracts allow trusted Smart Allocator lenders to borrow USDD stablecoins against these assets, while managing debt repayment and liquidation.

No Image Available
Sky (MakerDAO)
Smart Contract Audit - Sky smart contracts - ChainSecurity
Sky smart contracts
Sky smart contracts

Summary

The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky smart contracts

Sky implements a rebranded version of the MKR token and an immutable converter with a fixed conversion rate. The converter functions by minting and burning tokens. The new governance token is ERC-20 compliant and the converter allows for permissionless conversion between MKR and SKY tokens.

--

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky
No Image Available
Polymarket
Smart Contract Audit - UMA Sports Oracle - ChainSecurity
UMA Sports Oracle
UMA Sports Oracle

Summary

The most critical subjects covered in our audit are external integrations with UMA and the ConditionalToken Framework, solvency such that refunds from a game are not spent by another game, and functional correctness of the state transitions, also with respect to asynchronous callbacks and admin actions. Security regarding all the aforementioned subjects is high.

The general subjects covered are documentation, testing, missing refunds, Denial of Service attacks and front-running. Security regarding all the aforementioned subjects is high. Documentation regarding the state transitions is expanded out in the following System Overview. During the review, an issue in the UMA protocol has been uncovered that could have affected the Polymarket contracts. The issue has been resolved with the collaboration of UMA.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About UMA Sports Oracle

Polymarket implements UMA Sports Oracle, a smart contract that allows the creation of conditional tokens for bets on sport games. Several types of bets are possible for a given game. UMA Sports Oracle allows querying the game result only once in the UMA Optimistic Oracle to resolve the outcome of several bets.

Hats off to the ChainSecurity team for their stellar work on our security audit. The process was smooth from start to finish thanks to their clear communication style, and our codebase benefited immensely from their thorough analysis. We look forward to working with them in the future!
Mike Shrieve - Protocol Lead

No Image Available
Hedgehog
Smart Contract Audit- Hedgehog Protocol - ChainSecurity
Hedgehog Protocol
Hedgehog Protocol

Summary

The most critical subjects covered in our review are functional correctness and access control. Initially, security regarding functional correctness was improvable, while security regarding access control was satisfactory. A set of severe issues were introduced in the initial versions of the codebase, mainly from two changes:

1. The debt token BaseFeeLMA was using 6 decimals
2. The Base fee oracle returned a price with 1 decimal and the token pair BaseFeeLMA:ETH

These changes were not reflected consistently in the codebase, hence breaking multiple pre-existing functions. These issues have been resolved in the final version.

In Version 4 of the codebase a new functionality to enforce a system-wide withdrawal limit was added. The implementation of this functionality introduced a set of new bugs, the most severe being Liquidations are blocked from Withdrawal Limit. These findings have been resolved in the final version.

The general subjects covered are trustworthiness, documentation, and testing. Security regarding trustworthiness have been improved throughout the review, but privileged roles in non-core contracts can still block user operations, see Trust Model and Roles. Documentation and specification are improvable and can be extended to describe the changes more thoroughly and systematically. The testing suite has been enhanced in the later iterations, but testing remains improvable. The tested contracts do not always match the deployed contracts (i.e. HogToken on Base) and not all code paths are covered by tests. Hence, we recommend further testing.

The final code version has some lower severity findings were (partial) risks have been accepted (seeOpen Findings).

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Hedgehog Protocol

Hedgehog implements a hedging instrument for the change of the base fee on Ethereum mainnet. Hedgehog has forked Liquity v1 and adapted the smart contracts to implement the gas derivative used for hedging. This review was limited to the smart contract modifications applied by Hedgehog, under the assumption of Liquity's codebase being safe. However, it is important to acknowledge that any potential bug in Liquity could impact Hedgehog too.

"Hedgehog is an infrastructure for on-chain native derivatives, starting with Modular Synthetic Blockspace. Focusing on L2 rollups, validators, and AA paymasters, while providing trading opportunities for speculators and MEV searchers on speculating and hedging Basefee."

#Source

Working with Chainsecurity was a great experience. They were sharp, thorough, and easy to work with. Felt more like a partner than just an auditor, especially valuable given the complexity of Hedgehog Protocol and Synthetic Blockspaced.
Esko Koivula, CEO at Hedgehog Protocol

No Image Available
Enzyme
Smart Contract Audit - Enzyme Sulu Extensions XXIV - ChainSecurity
Enzyme Sulu Extensions XXIV
Enzyme Sulu Extensions XXIV

Summary

The most critical subjects covered in our audit are functional correctness, correct integration with the external system, and front-running. The general subjects covered are gas efficiency and access control.

Security regarding all the aforementioned subjects is high. The most notable issue Unpriced left tickets, resulting in computing incorrect position values, has been resolved.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Enzyme Sulu Extensions XXIV

Enzyme Foundation implements an upgrade for the Stakewise v3 external position to add support for newer versions of Stakewise v3 vaults while disabling the support for versions supported previously. Note that the upgrade is required due to breaking changes in Stakewise v3 that were not covered in the initial review of the Stakewise v3 external position.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)
No Image Available
K3 Capital
Smart Contract Audit - K3 sBOLD - ChainSecurity
K3 sBOLD
sBOLD

Summary

The most critical subjects covered in our audit are accounting correctness, reentrancies, and interactions with Stability Pools. In Version 3 , security regarding all the aforementioned subjects is high. The possibility of value extraction through self-liquidations has been mitigated. Issues regarding the interaction with Liquity V2 Stability pools that were present in Version 1 have been fully remediated. The logic in Liquity V2 Stability Pools has been modified between Version 2 and Version 3 of this codebase. A minor integration issue is introduced by the new Stability Pool logic (withdraw fail because stability pool cannot be emptied).

The general subjects covered are testing, price conversions, fees, and ERC-4626 compliance. Testing is improvable, a number of issues were uncovered that should have been found through testing. Incorrect price conversions, inconsistent handling of fees, and low ERC-4626 standard compliance have all been addressed and are now appropriate.

In summary, we find Version 3 provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About sBOLD

K3 Capital implements sBOLD, an ERC4626 vault that deposits BOLD into Liquity V2 stability pools, providing a tokenization and asset allocation layer on top of Liquity V2 Stability Pool deposits.

No Image Available
Intmax
Smart Contract Audit - Intmax 2 Smart Contracts - ChainSecurity
Intmax 2 Smart Contracts
Intmax 2 Smart Contracts

Summary

The most critical subjects covered in our audit are general liveness of the rollup, denial of services, and user assets safety. Security regarding all subjects is good.

The other general subjects covered are correct usage of Scroll Messenger, access control, and global interaction between the contracts. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

Given the small amount of tests in the codebase, we strongly recommend enhancing the testing suite as several issues found in the audit could have been caught by more extensive testing.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Intmax 2 Smart Contracts

Intmax implements a zk-rollup for private transfers. Liquidity is on/offboarded on Ethereum while the state of the rollup is managed on Scroll.

"INTMAX is an extremely scalable layer for Ethereum transfers that incorporates ethically sound privacy. It is a stateless zkRollup structure, theoretically achieving scalability similar to Plasma and Lightning Network, as envisioned in 2018. By distributing both data and computation costs across users’ devices, INTMAX inherits security from Ethereum while achieving scalability even greater than centralized financial systems using databases."

#Source

No Image Available
Liquity
Smart-Contract Audit - Liquity Bold - ChainSecurity
Liquity Bold Smart Contracts
Bold Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, rounding issues, and correctness of external integrations. The security regarding functional correctness is high, after issues in prior versions were resolved: Zappers can lose user funds. Security regarding rounding issues has been improved after the amount of share inflation was restricted, see Rounding in debt shares calculation can mint unbacked tokens. Security regarding external integrations is high, as issues with Balancer and Leverage Zapper have been resolved: BalancerFlashLoan missing access control and Leverage zappers do not return swap excess.

The general subjects covered are documentation, trustworthiness and code complexity. The project has very extensive documentation. The trustworthiness is high, as the system is designed to be immutable with limited trust assumptions. The system's contracts are very complex, which carries increased risk compared to simpler code.

In summary, we find that the core contracts provide a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Liquity Bold Smart Contracts

Liquity implements Liquity V2, a decentralized stablecoin system with user set interest rates, iterating on Liquity V1.

"Liquity V2 is a decentralized borrowing and stablecoin protocol that builds on the success of V1. It enhances it in several ways to offer the best borrowing experience, a highly resilient Ethereum-native stablecoin (BOLD), and sustainable on-chain yield."

#Source

We are very satisfied with ChainSecurity's expertise and thorough reports. It's a highly professional team that we would love to work with again.
Michael Svoboda, CEO @ Liquity AG

No Image Available
Liquity
Smart Contract Audit - Liquity V2 - Bold - ChainSecurity
Liquity V2 - Bold Smart Contracts
Liquity V2 - Bold Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, rounding issues, and correctness of external integrations. The security regarding functional correctness is high, after issues in prior versions were resolved: Zappers can lose user funds. Security regarding rounding issues has been improved after the amount of share inflation was restricted, see Rounding in debt shares calculation can mint unbacked tokens. Security regarding external integrations is high, as issues with Balancer and Leverage Zapper have been resolved: BalancerFlashLoan missing access control and Leverage zappers do not return swap excess.

The general subjects covered are documentation, trustworthiness and code complexity. The project has very extensive documentation. The trustworthiness is high, as the system is designed to be immutable with limited trust assumptions. The system's contracts are very complex, which carries increased risk compared to simpler code.

In summary, we find that the core contracts provide a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Liquity Bold Smart Contracts

Liquity implements Liquity V2, a decentralized stablecoin system with user set interest rates, iterating on Liquity V1.

"Liquity V2 is a decentralized borrowing and stablecoin protocol that builds on the success of V1. It enhances it in several ways to offer the best borrowing experience, a highly resilient Ethereum-native stablecoin (BOLD), and sustainable on-chain yield."

#Source

We are very satisfied with ChainSecurity's expertise and thorough reports. It's a highly professional team that we would love to work with again.
Michael Svoboda, CEO @ Liquity AG

No Image Available
Mellow
Smart Contract Audit - Mellow Multivault - ChainSecurity
Mellow Multivault Smart Contracts
Multivault Smart Contracts

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness, and frontrunning. The general subjects covered are upgradeability, unit testing, documentation, and trustworthiness. Note that testing is insufficient and that some of the uncovered issues could've been caught by testing.

The most notable findings are:

  • The Incorrect Valuation of ERC-4626 that leads to incorrect share prices potentially leading to a loss of funds.
  • An Escalation of Privileges that could allow addresses with low privileges to drain the protocol.
  • Architectural problems such as Pending Assets Become Claimed During Withdrawal and Insufficient Limitations for Strategies that could have led to DoS scenarios
  • Integration issues such as Operator Undelegations Are Not Accounted for that could've led to loss of funds.

All issues have been resolved through code corrections or specification change. Some lower severity issues have been acknowledged, and their risk has been accepted.

Additionally, please consult Notes, Assessment Overview and Trust Model and Roles for considerations that could be out of scope.

In summary, we find that the codebase provides a good but improvable level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Mellow Multivault Smart Contracts

Mellow Finance implements an upgrade to the previously audited vaults to support multiple LRTs at once as well as other ERC-4626 compliant protocols. The multivault architecture implements a modular integration framework by leveraging adapters for integrations and strategies for allocations. Given the delayed withdrawals for LRTs, specialized withdrawal queues have been implemented.

"Mellow LRT is an innovative liquid restaking primitive allowing permissionless creation of modular LRTs. Mellow offers a series of vault smart contracts tailored to different risk profiles, managed by LRT curators."

#Source:

Mellow Protocol has really complex contracts and codebase. Our team was very happy to work with Chainsecurity. We were impressed by the professionalism and depth of the smart contracts study by Chainsecurity. The team's versatile approach helped us improve our codebase's security and effectiveness and added confidence before our protocol launch.
Nick S, contributor @ Mellow Protocol
No Image Available
Polygon
Smart Contract Audit - Polygon Vault Bridge Token - ChainSecurity
Polygon Vault Bridge Token
Vault Bridge Token

Summary

The most critical subjects covered in our audit are functional correctness, accounting correctness, and the integration with external systems (Bridge and Morpho vaults).

Functional correctness is good, after missing conversions between asset amounts and share amounts have been fixed, see drainVault Cannot Withdraw All Assets and Missing Asset-Share Conversions in Vaults. Accounting correctness is good, as related issues have been fixed, see drainVault Locks Assets. Security regarding integration with external systems is high.

In summary, we find that the codebase provides a good level of security.The Notes section highlights behavior that users should be aware of.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Polygon Vault Bridge Token

Polygon implements an extension of the Unified Bridge (formerly LxLy Bridge) that enables the bridging of assets that have been deposited into an ERC-4626 yield-generating vault. Additionally, Polygon provides a Native Converter deployed on Layer Y that allows assets that were natively bridged (not via the VaultBridgeToken extension) to be converted to vault-bridged tokens, with the underlying token being bridged back to Layer X.

“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”

#Source

ChainSecurity holds a special place in my heart, only positive experiences with them and they always go above and beyond. During one of our audits, they actually found a bug in an OpenZeppelin contract we were using, 99% of auditors wouldn't bother looking there.
Gretzke.eth, Software Engineering Lead @ Polygon
No Image Available
UltraYield
Smart-Contract Audit - UltraYield - ChainSecurity
UltraYield Smart Contracts
UltraYield Smart Contracts

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness, and compliance with standards. After the review, security regarding all the aforementioned subjects is high. A critical issue leading to the free minting of shares was uncovered in the first review of the codebase and was addressed in the first round of fixes, see Shares can be minted for free. In Version 2 there was an issue regarding the initialization of the system, see Order of Deployment and Initialization.

The general subjects covered are code complexity, gas efficiency, trustworthiness, documentation and specification. Security regarding all the aforementioned subjects is generally good. No specifications were provided regarding management of the funds. Note the strong assumptions made in the TrustModel.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About UltraYield Smart Contracts

Ultra implements UltraVault, an ERC-7540 compliant, managed vault with asynchronous redemption.

"UltraYield is an onchain strategy curator working with top-tier protocols to bring depositor the highest yield possible on the market."

#Source

We are glad to have chosen Chainsecurity as the first auditor of our UltraYield vault contracts, the quality of the report and the depth of research are excellent. They've managed to find one corner case which could otherwise slip into the contracts, and in general - make the codebase cleaner and easier to maintain in the future.
UltraYield Team

No Image Available
Intmax
Intmax 2 ZKP Circuits Review by ChainSecurity
Intmax 2 ZKP Circuits
Intmax 2 ZKP Circuits

Summary

The most critical subjects covered in our audit of the circuits are soundness, completeness and zero-knowledge. Several critical issues have been uncovered including:

• Missing constraint on pubkey allows for double spending
• Incorrect exclusion proof circuit allows for double spending
• Multiple Valid Account Trees / Public States after applying the same block

The latest iteration covers refinements in the core circuits, refactored withdrawal circuits and the new claim circuits.

The reviewed code is well-structured and properly documented. Although testing has been continuously enhanced, a thorough stress test on a public testnet is recommended before mainnet launch due to the project’s cutting-edge nature. The circuits are part of Intmax 2, a system which consists of multiple interacting parts. The rollup is managed by a set of smart contracts which have been audited in the ChainSecurity Intmax 2 Smart Contract Audit Report.

In summary, we find that the current codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Intmax 2 ZKP Circuits

Intmax implements a zk-rollup for private transfers using zk proofs to prove state transitions and balances. Smart contracts on Scroll manage the rollup, while smart contracts on Ethereum handle liquidity on- and offboarding.

"INTMAX is an extremely scalable layer for Ethereum transfers that incorporates ethically sound privacy. It is a stateless zkRollup structure, theoretically achieving scalability similar to Plasma and Lightning Network, as envisioned in 2018. By distributing both data and computation costs across users’ devices, INTMAX inherits security from Ethereum while achieving scalability even greater than centralized financial systems using databases."

#Source

No Image Available
Sky (MakerDAO)
Smart contract audit - Chief Migration Smart Contracts -ChainSecurity
Sky Chief Migration Smart Contracts
Chief Migration Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, frontrunning resistance, and integration with other contracts of the system.

Security regarding all the aforementioned subjects is high. Note that the Chief migration requires strong coordination and adherence to timelines to minimize the risk of governance attacks at different migration phases, see Migration Considerations for more details.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky Chief Migration smart contracts

Sky offers deployment and initialization libraries to migrate the existing MCD_ADM (the legacy Chief withMKR as governance token) to a new Chief that uses SKY as governance token.

Sky implements a rate converter (Conv) to facilitate the conversion between rates per second and yearly rates in basis points (BPS).

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky

No Image Available
Sky (MakerDAO)
Smart contract audit - Lockstake Smart Contracts - ChainSecurity
Sky Lockstake Smart Contracts
Lockstake Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, access control and integration with other contracts of the system. The general subjects covered are specification, complexity and unit testing. For the Lockstake implementation, Security regarding all the aforementioned subjects is high.

Before the Governance initializes the Lockstake instance the deployed contracts must be validated carefully. Please refer to note Deployment verification for more details.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Lockstake Smart Contracts

Sky implements a staking framework that allows borrowing against governance tokens as collateral while retaining the ability to delegate their voting power and simultaneously allowing these tokens to be staked to earn yield.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky

No Image Available
Sky (MakerDAO)
Smart Contract Audit - Sky DSS Emergency Spells - ChainSecurity
Sky DSS Emergency Spells
DSS Emergency Spells

Summary

The most critical subject covered in our audit is functional correctness. After the intermediate report, all findings have been resolved, hence security regarding functional correctness is high.

The general subjects covered are trustworthiness and documentation. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky DSS Emergency Spells

Sky implements DssEmergencySpells, a set of pre-defined emergency spells that bypass the governance delay defined in DSPause to enable prompt governance actions if necessary.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky
No Image Available
Vyper
Limited Review - Vyper Compiler 0.4.2 Pull Requests - ChainSecurity
LIMITED REVIEW: Vyper Compiler 0.4.2 Pull Requests
Vyper Compiler 0.4.2 Pull Requests

Summary

Limited code reviews are best-effort checks and don't provide assurance comparable to non-limited code assessments or audits. Due to time and scope constraints, they are not exhaustive.

The most critical subjects covered in our review are the non-reentrancy by default option and the raw_create builtin. Security regarding all the aforementioned subjects is high. Moreover, we found that allowing users to turn on the non-reentrancy by default option is a good security measure that benefits language users greatly.

Other general subjects covered include enabling bitwise operators for bytesM, extending as_wei_value to all numeric types, refactoring decorator and pragma parsing as well as other smaller pull requests. Security regarding all the aforementioned subjects is also high.

It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Vyper Compiler 0.4.2 Pull Requests

This limited review was conducted by one engineer over one week and focused on multiple pull requests of the to-be-released version 0.4.2 of the Vyper compiler.

“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”

#Source

No Image Available
Sky (MakerDAO)
Smart contract audit - Sky VoteDelegate Smart Contracts - ChainSecurity
Sky VoteDelegate Smart Contracts
Sky VoteDelegate Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, asset solvency and integration into the system. Security regarding all the aforementioned subjects is high.

The general subjects covered are usability and access control. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky VoteDelegate Smart Contracts

VoteDelegate implements a vote delegation system allowing governance token holders to delegate their voting power to delegates.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky

No Image Available
WBTC
Smart contract audit - WBTC Solana Bridge - ChainSecurity
WBTC Solana Bridge
WBTC Solana Bridge

Summary

The most critical subjects covered in our audit are correctness of the minting and burning flow, the implementation of the access control, and the sanitization of the data accounts. Security regarding all the aforementioned subjects is high. Only minor issues have been uncovered which have been addressed.

The general subjects covered are compute unit efficiency of the implementation, the documentation and specification, and testing. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About WBTC Solana Briddge implements a system that allows for minting and burning WBTC on Solana.

WBTC implements a system that allows for minting and burning wBTC on Solana.

"Wrapped Bitcoin (WBTC) unlocks the power of Bitcoin on various blockchains such as Ethereum and Solana, offering interoperability for DeFi use cases."

#Source

ChainSecurity has been a trusted audit partner which contributes to the robustness and security of WBTC’s smart contracts. Their thorough audits and clear communication have given our team - and the ecosystem - confidence in every deployment.
WBTC Team

No Image Available
Sky (MakerDAO)
Smart Contract Audit - Sky Protego Smart Contracts - ChainSecurity
Sky Protego Smart Contracts
Protego Smart Contracts

Summary

The most critical subject covered in our audit is functional correctness. The general subjects covered are trustworthiness and documentation. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Protego Smart Contracts

Sky implements Protego, a framework for standardizing the deployment of Emergency Spells that drop proposals queued for execution.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky
No Image Available
Gearbox
Smart contract audit - Gearbox Permissionless Smart Contracts - ChainSecurity
Gearbox Permissionless Smart Contracts
Gearbox Permissionless Smart Contracts

Summary

The most critical subjects covered in our audit are the correct instantiation of all system components, the migration logic of the legacy system, and the upgradeability, configurability, and liveness of the system. In the current implementation, neither the current system (Shutting down a market configurator) nor the legacy system can be fully configured (Legacy CreditManager cannot be fully configured). The migration of the legacy system is underspecified as it's not known which components of the legacy system will immediately be upgraded to newer versions. Moreover, the liveness of the system can be harmed in some cases (Reverting proposals lock cross-chain governance). Finally, upgrading some components of the system is not possible (Factory migration will fail).

The general subjects covered are functional correctness, gas consumption, testing, and documentation and specification. Testing was very limited in the first iteration of the report. This led to a substantial number of functional correctness issues (Timelock transactions can be executed before the ETA) that could have been prevented. Testing was significantly improved in subsequent versions. Some of the operations executed by Governance have very high gas requirements. Documentation is sufficient. However, some parts are underspecified (Signatures On Different Chains).

In summary, we find that the system provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Gearbox Permissionless Smart Contracts

Gearbox implements a new governance system which aims to enable different risk curators to run their own gearbox markets. The new system allows the migration of the legacy system into the new system.

“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.

The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”


#Source

ChainSecurity has been an invaluable partner for us since the initial version of Gearbox. Their team pays close attention to every detail, prioritizing quality over quantity by carefully selecting the best auditors. This ongoing collaboration has transformed them into true partners in our journey, helping us develop the protocol safely.
0xMikko, Inventor of Gearbox Protocol

No Image Available
Symbiotic
Smart Contract Audit - Symbiotic Default Rewards - ChainSecurity
Symbiotic Default Rewards
Symbiotic Default Rewards

Summary

The most critical subjects covered in our audit are asset solvency, function correctness and access control. The general subjects covered are specification and trustworthiness.

The most notable issue uncovered is the possibility of Stealing Operator Rewards. The finding has been addressed through code correction.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Symbiotic Default Rewards

Symbiotic provides default contracts for standardizing the distribution of rewards to operators and stakers.

Reliable and predictably great quality of analysis maintained for years and years now. As close as you can get to “set and forget” with audits.
Misha Putiatin, Co-Founder Symbiotic
No Image Available
Enzyme
Smart contract audit - Enzyme Sulu Extensions XXIII - ChainSecurity
Sulu Extensions XXIII
Enzyme Sulu Extensions XXIII

Summary

Enzyme Foundation implements an external position for writing call and put options in Myso V3.

The most critical subjects covered in our audit are functional correctness and integration with Myso V3. The general subjects covered are specification, trustworthiness, error handling, and documentation.

In summary, we find that the codebase provides a high level of security. Furthermore, important consideration are outlined in the sections Notes and in Trust Model.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.


About Enzyme Sulu Extensions XXIII

Enzyme Foundation implements an external position for writing call and put options in Myso V3.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)
No Image Available
dEuro
Smart contract audit - dEURO Smart Contracts - ChainSecurity
dEURO Smart Contracts
dEURO Smart Contracts

Summary

The smart contracts are forked from Frankencoin v2024, which we previously audited. This review was limited to the changes applied by dEURO, under the assumption that the Frankencoin codebase does not contain any vulnerabilities.

The most critical subjects covered in our audit are asset solvency, functional correctness and accounting correctness. Security regarding asset solvency was improved, see Interest Accrual Can Lead to Under-Collateralization. Security regarding functional correctness was improved, see Auctions May Never End. Accounting correctness is improvable, see Challengers must calculate virtualPrice themselves.

In summary, we find that the codebase currently provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About dEURO Smart Contracts

dEURO implements a decentralized protocol to issue dEURO on-chain, a stablecoin that is pegged to theEuro. Each dEURO minted is backed either by collateral assets or other trusted stablecoins pegged to the EURO.

We chose Chainsecurity to audit dEURO because they had already worked on Frankencoin and understood the protocol inside out. That background, combined with their reputation for top-tier audits, made them the obvious choice. The process was smooth, the findings were clear and helpful, and we were glad to share the results with our community.
Patrick Larsen-Ledet, Lead Developer at dEURO Association

No Image Available
SparkDAO
Smart Contract Audit - Spark ALM Controller - ChainSecurity
Spark ALM Controller
Spark ALM Controller

Summary

The most critical subjects covered in our audit are functional correctness, access control, and the integration with CCTP. The general subjects covered are gas efficiency, documentation and composability. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Spark ALM Controller

SparkDAO implements the Spark ALM Controller, a suite of contracts of the Spark Liquidity Layer designed to manage and control the flow of liquidity originating from DSS Allocator.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
Euler
Smart Contract Audit - EulerSwap - ChainSecurity
EulerSwap
EulerSwap

Summary

The most critical subjects covered in our audit are functional correctness, precision of arithmetic operations, and front-running. Security regarding all the aforementioned subjects is good but improvable, see Unaccounted roundings when depositing and withdrawing and Balance of Euler account counted twice in calcLimits(). Notice that Euler decided not to fix some of the issues for the time being; these issues have been marked Acknowledged .

The general subjects covered are code complexity, gas efficiency, and trust relationships. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a good level of security, which could be improved if all the outstanding issues were to be addressed.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About EulerSwap

Euler implements EulerSwap, an AMM that uses a custom bonding curve, and enhances its liquidity by borrowing additional funds from Euler vaults.

ChainSecurity delivered an exceptional audit for our project. Their meticulous approach and quick responsiveness enhanced our security and provided crucial insights. We greatly appreciate their dedication and excellent communication throughout the process.
Erik Arfvidson, Head of Cybersecurity, Euler Finance

No Image Available
Gearbox
Smart contract audit - Gearbox Core & Oracles V3.10 - ChainSecurity
Gearbox Core & Oracles V3.10
Gearbox Core & Oracles V3.10

Summary

The most critical subjects covered in our audit are the correctness and potential regressions of the refactored code, the correctness of partial liquidations and the new Tumbler rate keeper. Security regarding all the aforementioned subjects is high.

The general subjects covered are gas efficiency, testing, documentation and specification. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Gearbox Core & Oracles V3.10

Gearbox implements V3.10 of the Core protocol and the oracles. The new version aims to make the system compatible with the new governance module. Moreover, it adds partial liquidations.

“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.

The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”


#Source

ChainSecurity has been an invaluable partner for us since the initial version of Gearbox. Their team pays close attention to every detail, prioritizing quality over quantity by carefully selecting the best auditors. This ongoing collaboration has transformed them into true partners in our journey, helping us develop the protocol safely.
0xMikko, Inventor of Gearbox Protocol

No Image Available
Sky (MakerDAO)
Smart contract audit - Sky SP-BEAM Module - ChainSecurity
Sky SP-BEAM Module
Sky SP-BEAM Module

Summary

The most critical subjects covered in our audit are functional correctness, access control, and integration with the existing contracts. The general subjects covered are documentation, trustworthiness, and unit testing.

Security regarding all aforementioned subjects is high. However, it is improvable due to potential escalation of privileges as outlined in Bypassing step-size and DoSing ilk initializations.

In summary, we find that the codebase provides a good but improvable level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky SP-BEAM Module

Sky implements SP-BEAM, a module enabling permissioned actors to make direct changes to stability and savings rates.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky
No Image Available
Sky (MakerDAO)
Smart contract audit - Chief Smart Contracts - ChainSecurity
Sky Chief Smart Contracts
Chief Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, front-running, and suitability for Sky's governance. The general subjects covered are trustworthiness and gas efficiency.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky Chief smart contracts

Sky implements a continuous approval voting system introducing SKY as the governance token while simplifying the previous version.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky

No Image Available
Sky (MakerDAO)
Smart contract audit - Sky Rates Converter - ChainSecurity
Sky Rates Converter
Sky Rates Converter

Summary

The most critical subjects covered in our audit are functional correctness. The general subjects covered are documentation, specifications and gas efficiency.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky Rates Converter

Sky implements a rate converter (Conv) to facilitate the conversion between rates per second and yearly rates in basis points (BPS).

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky

No Image Available
Fume Finance
Limited Review - Fume Finance - ChainSecurity
Limited Review: Fume Finance smart contracts
Limited Review: Fume Finance smart contracts

Summary

The most critical subjects covered in our audit are functional correctness, access control, precision of arithmetic operations.

Access control is working as expected.

Several issues with the correct handling of investment stages have been found in previous versions of this report. Furthermore, depending on the chosen base currency of a fund, the contracts were exposed to a certain degree of Precision loss. These problems have been mitigated.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Fume Finance smart contracts

Fume implements an on-chain administration platform for funds. Investments into such funds can be handled either off-chain or on-chain.

"Founded in 2023 and headquartered in Ticino, Switzerland, Fume was created to revolutionize the way investment funds are managed. The Fume platform is designed to support a wide range of assets, including digital tokens, stocks, real estate, and commodities, making it an attractive solution for both traditional and digital fund managers. Built by a team with deep expertise in blockchain, finance, and law, with the backing of a fintech VC, a family office, and established asset managers."

#Source

No Image Available
OpenEden
Smart Contract Audit - OpenEden USDOExpress - ChainSecurity
OpenEden USDOExpress
USDO Express

Summary

We did not find severe issues. However, multiple minor issues related to fees were raised (see Missing Slippage Protection, Fee Can Be Avoided on Small Amounts and Repeated Fees) and the deposit limits are ineffective as described in Ineffective First Deposit Limit. All issues where addressed.

In summary, we find that the codebase provides a high level of security. Yet, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDO & USDOExpress

OpenEden implements a USD stablecoin called USDO and a wrapper contract (acting as a vault) for it called cUSDO. The stablecoin will be backed by yield-earning U.S. treasury bills. USDOExpress adds instant mint and redeem functionality to the existing USDO token.

ChainSecurity demonstrated professionalism and thoroughness in their security assessment of our smart contract. Their meticulous and rigorous approach ensured a comprehensive audit process that validates the integrity and robustness of our codebase.

Duke Du, CTO of OpenEden

No Image Available
OpenEden
Smart Contract Audit - OpenEden USDO - ChainSecurity
OpenEden USDO
USDO

Summary

We did not find any critical issues in the codebase. Yet, we recommended testing cUSDO deposits, transfers and withdrawals with intermediate multiplier changes in USDO very carefully. All raised issues were addressed accordingly.

In summary, we find that the codebase provides a high level of security as most critical operations are access-controlled and should have additional off-chain procedures to ensure the security of the system. However, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDO

OpenEden implements a USD stablecoin called USDO and a wrapper contract (acting as a vault) for it called cUSDO. The stablecoin will be backed by yield-earning U.S. treasury bills.

No Image Available
SparkDAO
Smart Contract Audit
SparkRewards smart contracts
SparkRewards smart contracts

Summary

The most critical subjects covered in our audit are functional correctness, access control and merkle proof verification. Security regarding all the aforementioned subjects is high.

The general subjects covered are gas efficiency and proper documentation. In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About SparkRewards

Spark implements the SparkRewards smart contract to distribute ERC-20 tokens based on a Merkle tree root and epochs.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
Sky (MakerDAO)
Smart Contract Audit - Sky DSS Blow2 - ChainSecurity
Sky DSS Blow2
Sky DSS Blow2

Summary

The most critical subject covered in our audit is functional correctness.

The general subjects covered are event handling, documentation, and gas efficiency.

Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sky DSS Blow2

Sky implements Dss Blow2, a contract to facilitate the returning of Dai and USDS to the Sky Protocol as system surplus.

“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

#Source

ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky


No Image Available
Curve
Curve Stablecoin smart contract audit by ChainSecurity
Curve Stablecoin Security Audit
Curve Stablecoin Security Audit

Summary

All high severity findings were resolved. Some new medium severity issues were identified in the latest review of the codebase. There are still many low severity issues open, and given a stable codebase and more time, likely many more could be found, due to the complexity of the codebase. However, assuming the more severe issues are addressed, they should be mostly benign.

In summary, we find that the codebase provides a good level of security.

The contracts are complex and have even more complex dependencies. We did not review the economic soundness of the contracts nor is it possible to find all the edge cases in this system.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Curve Stablecoin

Curve implements a new stablecoin that is based on different mechanics to keep it stable and manage the loans.

“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.

Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”

#Source

We appreciate ChainSecurity for very deep and thoughtful analysis!
Michael Egorov, CEO @ Curve Finance
No Image Available
Yelay
Smart Contract Audit - Yelay Lite - ChainSecurity
Yelay Lite smart contracts
Yelay Lite smart contracts

Summary

The code is well structured and implements an upgrade architecture similar to the diamond proxy upgrade pattern. The most critical subjects covered in our audit are functional correctness and arithmetic correctness. The most severe issues is an incorrectly calculated redeem (Incomplete fund transfer when withdrawing) and a double counted balance when swapping (double-counting in swap). All issues were addressed and resolved if necessary. We advised to increase the test suite as the issues could have been caught by e.g., testing redeems with strategies that partially fulfill the request.

The team was always very responsive and was clarifying all questions quickly and professionally. In summary, we find that the current codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Yelay Lite smart contracts

Yelay implements a dedicated vault system that directs all yield into a yield extractor. Users will be rewarded outside of the protocol from the respective clients. The vault is for approved projects only.

Working with ChainSecurity was a great experience due to their pragmatic approach. Unbiased and thorough, the team genuinely strives to understand the business case behind the smart contracts. While meticulously highlighting all potential security risks, they always keep the business objectives in focus
Konstantin Samarin, Solidity Developer at Yelay

No Image Available
Uniswap Foundation
Smart Contract Audit - Uniswap Franchiser Expiry - ChainSecurity
Uniswap Franchiser Expiry
Uniswap Franchiser Expiry

Summary

The most critical subjects covered in our audit are asset solvency and front-running resistance. Security regarding all the aforementioned subjects is high.

The general subjects covered are gas efficiency, code complexity, and documentation. The robustness regarding all the aforementioned subjects is satisfactory but can be improved, see Redundant checks in...Many() functions and Inaccurate NatSpec. Furthermore, this report contains notes highlighting considerations to prevent unexpected behavior during operation.

In summary, we find that the codebase provides a high level of security. No issues were identified that would pose a significant risk to the system.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Uniswap Franchiser Expiry

Uniswap Foundation's Franchiser system enables multi-level delegation of UNI tokens' voting power. This latest version introduces support for expirations with permissionless recall of funds to the original owner after expiry.

"The Uniswap Foundation is dedicated to building a self-sustaining community that contributes to the future growth of the Uniswap Protocol. We have strategically designed our grants program to create a long-lasting ecosystem made up of developers, researchers, and governance contributors. We strive to create shared ownership for our entire community and work with them to define the future of DeFi’s most important protocol."

#Source

No Image Available
Unstoppable
Smart Contract Audit - Unstoppable Wallet - Chainsecurity
Unstoppable Wallet
Unstoppable Wallet

Summary

The most critical subjects covered in our audit are the safety of the funds, the security of the ownership recovery mechanisms and their resistance against malicious actors, the signature validation, and the correct configuration of the wallet. Our most important findings concerned the different recovery mechanisms of the wallet, as described in the issues Ownership transfer race conditions and Social recovery with less than minConfirmations possible. All the issues have been addressed by Unstoppable and security regarding the afore mentioned areas is high.

The general subjects covered are interactions with other addresses, access control, and gas efficiency. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase could provide a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Unstoppable Wallet

Unstoppable implements a smart contract wallet that supports authentication via WebAuthn, and enables ownership transfers via an inheritance, and a social recovery mechanism.

"Unstoppable is on a mission to render centralized platforms obsolete by providing a comprehensive permissionless alternative for every CEX feature."

#Source

No Image Available
USDT0
Smart Contract Audit - USDT0 Arbitrum v2 - ChainSecurity
USDT0 Arbitrum v2
USDT0 Arbitrum v2

Summary

The most critical subjects covered in our audit are functional correctness, access control, and upgradeability. No significant vulnerabilities were identified during this review, therefore security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDT0 Arbitrum v2

In this project, the second version of the Arbitrum Extension of the TetherToken is implemented. This version of the token migrates the bridging functionalities from the Arbitrum Bridge to LayerZero.

Working with ChainSecurity has been an exceptional experience. Their prompt response times, deep technical expertise, and seamless workflow demonstrate their professionalism and dedication to excellence. We are thrilled to partner with them and look forward to collaborating on future projects.
Lorenzo Romagnoli, USDT0

No Image Available
Decentralized USD (USDD)
Smart Contract Audit - USDD V2 Smart Contracts - ChainSecurity
USDD V2 Smart Contracts
USDD V2 Smart Contracts

Summary

Our review focuses exclusively on code security issues introduced by the changes against the forked codebase. The review does not cover any economic risks. Any errors made by privileged users of the system, including those due to misunderstanding the intricacies and caveats of the forked code base, are out of scope.

The most critical subjects covered in our audit are asset solvency, functional correctness, and access control. Security regarding asset solvency is high.

In the latest version of the codebase:

  • Functional correctness has been improved since Incorrect Bar Mechanism in Median and Missing Decimal Upscaling in TRXJoin were resolved.
  • Access control has been improved since Access to DSPauseProxy Is Not Restricted to DSPause and GovActionsProxy Will Lose Control Over DSPause if It Changes Delay to Nonzero were resolved.
  • In addition, Denial of Service in Median Due to Revert on Invalid Price was partially corrected and the risk of Governance Delay is Currently Disabled was accepted. Hence active monitoring is required to ensure the oracle and governance work correctly.

The general subjects covered are event handling, specifications, and precision of arithmetic operations, which are further improvable, see Events Are Improvable, Incorrect Specifications, and Loss of Precision in Price Calculation Due to Scaling Logic.

In summary, we find that the codebase provides a satisfactory level of security.

Continuing to allocate sufficient time for more extensive internal QA would further increase the security level of the codebase.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDD V2 Smart Contracts

Decentralized USD implements USDD V2, a fork of the MakerDAO Protocol (now Sky) on the Tronblockchain. It enables users to mint USDD stablecoin using various collaterals.

No Image Available
Decentralized USD (USDD)
Smart Contract Audit - Decentralized USD PSM Smart Contracts - ChainSecurity
USDD PSM Smart Contracts
USDD PSM Smart Contracts

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness, and access control. The reported issue Incorrect USDT Address has been resolved, hence security regarding all the aforementioned subjects is high.

The general subjects covered are gas optimizations and specification. Security regarding both subjects is high.

In summary, we find that the codebase provides an good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Decentralized USD PSM Smart Contracts

Decentralized USD implements a Peg Stability module (PSM) for USDD V2. The PSM is a system designed to help maintain the peg of USDD by enabling the direct exchange of USDD for supported stablecoins (and vice versa) at a fixed exchange rate of 1:1.

No Image Available
Decentralized USD (USDD)
Smart Contract Audit - USDD Exchange Smart Contracts - ChainSecurity
USDD Exchange Smart Contracts
USDD Exchange Smart Contracts

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness, and access control.

The general subjects covered are gas optimizations and specifications.

Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDD Exchange Smart Contracts

Decentralized USD implements an USDD Exchange contract which facilitates the one way exchange from the old TRC-20 USDD token to the new USDD token with a 1:1 exchange rate.

No Image Available
SparkDAO
Smart Contract Audit - Spark Vaults - ChainSecurity
Spark Vaults
Spark Vaults

Summary

The most critical subjects covered in our audit are functional correctness, security of the vault's assets, and the proxy/upgradabilitiy pattern. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Spark Vaults

SparkDAO implements an ERC-4626 USDC Vault wrapping interactions with the PSM and SavingsUSDS allowing users to deposit USDC and earn yield from the Sky savings rate.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
Mellow
Smart Contract Audit - Mellow Symbiotic Vault - ChainSecurity
Mellow Symbiotic Vault Smart Contracts
Mellow Symbiotic Vault Smart Contracts

Summary

The most critical subjects covered in our audit are function correctness, access control and integration with Symbiotic. The general subjects covered are gas efficiency, documentation and upgradeability. Security regarding the aforementioned subjects is good but improvable.

The most notable issues found were:

  • Broken Queue Accounting
  • Withdrawal Request Claiming Manipulation
  • Bank Run on Excess Funds in Vault Prior to Slashing Event
  • Migration can be DoSed

Note that the first two issues have been resolved through code correction. For the third and the fourth item, the risk has been accepted. Note that some other issues have been only partially corrected or their risk has been accepted.

Further, we provide some considerations for migration in Migration Considerations. See also the Notes for other considerations.

In summary, we find that the codebase provides a good but improvable level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Mellow Symbiotic Vaults

Mellow Finance implements simple LRTs to tokenize deposits in Symbiotic.

"Mellow LRT is an innovative liquid restaking primitive allowing permissionless creation of modular LRTs. Mellow offers a series of vault smart contracts tailored to different risk profiles, managed by LRT curators."

#Source:

Mellow Protocol has really complex contracts and codebase. Our team was very happy to work with Chainsecurity. We were impressed by the professionalism and depth of the smart contracts study by Chainsecurity. The team's versatile approach helped us improve our codebase's security and effectiveness and added confidence before our protocol launch.
Nick S, contributor @ Mellow Protocol

No Image Available
Liquity
Smart Contract Audit - Liquity V2 - Voting Smart Contracts
Liquity V2 - Voting Smart Contracts
Liquity V2 - Voting Smart Contracts

Summary

The most critical subjects covered in our audit are precision of arithmetic operations, asset solvency, invariant preservation, functional correctness, and front-running. Several issues of high and critical severity issues were identified in the first two iterations of the codebase, see Resolved Findings. The Governance contract was refactored in Version 3 to mitigate the reported issues by changing the core accounting and placing new restrictions on user operations (always reset all votes before new allocations).

In summary, we find that the codebase provides a satisfactory level of security. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Liquity V2 - Voting Smart Contracts

Liquity implements Liquity V2, a decentralized stablecoin system with user set interest rates, iterating on Liquity V1. For more information, see our audit report for Liquity V2 - Bold Smart Contracts.

Liquity V2 implements a voting contract that distributes the incoming revenues based on the votes from users that have a stake in the system. A set of contracts are also provided to simplify the development of smart contracts that serve as proposals in the voting, known as initiatives.

We are very satisfied with ChainSecurity's expertise and thorough reports. It's a highly professional team that we would love to work with again.
Michael Svoboda, CEO @ Liquity AG

No Image Available
SparkDAO
Smart Contract Audit - XChain SSR Oracle - ChainSecurity
SparkDAO XChain SSR Oracle
XChain SSR Oracle

Summary

The most critical subjects covered in our audit are functional correctness, access control and message passing.

The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About SparkDAO XChain SSR Oracle

SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
USDT0
Smart Contract Audit - USDT0 smart contracts - ChainSecurity
USDT0 smart contracts
USDT0

Summary

The most critical subjects covered in our audit are asset solvency, cross-contract interaction and access control. Security regarding all aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security. Discovered low-severity issues do not pose an immediate treat and can only be triggered by human error. They were addressed in Version 2 of the code; however redeployment was considered unwarranted. If bugs ever trigger, they can be mitigated by upgrading the system.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDT0 smart contracts

USDT0 offers a set of smart contracts that implement the Omnichain extension for USDT. These smart contracts rely on LayerZero's provided Omnichain Fungible Token (OFT) infrastructure to facilitate bridging functionalities to other chains.

Working with ChainSecurity has been an exceptional experience. Their prompt response times, deep technical expertise, and seamless workflow demonstrate their professionalism and dedication to excellence. We are thrilled to partner with them and look forward to collaborating on future projects.
Lorenzo Romagnoli, USDT0

No Image Available
Velodrome Finance
Smart Contract Audit - Velodrome Epoch Governor - ChainSecurity
Velodrome Epoch Governor
Velodrome Epoch Governor

Summary

The most critical subjects covered in our audit are proposal execution correctness, proposal sanitization during creation, and signature handling. Issues reported in the first version of the code were satisfactorily addressed. Security regarding all aforementioned topics is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Velodrome Epoch Governor

Velodrome implements two governance mechanisms to direct the emission rate of the VELO token. The SimpleEpochGovernor allows a trusted EOA or MultiSig to change the emission rate, and the EpochGovernor implements a system where stakers of VELO in the Velodrome protocol can vote on how to change the emission rate.

"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

#Source

With a tight schedule and an important release on the line, ChainSecurity exceeded our expectations, assembling multiple internal teams and delivering a thorough, accurate report that kept us on budget and on time. We couldn’t be happier or more confident working with their team..
Velodrome Contributors

No Image Available
Velodrome Finance
Smart Contract Audit - Velodrome Slipstream Dynamic Fee - ChainSecurity
Velodrome Slipstream Dynamic Fee
Velodrome Slipstream Dynamic Fee

Summary

The most critical subjects covered in our audit are soundness of the design, safety of arithmetics, and integration with concentrated liquidity oracles. Security regarding all aforementioned subjects is high.

In summary, we find that the codebase has a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Slipstream Dynamic Fee

Velodrome implements the Slipstream Dynamic Fee module. A fee module that integrates with the Slipstream Concentrated Liquidity AMMs to provide the pools with dynamic fees which depend on market volatility.

"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

#Source

With a tight schedule and an important release on the line, ChainSecurity exceeded our expectations, assembling multiple internal teams and delivering a thorough, accurate report that kept us on budget and on time. We couldn’t be happier or more confident working with their team..
Velodrome Contributors

No Image Available
Intmax
Intmax Plonky2 BN254 & Keccak256
Intmax - Plonky2 BN254 & Keccak256
Intmax Plonky2 BN254 & Keccak256

Intmax implements two specialized libraries for use in Intmax2 ZKP: Plonky2 BN254 for scalar multiplication on the bn254 curve with additional utility functions and Plonky2 Keccak, a circuit gadget that calculates keccak256 hashes compatible with Solidity.

The most critical subjects covered in our audit are soundness and completeness. Before the intermediate report, several missing constraints allowed proving arbitrary statements:

• Padding Filter Allows Bypassing STARK Constraints

• Missing Constraints for Some starting values of STARKs

For details and further issues, please refer to the detailed issue description in the report. No issues were uncovered in Plonky2 Keccak.

After the intermediate report all issues have been resolved. In summary, we find that the Plonky2 Keccak256 and Plonky2 BN254 codebases provide a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

No Image Available
Arrakis
Smart Contract Audit - Arrakis Uniswap V4 Module - ChainSecurity
Arrakis Uniswap V4 Module
Arrakis Uniswap V4 Module

Summary

The most critical subjects covered in our audit are functional correctness, integration with Arrakis Modular and external systems, asset solvency and precision of arithmetic operations. The general subjects covered are specification, gas efficiency, and trustworthiness.

The most significant findings are:


• Array manipulation during iteration
• Bad rounding
• Manager fee collected multiple times
• Token allowance abuse during module change

The first three items have been corrected through code corrections while the risk for the last one has been accepted. Note that other lower severity issues have been partially corrected or acknowledged.

It is also worth noting that the project is subject to certain roles that are not fully trusted and can, theoretically, extract small parts of the liquidity in discrete timer intervals. See Possibilities of executors to drain funds for details.

In summary, we find that the codebase provides a good level of security, although it depends on the correct usage by trusted accounts.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Arrakis Uniswap V4 Module

Arrakis Finance implements modules integrating with Uniswap V4 for Arrakis Modular. That allows managers to manage a vault's liquidity on Uniswap V4.

"Arrakis is web3's trustless market making infrastructure protocol that enables running sophisticated algorithmic strategies on Uniswap V3. Liquidity providers can utilize Arrakis Vaults to have their liquidity be managed in an automated, capital efficient, non-custodial and transparent manner."

#Source

No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO DSS Vest - ChainSecurity
MakerDAO DSS Vest
MakerDAO DSS Vest

Summary

The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO DSS Vest

Client implements DssVest, an abstract contract for creating vesting plans, with concrete implementations defining payout methods (mintable, transferable, suckable). In this latest version, DssVestSuckable has been refactored to support USDS.

No Image Available
MakerDao (Sky)
MakerDAO Endgame Toolkit Deployment Scripts smart contract audit by ChainSecurity
MakerDAO Endgame Toolkit Deployment Scripts Security Audit
MakerDAO Endgame Toolkit Deployment Scripts Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.

In a production setting, Deployment verification is strongly recommended.

While Foundry does not atomically perform deployment, no frontrunning possibilities have been found.

The current state of the deployment and initialization scripts shows a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO - Endgame Toolkit Deployment Scripts

MakerDAO implements a toolkit for SubDAO governance including a governance token, a proxy contract for governance spell execution and a reward farming contract. This audit report reviews the security and correctness of the corresponding deployment scripts.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
MakerDao (Sky)
MakerDAO SparkLend Advanced smart contract audit by ChainSecurity
MakerDAO SparkLend Advanced Security Audit
MakerDAO SparkLend Advanced Security Audit

Summary

The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. Security regarding all the aforementioned subjects is high. After the intermediate report all issues have been resolved.

The general subjects covered are specification, gas efficiency, and trustworthiness. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About MakerDAO Sparklend advanced

MakerDAO implements two new price oracles that can be used within the SparkLend protocol, one has a fixed price and the other has a capped price. In the extended scope, two interest rate strategies have been added. One sets the base rate using a rate source, while the other targets a specific rate at optimal utilization.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
Curve
Smart Contract Audit - Curve scrvUSD - ChainSecurity
Curve scrvUSD
Curve scrvUSD

Summary

Throughout the engagement, the communication and cooperation with the Curve and Yearn teams were excellent. The Curve team was responsive and provided the necessary information to conduct the audit efficiently. Besides the audit we also supported the Curve team with questions and feedback on the codebase.

The general subjects covered were proper use of Yearn vault, access control, and correct accounting.Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security. Yet, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Curve scrvUSD

Curve adopted Yearn's vault to distribute rewards to crvUSD holders that deposit their tokens in the vault. The rewards' origin from fees generated by Curve's stablecoin system. If the vault registers a profit, the profit is paid to the users over time by issuing shares to the vault backed by the profit and burning these shares over time.

Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”

#Source

We appreciate ChainSecurity for their very deep and thoughtful analysis!
Michael Egorov, CEO @ Curve Finance
No Image Available
Kernel
Smart Contract Audit - Kernel Smart Contracts - ChainSecurity
Kernel Smart Contracts
Kernel Smart Contracts

Summary

The most critical subjects covered in our audit are integration with external protocols, DoS possibilities and functional correctness. The general subjects covered are upgradeability, gas efficiency and event emissions.

The most significant findings Broken clisBNB withdrawals and DoS by Donation have been corrected through code correction.

In summary, we find that the codebase provides a good level of security.

Moreover, we would like to highlight that it is necessary to make the assumptions described in Integration with Lista DAO to reliably integrate with the Lista DAO protocol. Failure to meet these assumptions could put Kernel user funds at risk.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Kernel Smart Contracts

Kernel DAO provides a token staking system that manages user assets within designated vaults. The contracts are upgradeable and form the basis for the development of a restaking protocol that KernelDAO ultimately plans to implement.

"Kernel is a premier restaking protocol maximizing staked assets' potential."

#Source

ChainSecurity set the gold standard with their meticulous and professional approach to auditing Kernel. Their in-depth analysis and unwavering attention to detail ensured every facet of our protocol was scrutinized and fortified. This audit is a testament to our shared commitment to top-tier security, solidifying Kernel’s standing as a reliable force in the industry. Kudos to the ChainSecurity team for their stellar work!
Dheeraj Borra, Founder
No Image Available
Frankencoin
Smart Contract Audit - Frankencoin v2024 - ChainSecurity
Frankencoin v2024
Frankencoin v2024

Summary

The most critical subjects covered in our audit are functional correctness and accounting correctness.

Functional correctness has been improved, as the new liquidation mechanism could interfere with the existing one, see buyExpiredCollateral Can Disincentivize Challenging. Additionally, the minimum collateral requirement for positions was not enforced, see Minimum Collateral Can Be Partially Withdrawn. Accounting correctness was improvable, as bad debt was not accounted correctly, see forceSale Does Not Account for Bad Debt.

The general subjects covered are specification and trust model. Specification is improvable, as the only specification provided was in the form of code comments. Security regarding the trust model is high, as the system still relies on the same trust model as the original Frankencoin contracts, with no additional trusted roles.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Frankencoin v2024

Frankencoin implements extensions to the already deployed Frankencoin stablecoin system. The extensions include a MintingHub with variable interest rates, a PositionRoller that enables flashloans, and a Savings module. The contracts must be accepted as Minters by Frankencoin Governance to become usable.

“Frankencoin is a collateralized, oracle-free stablecoin that tracks the value of the Swiss franc. Its strengths are its decentralization and its versatility.”

#Source

The audit was excellent! Very well done!I'm impressed with how quickly ChainSecurity's software engineers developed a deep understanding of the Frankencoin system and with their meaningful inputs to harden its mechanics.
Luzius Meisser, Inspirer, Frankencoin
No Image Available
Enzyme
Enzyme 31Third Adapter smart contract audit by ChainSecurity
Enzyme 31Third Adapter Security Audit
Enzyme 31Third Adapter Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, the isolation of the adapter from the rest of the system, and the correct integration with the external system. The isolation of the adapter was improved in response to BatchTrade Should Revert On Error. Security regarding all aforementioned subjects is high.

Some notes on the external system’s behavior can be found in Replayable TradeSigner Signature and Rebasing Tokens with Transfer Loss are Not Supported.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Enzyme 31Third Adapter

31Third implements an adapter for Enzyme, which allows batch trades using the 31Third protocol. The adapter was made possible through an Enzyme grant to 31Third.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)
No Image Available
Velodrome Finance
Smart Contract Audit - Velodrome Superchain Slipstream - ChainSecurity
Velodrome Superchain Slipstream
Velodrome Superchain Slipstream

Summary

The most critical subjects covered in our audit are integration with the Velodrome superchain system, cross-chain compatibility, and gauge liquidity accounting. The security of all aforementioned subjects is high, after some of the issues uncovered by ChainSecurity were properly addressed.

The general subjects covered in our audit are ABI compatibility of similar contracts, address collisions, correct deployment of pools and gauges. The security of all aforementioned subjects is high. Possibility of address collisions are discussed in the note Attackers can in the future generate address collisions.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Velodrome Superchain Slipstream

Velodrome implements Superchain Slipstream, a Superchain extension of the Velodrome Slipstream concentrated liquidity pools and liquidity mining incentives. Superchain Slipstream allows deploying Concentrated Liquidity pools and gauges on Leaf chains, chains which are part of the Optimism Superchain ecosystem. The Leaf chain gauges will receive rewards for Liquidity Providers in the form of Velodrome emissions bridged from the Root chain (OP Mainnet).

"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

#Source

With a tight schedule and an important release on the line, ChainSecurity exceeded our expectations, assembling multiple internal teams and delivering a thorough, accurate report that kept us on budget and on time. We couldn’t be happier or more confident working with their team..
Velodrome Contributors
No Image Available
Symbiotic
Smart Contract Audit - Symbiotic Burners Smart Contracts - ChainSecurity
Symbiotic Burners Smart Contracts
Symbiotic Burners Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness and access control. General subjects covered are gas efficiency and trustworthiness. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Symbiotic Burners Smart Contracts

In this iteration we reviewed the new BurnerRouter and its corresponding BurnerRouterFactory. BurnerRouter is a contract that allows for the redirection of slashed collateral tokens to configurable addresses. It provides the flexibility to change and configure the receiver of slashed tokens.

Reliable and predictably great quality of analysis maintained for years and years now. As close as you can get to “set and forget” with audits.
Misha Putiatin, Co-Founder Symbiotic
No Image Available
Swaap
Smart Contract Audit - Swaap v2 Euler Adapter - ChainSecurity
Swaap v2 Euler Adapter
Swaap v2 Euler Adapter

Summary

The most critical subjects covered in our audit are LP token price manipulation by unprivileged users, price manipulation by privileged users, and decimal precision in mathematical operations. For all aforementioned subjects, the security is high.

The general subject covered by this audit is the integration of SafeguardPool LP tokens as collateral in Euler lending markets. Regarding this subject security is good, but as seen in Potentially significant underpricing in Some Scenarios, the price returned by the oracle is only a lower bound on the value of the LP tokens. Users whose positions are collateralized by SafeguardPool LP tokens should be aware of the pricing mechanism.

Since the price returned by the oracle is a lower bound, ChainSecurity reminds future users of SwaapSafeguardOracle that it can only be used to price the collateral of lending markets, and never the borrowable token.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.


About Swaap v2 Euler Adapter

Swaap Labs implements SwaapSafeguardOracle, a price feed that integrates in the Euler Price Oracles system to allow using Liquidity Tokens of Swaap SafeguardPool as collateral in Euler vaults.

We have collaborated with ChainSecurity on four occasions, and their findings and reports have consistently been thorough and insightful. Their unmatched expertise proved invaluable during complex integrations across different projects. We look forward to continuing our partnership with them in the future.
Christian Dahdah, Senior Protocol Engineer
No Image Available
Velodrome Finance
Smart Contract Audit - Velodrome Superchain Interoperability - ChainSecurity
Velodrome Superchain Interoperability
Superchain Interoperability

Summary

The most critical subjects covered in our audit are multi-chain state consistency, Hyperlane integration, and frontrun resistance.

The functional correctness of enforcing the voting period was found to be incorrect. Users could still update their votes after the voting period had ended incurring the risk of losing their rewards: Voting period in epochs can be bypassed by using poke()

The usage of the Hyperlane bridging mechanism was found to be incorrect, due to insufficient gas quote amount. No message could therefore be dispatched. For details please refer to this issue: RootMessageBridge.sendMessage() reverts if InterchainGasPaymaster is used .

Further, front running was found to be an issue during the deployment of the XERC20 contracts: deployXERC20WithLockbox() in XERC20Factory can be frontrun.

In the second version of the codebase, the mechanism enforcing the ordering of specific types of messages (DEPOSIT and WITHDRAW) was relaxed. This could lead the state of some contracts to be temporarily inconsistent which would lead to accounting issues (Voting power can be temporarily artificially inflated). The issue has been addressed, but it should be noted that the system relies heavily on the assumption that messages from the root to the leaf will be processed within 1 hour.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Velodrome Superchain Interoperability

Velodrome implements an expansion of Velodrome AMM system to Superchain. With this expansion, theVELO rewards and incentives become available on chains beyond Optimism with the help of Hyperlane.

"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

#Source

With a tight schedule and an important release on the line, ChainSecurity exceeded our expectations, assembling multiple internal teams and delivering a thorough, accurate report that kept us on budget and on time. We couldn’t be happier or more confident working with their team..
Velodrome Contributors

No Image Available
Velodrome Finance
Smart contract Audit - Velodrome Superchain diff - ChainSecurity
Velodrome Superchain diff
Superchain diff

Summary

The most critical subjects covered in our audit are functional correctness, access control and front-running prevention. Security regarding all the aforementioned subjects is high. However, one minor issue was found, that might endanger the system, if access control restrictions are ever softened, see CreateX entropy bit limit.

The general subjects covered are code complexity, upgradeability and unit testing. Code complexity is low due to the use of standard libraries and good readability. Security regarding Upgradeability is good. Testing is good, but the compiler version is not fixed for tests and deployment, see Floating pragma version.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Velodrome Superchain

Velodrome Superchain is an extension of existing Velodrome V2 Optimism reward mechanics to other networks within the Optimism Superchain ecosystem. Deployments on all leaf chains are managed from the Optimism mainnet Root chain, via Hyperlane bridge infrastructure.

"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

#Source

With a tight schedule and an important release on the line, ChainSecurity exceeded our expectations, assembling multiple internal teams and delivering a thorough, accurate report that kept us on budget and on time. We couldn’t be happier or more confident working with their team..
Velodrome Contributors
No Image Available
Legend Labs
Smart contract audit - Legend Labs Quark V2 and Quark Scripts - ChainSecurity
Legend Labs Quark V2 and Quark Scripts
Quark V2 and Quark Scripts

Summary

The most critical subjects covered in our audit are callback handling, nested operations, nonce processing, and slippage protection in swaps. Security regarding all aforementioned subjects is high. The unexpected slippage caused by accumulation of deviations of oracles, described in RecurringSwap Oracle deviations contributing to slippage, has been acknowledged as part of the behavior of the system, and properly documented.

All the issues raised have been satisfactorily addressed by Legend Labs, however a QuarkWallet is designed to execute arbitrary code in the context of a user's wallet through delegatecall. Script developers must understand the core mechanics of the Quark wallet before integrating with it, and Legend Labs should safeguard users against blind-signing malicious payloads by providing appropriate tooling to inspect wallet operations.

In summary, we find that the Quark codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Legend Labs Quark V2 and Quark Scripts

Legend Labs implements Quark v2, a smart contract wallet that enables accounts to run arbitrary scripts, Legend Labs also provides a suite of scripts to facilitate wallet operation and interact with DeFi systems. This audit follows our first audit of Quark, which can be found here. The new system implements an updated version of nonce control and state isolation, and introduces transient storage.

No Image Available
SparkDAO
Smart Contract Audit - Spark PSM - ChainSecurity
Spark PSM
Spark PSM

Summary

The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. The general subjects covered are documentation, unit testing and gas efficiency. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Spark PSM

SparkDAO implements a peg stability module that supports three assets - two stable coins (USDC and USDS) and one yield-bearing wrapped stablecoin (sUSDS). That is intended to both stabilize the peg and offer liquidity on L2s.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark

No Image Available
JustCrypto
Smart Contract Audit - TRON-peg USD Coin (USDC) - ChainSecurity
TRON-peg USD Coin (USDC)
TRON-peg USD Coin (USDC)

Summary

The most critical subjects covered in our audit are the security of the funds and the liveness and correctness of the bridging process. Only minor issues were uncovered. Security regarding all the aforementioned subjects is high.

The general subjects covered are the efficiency of the implementation, centralization, specification, documentation, and testing. The efficiency of the implementation could be improved in some cases. The centralization of the system is very high. This means that the admins of the system are in full control of the funds on the bridge and Tron. Specification and documentation are sufficient as well as unit testing.End-to-end testing seems to not be sufficient. This is particularly important given that TronVM might differ from Ethereum in unexpected ways.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Tron-peg USD Coin (USDC)

JustCrypto launches a Tron-peg USDC token on Tron Chain and implements a bridge between Ethereum and Tron to allow users to transfer USDC between the two chains. Users' assets are locked on TronUSDCBridge contract controlled by TronUSDCBridgeController. An operator of the bridge then mints an appropriate amount of USDC on Tron. Tron USDC is controlled by the USDCController.

No Image Available
MakerDao (Sky)
Maker EndGame Toolkit Smart Contract Audit by ChainSecurity
Maker EndGame Toolkit Security Audit
Maker EndGame Toolkit Security Audit

Summary

The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. While security regarding all the aforementioned subjects is high, this report contains some notes about the proper use of the contracts. The most significant finding discusses Precision Loss in rewardRate Calculation.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Maker EndGame Toolkit

In the latest version, reviewed changes were made to the StakingRewards contract: updating the rewards duration can now be done during an active distribution. Furthermore the constructor now features an additional check to prevent an unsupported configuration. Overall the endgame-toolkit offers a new governance token for SubDAO-level governance, a SubProxy for executing governance delegatecalls and a farming module allowing stakers to earn rewards.

--

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO Arbitrum Token Bridge - ChainSecurity
MakerDAO Arbitrum Token Bridge
Arbitrum Token Bridge

Summary

The most critical subjects covered in our audit are functional correctness, access control and the integration with Arbitrum's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Arbitrum Token Bridge

MakerDAO implements a custom token bridge between Ethereum and Arbitrum that supports the bridging of multiple tokens.

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO OP Token Bridge - ChainSecurity
MakerDAO OP Token Bridge
OP Token Bridge

Summary

MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.

The most critical subjects covered in our audit are functional correctness, access control and the integration with the OP stack's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO OP Token Bridge

MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
Enzyme
Smart Contract Audit - Sulu AaveV3 Flashloan - ChainSecurity
Sulu AaveV3 Flashloan
Sulu AaveV3 Flashloan

Summary

The most critical subjects covered in our audit are functional correctness, and access control. Security regarding all the aforementioned subjects is high.

The audit did not uncover any issues.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Sulu AaveV3 Flashloan

Enzyme Foundation implements a smart account for AaveV3 flash loans. Only flash loans with interestRateMode 0 can be performed, enforcing the flash loan to revert if not payed back directly.

No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO Sky Deployment Scripts - ChainSecurity
MakerDAO Sky Deployment Scripts
MakerDAO Sky Deployment Scripts

Summary

The most critical subjects covered in our audit are functional correctness, access control and front running resistance.

Security regarding all the aforementioned subjects is high. A missing sanity check (see Rate is not validated) has been added.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO Sky Deployment Scripts

MakerDAO implements a governance token and an exchange contract for exchanging MKR against the new token in a predefined ratio. This audit report reviews the security and correctness of the corresponding deployment scripts.

--

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
MakerDao (Sky)
Smart contract audit - MakerDAO Savings USDS - ChainSecurity
MakerDAO Savings USDS
MakerDAO Savings USDS

Summary

The most critical subjects covered in our audit are functional correctness, security of the assets and the proxy/upgradability pattern. Security regarding all the aforementioned subjects is high.

The general subjects covered include the specification, adherence to the ERC standards and optimisations.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO Savings USDS

MakerDAO implements Savings USDS, a tokenized implementation of a savings rate for USDS.

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
MakerDao (Sky)
Smart contract audit - USDS Smart Contracts - ChainSecurity
MakerDAO USDS Smart Contracts
USDS Smart Contracts

Summary

The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About USDS Smart Contracts

MakerDAO introduces a new stablecoin token (USDS, rebranded DAI) along with a permissionless converter for 1:1 conversions between DAI and USDS. The USDS is an ERC-20-compliant token, and the converter, DaiUsds, enables seamless exchanges. The project also features UsdsJoin, which is the USDS equivalent of DaiJoin.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
Curve
Smart Contract Audit - Curve Fee Splitter - ChainSecurity
Curve Fee Splitter
Curve Fee Splitter

Summary

The most critical subjects covered in our audit are denial of service, correct access control and correct usage of the new Vyper modules. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Curve Fee Splitter

Curve implements fee splitter to distribute fees (in crvUSD token) from the crvUSD stablecoin markets to different recipient according to configured weights.

“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.

Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”

#Source

We appreciate ChainSecurity for their very deep and thoughtful analysis!
Michael Egorov, CEO @ Curve Finance
No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO OP Farms Smart Contracts - ChainSecurity
MakerDAO OP Farms Smart Contracts
OP Farms Smart Contracts

Summary

The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.

The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO OP Farms Smart Contracts

MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to afarm contract on OP Stack L2s.

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
Uniswap Foundation
Smart Contract Audit - Uniswap Franchiser Smart Contracts - ChainSecurity
Uniswap Franchiser Smart Contracts
Uniswap Franchiser Smart Contracts

Summary

The most critical subjects covered in our audit are asset solvency and front-running resistance. Security regarding all the aforementioned subjects is high.

The general subjects covered are gas efficiency, code complexity, and documentation. Security regarding all the aforementioned subjects is satisfactory, but can be improved, see Franchiser.subDelegateMany() Modifier Called in a Loop and Inaccurate NatSpec.

In summary, we find that the codebase provides a high level of security. No issues were identified that would pose a significant risk to the system.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Uniswap Franchiser smart contracts

Uniswap Foundation implements a Franchiser system, that allows multi-level delegation of UNI tokens' voting power.

"The Uniswap Foundation is dedicated to building a self-sustaining community that contributes to the future growth of the Uniswap Protocol. We have strategically designed our grants program to create a long-lasting ecosystem made up of developers, researchers, and governance contributors. We strive to create shared ownership for our entire community and work with them to define the future of DeFi’s most important protocol."

#Source

No Image Available
SparkDAO
Smart contract audit - SparkDAO XChain SSR Oracle - ChainSecurity
SparkDAO XChain SSR Oracle
XChain SSR Oracle

Summary

SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.

The most critical subjects covered in our audit are functional correctness, access control and message passing.

The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Spark XChain DSR Oracle

SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO D3M AaveV3 USDS Pool - ChainSecurity
MakerDAO D3M AaveV3 USDS Pool
MakerDAO D3M AaveV3 USDS Pool

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness and the correct integration into the existing D3M v2 system.

The general subjects covered include the consistency of the codebase. In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO D3M AaveV3 USDS Pool

MakerDAO has implemented a new component for the existing D3M v2 system: a pool supporting USDS deposits into Aave V3-like protocols without supply caps, such as SparkLend.

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
MakerDao (Sky)
MakerDAO Allocator Deployment Scripts smart contract audit by ChainSecurity
MakerDAO Allocator Deployment Scripts Security Audit
MakerDAO Allocator Deployment Scripts Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.

Security regarding all the aforementioned subjects is high. Some Missing checks introduced small problems but these have been fixed / will be fixed as soon as it is possible.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDao Allocator Deployment Scripts

MakerDAO implements an allocation system for funding certain SubDAOs of the MakerDAO ecosystem with USDS. This audit report reviews the security and correctness of the corresponding deployment scripts.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
MakerDao (Sky)
MakerDAO - DSS Allocator Smart Contract Audit by ChainSecurity
MakerDAO – DSS Allocator Security Audit
MakerDAO – DSS Allocator Security Audit

Summary

MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.

The most critical subjects covered in our audit are asset solvency, access control and functional correctness. Security regarding all the aforementioned subjects is high.

The general subjects covered are specification and integration with 3rd party systems. All the aforementioned subjects are covered well.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Makerdao – DSS allocator

MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
Swell
Smart Contract Audit - Swell Symbiotic-Aera Adapter - ChainSecurity
Swell Symbiotic-Aera Adapter
Swell Symbiotic-Aera Adapter

Summary

The most critical subjects covered in our audit are frontrunning, effect of withdrawal delays, and jumps in value because of slashings. Security regarding all the aforementioned subjects is high.

The general subjects covered are accounting of assets, and correct integration. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Swell Symbiotic-Aera Adapter

Swell implements Symbiotic-Aera Adapter, an adapter smart contract that allows the Aera treasury management protocol to deposit funds in the Symbiotic restaking protocol. Swell intends to use this within the scope of the swBTC project, to allocate WBTC to Symbiotic through a managed Aera vault.

--

"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."

#Source

ChainSecurity delivered a prompt and highly professional audit of our swBTC restaking vault. Their quick response, thoroughness, and attention to detail have greatly enhanced the trust in our product. We’re eager to collaborate with them again in the future.
Chris Matthias, Head of Operations
No Image Available
Swell
Smart Contract Audit - Swell swBTC Smart Contracts - ChainSecurity
swBTC Smart Contracts
swBTC Smart Contracts

Summary

Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.

The most critical subjects covered in our audit are the functional correctness of the delayed withdrawal module and the correct integration of Yearn's VaultV3 and tokenized strategy systems. Security regarding all the aforementioned subjects is extensive.

Other general subjects covered are access control and interactions with the Aera vault. Security regarding all the aforementioned subjects is high.

The test coverage is minimal and should be improved to ensure that all code paths and features are tested.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About swBTC Smart Contracts

Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.

"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."

#Source

ChainSecurity delivered a prompt and highly professional audit of our swBTC restaking vault. Their quick response, thoroughness, and attention to detail have greatly enhanced the trust in our product. We’re eager to collaborate with them again in the future.
Chris Matthias, Head of Operations
No Image Available
MakerDao (Sky)
Smart Contract Audit - MakerDAO USDS Wrappers - ChainSecurity
MakerDAO USDS Wrappers
MakerDAO USDS Wrappers

Summary

The most critical subjects covered in our audit are functional correctness and security. The general subjects covered include usability, gas efficiency, and documentation.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO USDS Wrappers

MakerDAO implements a permissionless wrapper to swap USDS using the PSM-lite.

--

"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
SparkDAO
Smart contract audit - Spark User Actions - ChainSecurity
SparkDAO User Actions
Spark User Actions

Summary

SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.

The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. Security regarding all the aforementioned subjects is high.

The general subjects covered are unit testing and documentation. Both are good. In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Spark User Actions

SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.

"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

#Source

ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark
No Image Available
MakerDao (Sky)
MakerDAO UniV2 Migration Deployment Scripts smart contract audit by ChainSecurity
MakerDAO UniV2 Migration Deployment Scripts Security Audit
MakerDAO UniV2 Migration Deployment Scripts Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.

Security regarding all aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About MakerDAO UniV2 Migration Deployment Scripts

MakerDAO implements a migration script that moves MakerDAO’s DAI/MKR Uniswap v2 LP position to a new USDS/SKY pool.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
MakerDao (Sky)
Maker Dss Flappers smart contract audit by ChainSecurity
MakerDAO Dss Flappers Security Audit
MakerDAO Dss Flappers Security Audit

Summary

The most critical subjects covered in our audit are access control, asset solvency, functional correctness, and the impact of the change on the existing system. An issue with functional correctness was identified, where Splitter.cage() did not lock the Splitter completely (see Splitter.cage() does not lock theSplitter). After the intermediate report, this issue has been resolved.

The general subjects covered are specifications correctness, optimizations, and soundness of the deployment and initialization scripts. The specification of babylonian.sqrt() was inaccurate (see Incorrect specification). The checks in the initialization scripts could be further enhanced (see Missing check for bump and Missing check of reward token on farm contract). All the issues have been resolved and security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO DSS Flappers

MakerDAO has implemented new contracts to process the surplus of the stablecoin system. A new Splitter contract divides the surplus between a burning engine (Flapper) and a reward farm. Flapper contracts interact with UniswapV2, exchanging USDS for Gem tokens, with two variants:FlapperUniV2SwapOnly fully converts USDS to Gem, while FlapperUniV2 adds liquidity to the pool.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

No Image Available
Conic
Smart Contract Audit - Conic Crypto Pool Update - ChainSecurity
Conic Crypto Pool Update
Conic Crypto Pool Update

Summary

The most critical subjects covered in our audit are functional correctness and resistance to oracle manipulations. The contracts are functionally correct and are, in most cases, resistant against oracle manipulations under the assumptions that:

  1. Curve's price_oracle() cannot be manipulated to a lower value during a maximum of 2 blocks.
  1. Curve pool imbalances are efficiently arbitraged every block
  1. CryptoPoolOracle is not used for StableSwap pools.
  1. The underlying Curve pools experience regular usage.

However, some certain edge conditions can enable oracle manipulation attacks that are able to extract value: Oracle manipulation during withdrawal. Conic, for now, accepts this risk and tries to find an optimal solution.

In summary, we find that the codebase provides an improvable level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Conic Crypto Pool Update

Conic implements a new oracle for pricing LP tokens of Curve Crypto pools. Additionally, Conic implements a new contract for determining the share of CNC rewards that is distributed to each Conic pool.

“Conic Finance is an easy-to-use platform built for liquidity providers to easily diversify their exposure to multiple Curve pools. Any user can provide liquidity into a Conic Omnipool which allocates funds across Curve in proportion to protocol controlled pool weights.”

#Source

Conic's V2 audit by ChainSecurity was exceptional. Their thorough analysis revealed complex edge cases, providing invaluable insights that exceeded our expectations and underscored our commitment to providing the highest level of security.
C-3PO

No Image Available
Enzyme
Smart Contract Audit - Enzyme Sulu Extensions XX - ChainSecurity
Enzyme Sulu Extensions XX
Sulu Extensions XX

Summary

The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.

The audit did not uncover any issues.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Enzyme Sulu Extensions XX

Enzyme Foundation implements two new Enzyme price feeds: a primitive price feed that converts ynETH (YieldNest ETH) to ETH and a derivative price feed that converts Stader SD tokens to ETH.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)
No Image Available
Polygon
Smart contract - POL Transition Smart Contracts - ChainSecurity
POL Transition Smart Contracts
POL Transition Smart Contracts

Summary

The most critical subjects covered in our audit are correctness of the proxy upgrade and the overall functional correctness. Security regarding both subjects is high after Storage Collisions have been mitigated.

The documentation of the codebase is improvable.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About POL TransitionSmart Contracts

Polygon implements several changes to the Polygon ecosystem that consolidate the transition to the POL token, the native token for Polygon 2.0 and the successor to the MATIC token.

--

“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”

#Source

With their in-depth analysis and diligent approach, ChainSecurity has proven a reliable partner, keeping security standards high when it comes to our most critical infrastructure here at Polygon.
Simon Dosch, Smart Contract Lead, Polygon

No Image Available
Tron
Limited Review - Java-Tron - ChainSecurity
Java-Tron Limited Review
Java-Tron Limited Review

This is a LIMITED REVIEW: a time-bound effort to provide security insights on a codebase without reviewing it fully.

Summary

Due to the complexity of Java-Tron and the limited allocated time, this review cannot uncover all the bugs inside of it. Instead, the goal of this review was to uncover as many bugs as possible while focusing on the following parts of the code:

• Tron Virtual Machine (TVM)
• Consensus
• Peer-to-Peer (P2P)

Some of the most significant findings are:
• PBFT Messages Create State Expansion
• Unpermissioned Censoring of Fork Blocks
• Resource Consumption by Blocks Not Signed by Witnesses

These three findings have all been addressed through code corrections. For some other issues, the risks have been accepted based on the assumption of economically acting super representatives. Lastly, some issues with non-critical severity have been redacted to prevent malicious actors from creating disturbances.

It is important to note that such reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Java-Tron

Tron uses Java-Tron as the node software to run the Tron network. Hence, Java-Tron is (among other things) responsible for executing transactions, generating blocks, achieving consensus and operating the peer-to-peer network.

"TRON is dedicated to accelerating the decentralization of the Internet via blockchain technology and decentralized applications (DApps)."

#Source

ChainSecurity has proven to be a helpful platform for the TRON DAO, providing us with comprehensive security assessments that reinforce the strength and integrity of the TRON network. Their attention to detail has bolstered trust and confidence from our users in the TRON ecosystem. ChainSecurity’s unparalleled expertise continues to play a vital role in helping us uphold the highest standard of security.
Sam Elfarra, Community Spokesperson

No Image Available
Enzyme
Smart contract audit - Enzyme Sulu Extensions XIX - ChainSecurity
Enzyme Sulu Extensions XIX
Enzyme Sulu Extensions XIX

Summary

The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.

The audit did not find any issues.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Enzyme Sulu Extensions XIX

Enzyme Foundation implements a new Enzyme price feed that converts wstETH to ETH.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)

No Image Available
Enzyme
Smart contract - Enzyme Sulu Extensions XVIII - ChainSecurity
Enzyme Sulu Extensions XVIII
Enzyme Sulu Extensions XVIII

Summary

The most critical subjects covered in our audit are functional correctness, asset solvency and Enzyme's integration with the external system.

Functional correctness did not hold due to claimable collateral that might have been tracked incorrectly. For details please refer to the issue: Overestimation of Claimable Collateral in getManagedAssets. Further, the position's value could have been temporarily decreased by hiding value in the execution fee, which was not accounted for when evaluating the external position's total value: ExecutionFee of Orders in getManagedAssets.

After the intermediate report, all issues have been resolved.

During the assessment period, it became apparent that the technical documentation for GMX V2 lacks key information. As a result, our in-depth understanding of the external system was primarily derived from analyzing the available source code.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Enzyme Sulu Extensions XVIII

Enzyme Foundation implements a new external position for GMX V2. Supported orders are MarketIncrease, MarketDecrease (to modify long or short positions), StopLossDecrease (to set stop loss) and LimitDecrease (to set take profit). Additionally, a new policy DisallowedAdapterIncomingassetsPolicy has been implemented.

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)
No Image Available
Pendle
Smart contract audit - Pendle V2 Core - ChainSecurity
Pendle V2 Core
Pendle V2 Core

Summary

The most critical subjects covered in our audit are functional correctness, asset solvency, arithmetic operations and oracle safety.

Generally, functional correctness is good. However, note that there are some low-severity issuesregarding functional correctness. Security regarding the remaining subjects is high.

The general subjects covered are gas efficiency, trustworthiness, error handling and specification.Security regarding all the aforementioned subjects is good. However, specifications could be improved,see Initial Liquidity Mismatches Whitepaper and Mismatches With EIP-5115.

In summary, we find that the codebase provides a good level of security. Also, note that the security ofSYs is highly dependent on the more derived implementation which was out of scope. Further, note thatthe scope only includes the base SY implementation, PY V1 and markets V1. Please see AssessmentOverview, Trust Model and Roles, and Notes.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Pendle V2 Core

Pendle Finance implements a yield tokenization platform along with an interest rate market. The products are built on top of each other and use the implementations of the standardized yield standard as a baselayer.

"With Pendle, you can always maximise your yield: increase your yield exposure in bull markets and hedge against yield downturns during bear markets."

#Source

ChainSecurity was a pleasure to work with—exceptionally easy to coordinate with and delivering an audit of the highest quality. Their meticulous attention to detail truly set them apart, making the entire process smooth and efficient.
Long Vuong Hoang, Head of Engineering

No Image Available
Enzyme
Smart contract audit - Enzyme Sulu Extensions XV - ChainSecurity
Enzyme Sulu Extensions XV
Enzyme Sulu Extensions XV

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness and integration with external systems and Enzyme's core system. Security regarding all the aforementioned subjects is high.

The general subjects covered are error handling, specification and trustworthiness. Security regarding all the aforementioned subjects is high. Note that the trust model for using GSN slightly changed, see the note Gas relay paymaster will fund arbitrary calls.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Enzyme Sulu Extensions XV

Avantgarde Finance implements a price feed for EETH and a wrapper for Chainlink-like oracles with non-standard decimals. Additionally, the GSN integration is adapted. A new policy restricting redeem-for-specific-assets is introduced along with a peripheral FIFO contract that can redeem-for-specific-assets. Further, an asset manager contract is introduced that limits the share price loss an asset manager can cause. For integrations, a Pendle Finance external position and a Swell adapter are introduced.

---

Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

We've worked with many Smart Contract auditors in the last five years and ChainSecurity quickly differentiated themselves as a leader in the space. They have relevant DeFi expertise, professional work ethic and have always been a reliable partner.
Mona El Isa (CEO)

No Image Available
M^ZERO
Smart Contract Audit - M^ZERO Wrapped M Token - ChainSecurity
M^ZERO Wrapped M Token
M^ZERO Wrapped M Token

Summary

The most critical subjects covered in our audit are asset solvency, functional correctness and security. Security regarding all the aforementioned subjects is high.

The general subjects covered are documentation, gas efficiency and the integration of the wrapper into the existing system. All reported issues have been addressed in the latest version of the codebase.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About M^ZERO Wrapped M Token

M^ZERO Labs implements an upgradable, non-rebasing wrapper for the M token, supporting yield accrual while respecting the original whitelist of earners.

No Image Available
Symbiotic
Smart Contract Audit - Symbiotic Core - ChainSecurity
Symbiotic Core
Symbiotic Core

Summary

The most critical subjects covered in our audit are functional correctness, role management and front-running tolerance.

Security regarding the aforementioned subjects is high as only minor issues could be uncovered during this review.

It should be noted that the protocol design is very open, allowing various participants to create registered smart contracts with configurations that can potentially be dangerous. For this reason, it is advised to take special care when trusting any vaults, networks and operators.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Symbiotic Core

SymbioticFi implements a security layer for restaking. Deposited tokens can be assigned to operators running node software of networks. The assigned tokens are guaranteed to be slashable by networks incase of operator misbehaviors.

Reliable and predictably great quality of analysis maintained for years and years now. As close as you can get to “set and forget” with audits.
Misha Putiatin, Co-Founder Symbiotic

No Image Available
MakerDao (Sky)
Smart contract audit - MakerDAO Arbitrum Farms - ChainSecurity
MakerDAO Arbitrum Farms
MakerDAO Arbitrum Farms

Summary

The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.

The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About MakerDAO Arbitrum Farms

MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to aFarm contract on Arbitrum L2.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

#Source

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)
No Image Available
Vesu
Smart Contract Audit - Vesu Protocol Smart Contracts - ChainSecurity
Vesu Protocol Smart Contracts
Vesu Protocol Smart Contracts

Summary

The most critical subjects covered in our audit are the isolation of the pools, asset solvency and functional correctness.

The general subjects covered are usability, oracle security, access control, adherence to the specification and general design issues.

All issues uncovered during the review process have been addressed with suitable fixes. We believe the codebase to have a satisfactory level of security. The high complexity and extensibility of the project present a large attack surface. VESU internally relies primarily on one smart contract developer which, even though supported by external reviewers, limits the ability for internal QA. During the audit timeline, significant improvements in design and overall code quality have been achieved, but some novel issues and regressions remained present during the last review cycle. In our experience, these factors combined present an elevated risk of undiscovered vulnerabilities in the current codebase.

Continuing to allocate sufficient time and resources, strengthening the robustness of the design, and introducing internal security-focused quality assurance practices such as thorough unit- and regression-testing can significantly increase the level of security of the codebase and our confidence in it.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.

About Vesu Protocol Smart Contracts

VESU implements a fully permissionless DeFi lending protocol. Anyone can deploy and configure a pool. A core contract called Singleton holds all funds and manages all pools. All operations go through theSingleton, each pool has an extension which is called before/after any operation and defines the values for the operation. A default extension is provided, arbitrary extensions and/or misconfigured parameters can break their respective pools without affecting the rest of the protocol.