
The most critical subjects covered in our audit are asset solvency, functional correctness, and frontrunning. The general subjects covered are upgradeability, unit testing, documentation, and trustworthiness. Note that testing is insufficient and that some of the uncovered issues could've been caught by testing.
The most notable findings are:
All issues have been resolved through code corrections or specification change. Some lower severity issues have been acknowledged, and their risk has been accepted.
Additionally, please consult Notes, Assessment Overview and Trust Model and Roles for considerations that could be out of scope.
In summary, we find that the codebase provides a good but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Mellow Finance implements an upgrade to the previously audited vaults to support multiple LRTs at once as well as other ERC-4626 compliant protocols. The multivault architecture implements a modular integration framework by leveraging adapters for integrations and strategies for allocations. Given the delayed withdrawals for LRTs, specialized withdrawal queues have been implemented.
"Mellow LRT is an innovative liquid restaking primitive allowing permissionless creation of modular LRTs. Mellow offers a series of vault smart contracts tailored to different risk profiles, managed by LRT curators."

The most critical subjects covered in our audit are functional correctness, accounting correctness, and the integration with external systems (Bridge and Morpho vaults).
Functional correctness is good, after missing conversions between asset amounts and share amounts have been fixed, see drainVault Cannot Withdraw All Assets and Missing Asset-Share Conversions in Vaults. Accounting correctness is good, as related issues have been fixed, see drainVault Locks Assets. Security regarding integration with external systems is high.
In summary, we find that the codebase provides a good level of security.The Notes section highlights behavior that users should be aware of.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Polygon implements an extension of the Unified Bridge (formerly LxLy Bridge) that enables the bridging of assets that have been deposited into an ERC-4626 yield-generating vault. Additionally, Polygon provides a Native Converter deployed on Layer Y that allows assets that were natively bridged (not via the VaultBridgeToken extension) to be converted to vault-bridged tokens, with the underlying token being bridged back to Layer X.
“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”
.png)

The most critical subjects covered in our audit are asset solvency, functional correctness, and compliance with standards. After the review, security regarding all the aforementioned subjects is high. A critical issue leading to the free minting of shares was uncovered in the first review of the codebase and was addressed in the first round of fixes, see Shares can be minted for free. In Version 2 there was an issue regarding the initialization of the system, see Order of Deployment and Initialization.
The general subjects covered are code complexity, gas efficiency, trustworthiness, documentation and specification. Security regarding all the aforementioned subjects is generally good. No specifications were provided regarding management of the funds. Note the strong assumptions made in the TrustModel.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Ultra implements UltraVault, an ERC-7540 compliant, managed vault with asynchronous redemption.
"UltraYield is an onchain strategy curator working with top-tier protocols to bring depositor the highest yield possible on the market."
.png)
The most critical subjects covered in our audit of the circuits are soundness, completeness and zero-knowledge. Several critical issues have been uncovered including:
• Missing constraint on pubkey allows for double spending
• Incorrect exclusion proof circuit allows for double spending
• Multiple Valid Account Trees / Public States after applying the same block
The latest iteration covers refinements in the core circuits, refactored withdrawal circuits and the new claim circuits.
The reviewed code is well-structured and properly documented. Although testing has been continuously enhanced, a thorough stress test on a public testnet is recommended before mainnet launch due to the project’s cutting-edge nature. The circuits are part of Intmax 2, a system which consists of multiple interacting parts. The rollup is managed by a set of smart contracts which have been audited in the ChainSecurity Intmax 2 Smart Contract Audit Report.
In summary, we find that the current codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Intmax implements a zk-rollup for private transfers using zk proofs to prove state transitions and balances. Smart contracts on Scroll manage the rollup, while smart contracts on Ethereum handle liquidity on- and offboarding.
"INTMAX is an extremely scalable layer for Ethereum transfers that incorporates ethically sound privacy. It is a stateless zkRollup structure, theoretically achieving scalability similar to Plasma and Lightning Network, as envisioned in 2018. By distributing both data and computation costs across users’ devices, INTMAX inherits security from Ethereum while achieving scalability even greater than centralized financial systems using databases."

The most critical subjects covered in our audit are functional correctness, frontrunning resistance, and integration with other contracts of the system.
Security regarding all the aforementioned subjects is high. Note that the Chief migration requires strong coordination and adherence to timelines to minimize the risk of governance attacks at different migration phases, see Migration Considerations for more details.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky offers deployment and initialization libraries to migrate the existing MCD_ADM (the legacy Chief withMKR as governance token) to a new Chief that uses SKY as governance token.
Sky implements a rate converter (Conv) to facilitate the conversion between rates per second and yearly rates in basis points (BPS).
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

The most critical subject covered in our audit is functional correctness. After the intermediate report, all findings have been resolved, hence security regarding functional correctness is high.
The general subjects covered are trustworthiness and documentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky implements DssEmergencySpells, a set of pre-defined emergency spells that bypass the governance delay defined in DSPause to enable prompt governance actions if necessary.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”


Limited code reviews are best-effort checks and don't provide assurance comparable to non-limited code assessments or audits. Due to time and scope constraints, they are not exhaustive.
The most critical subjects covered in our review are the non-reentrancy by default option and the raw_create builtin. Security regarding all the aforementioned subjects is high. Moreover, we found that allowing users to turn on the non-reentrancy by default option is a good security measure that benefits language users greatly.
Other general subjects covered include enabling bitwise operators for bytesM, extending as_wei_value to all numeric types, refactoring decorator and pragma parsing as well as other smaller pull requests. Security regarding all the aforementioned subjects is also high.
It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
This limited review was conducted by one engineer over one week and focused on multiple pull requests of the to-be-released version 0.4.2 of the Vyper compiler.
“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”

The most critical subjects covered in our audit are functional correctness, asset solvency and integration into the system. Security regarding all the aforementioned subjects is high.
The general subjects covered are usability and access control. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
VoteDelegate implements a vote delegation system allowing governance token holders to delegate their voting power to delegates.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”
.png)
The most critical subjects covered in our audit are correctness of the minting and burning flow, the implementation of the access control, and the sanitization of the data accounts. Security regarding all the aforementioned subjects is high. Only minor issues have been uncovered which have been addressed.
The general subjects covered are compute unit efficiency of the implementation, the documentation and specification, and testing. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
WBTC implements a system that allows for minting and burning wBTC on Solana.
"Wrapped Bitcoin (WBTC) unlocks the power of Bitcoin on various blockchains such as Ethereum and Solana, offering interoperability for DeFi use cases."

The most critical subjects covered in our audit are functional correctness, access control and the upgrade path from previous versions. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity, specifications, and trustworthiness. Overall, the code is of high quality, well tested and documented.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Argent implements Argent Account and Multisig Account, a set of smart contracts built on top of Starknet's Account Abstraction. This review covers version 0.5.0, which introduces support for multiple owners and guardians in the Argent Account. Compared to version 0.4.0 (and 0.2.0 for the Multisig), the core functionality remains largely unchanged, with most updates focused on internal refactoring and enhanced support for the WebAuthn signer.

The most critical subject covered in our audit is functional correctness. The general subjects covered are trustworthiness and documentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky implements Protego, a framework for standardizing the deployment of Emergency Spells that drop proposals queued for execution.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

The most critical subjects covered in our audit are signature handling, event handling, and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are functional correctness, upgradability, trustworthiness, and documentation. The core contracts in the scope of this review are upgradeable and fully controlled by an admin role. In addition, several accounts are required to be trusted, see Roles and Trust Model andPotential Single Points of Failure. The project has extensive documentation and inline code specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Circle implements a new version of Cross-Chain Transfer Protocol (CCTP) that implements new features, such as fast burn messages and hook data. CCTP v2 uses new message formats that are incompatible with the previous version. Two versions of CCTP are treated as distinct networks in the smart contract level and use a different set of attesters.
.png)

The most critical subjects covered in our audit are asset solvency, function correctness and access control. The general subjects covered are specification and trustworthiness.
The most notable issue uncovered is the possibility of Stealing Operator Rewards. The finding has been addressed through code correction.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Symbiotic provides default contracts for standardizing the distribution of rewards to operators and stakers.


Enzyme Foundation implements an external position for writing call and put options in Myso V3.
The most critical subjects covered in our audit are functional correctness and integration with Myso V3. The general subjects covered are specification, trustworthiness, error handling, and documentation.
In summary, we find that the codebase provides a high level of security. Furthermore, important consideration are outlined in the sections Notes and in Trust Model.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Enzyme Foundation implements an external position for writing call and put options in Myso V3.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
.png)

The smart contracts are forked from Frankencoin v2024, which we previously audited. This review was limited to the changes applied by dEURO, under the assumption that the Frankencoin codebase does not contain any vulnerabilities.
The most critical subjects covered in our audit are asset solvency, functional correctness and accounting correctness. Security regarding asset solvency was improved, see Interest Accrual Can Lead to Under-Collateralization. Security regarding functional correctness was improved, see Auctions May Never End. Accounting correctness is improvable, see Challengers must calculate virtualPrice themselves.
In summary, we find that the codebase currently provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
dEURO implements a decentralized protocol to issue dEURO on-chain, a stablecoin that is pegged to theEuro. Each dEURO minted is backed either by collateral assets or other trusted stablecoins pegged to the EURO.

The most critical subjects covered in our audit are functional correctness, precision of arithmetic operations, and front-running. Security regarding all the aforementioned subjects is good but improvable, see Unaccounted roundings when depositing and withdrawing and Balance of Euler account counted twice in calcLimits(). Notice that Euler decided not to fix some of the issues for the time being; these issues have been marked Acknowledged .
The general subjects covered are code complexity, gas efficiency, and trust relationships. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security, which could be improved if all the outstanding issues were to be addressed.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Euler implements EulerSwap, an AMM that uses a custom bonding curve, and enhances its liquidity by borrowing additional funds from Euler vaults.


The most critical subjects covered in our audit are the correctness and potential regressions of the refactored code, the correctness of partial liquidations and the new Tumbler rate keeper. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, testing, documentation and specification. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Gearbox implements V3.10 of the Core protocol and the oracles. The new version aims to make the system compatible with the new governance module. Moreover, it adds partial liquidations.
“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.
The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”

The most critical subjects covered in our audit are functional correctness, access control, and integration with the existing contracts. The general subjects covered are documentation, trustworthiness, and unit testing.
Security regarding all aforementioned subjects is high. However, it is improvable due to potential escalation of privileges as outlined in Bypassing step-size and DoSing ilk initializations.
In summary, we find that the codebase provides a good but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky implements SP-BEAM, a module enabling permissioned actors to make direct changes to stability and savings rates.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

The most critical subjects covered in our audit are signature handling, event handling, and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are functional correctness, upgradability, trustworthiness, and documentation. The core contracts in the scope of this review are upgradeable and fully controlled by an admin role. In addition, several accounts are required to be trusted, see Roles and Trust Model andPotential Single Points of Failure. The project has extensive documentation and inline code specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Circle implements a new version of Cross-Chain Transfer Protocol (CCTP) that implements new features, such as fast burn messages and hook data. CCTP v2 uses new message formats that are incompatible with the previous version. Two versions of CCTP are treated as distinct networks in the smart contract level and use a different set of attesters.

The most critical subjects covered in our audit are functional correctness, front-running, and suitability for Sky's governance. The general subjects covered are trustworthiness and gas efficiency.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky implements a continuous approval voting system introducing SKY as the governance token while simplifying the previous version.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”

The most critical subjects covered in our audit are functional correctness, access control, precision of arithmetic operations.
Access control is working as expected.
Several issues with the correct handling of investment stages have been found in previous versions of this report. Furthermore, depending on the chosen base currency of a fund, the contracts were exposed to a certain degree of Precision loss. These problems have been mitigated.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Fume implements an on-chain administration platform for funds. Investments into such funds can be handled either off-chain or on-chain.
"Founded in 2023 and headquartered in Ticino, Switzerland, Fume was created to revolutionize the way investment funds are managed. The Fume platform is designed to support a wide range of assets, including digital tokens, stocks, real estate, and commodities, making it an attractive solution for both traditional and digital fund managers. Built by a team with deep expertise in blockchain, finance, and law, with the backing of a fintech VC, a family office, and established asset managers."

We did not find severe issues. However, multiple minor issues related to fees were raised (see Missing Slippage Protection, Fee Can Be Avoided on Small Amounts and Repeated Fees) and the deposit limits are ineffective as described in Ineffective First Deposit Limit. All issues where addressed.
In summary, we find that the codebase provides a high level of security. Yet, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
OpenEden implements a USD stablecoin called USDO and a wrapper contract (acting as a vault) for it called cUSDO. The stablecoin will be backed by yield-earning U.S. treasury bills. USDOExpress adds instant mint and redeem functionality to the existing USDO token.

We did not find any critical issues in the codebase. Yet, we recommended testing cUSDO deposits, transfers and withdrawals with intermediate multiplier changes in USDO very carefully. All raised issues were addressed accordingly.
In summary, we find that the codebase provides a high level of security as most critical operations are access-controlled and should have additional off-chain procedures to ensure the security of the system. However, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
OpenEden implements a USD stablecoin called USDO and a wrapper contract (acting as a vault) for it called cUSDO. The stablecoin will be backed by yield-earning U.S. treasury bills.
.png)
The most critical subjects covered in our audit are functional correctness, access control and merkle proof verification. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency and proper documentation. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Spark implements the SparkRewards smart contract to distribute ERC-20 tokens based on a Merkle tree root and epochs.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

The most critical subject covered in our audit is functional correctness.
The general subjects covered are event handling, documentation, and gas efficiency.
Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Sky implements Dss Blow2, a contract to facilitate the returning of Dai and USDS to the Sky Protocol as system surplus.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”


All high severity findings were resolved. Some new medium severity issues were identified in the latest review of the codebase. There are still many low severity issues open, and given a stable codebase and more time, likely many more could be found, due to the complexity of the codebase. However, assuming the more severe issues are addressed, they should be mostly benign.
In summary, we find that the codebase provides a good level of security.
The contracts are complex and have even more complex dependencies. We did not review the economic soundness of the contracts nor is it possible to find all the edge cases in this system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
Curve implements a new stablecoin that is based on different mechanics to keep it stable and manage the loans.
—
“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.
Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”


The code is well structured and implements an upgrade architecture similar to the diamond proxy upgrade pattern. The most critical subjects covered in our audit are functional correctness and arithmetic correctness. The most severe issues is an incorrectly calculated redeem (Incomplete fund transfer when withdrawing) and a double counted balance when swapping (double-counting in swap). All issues were addressed and resolved if necessary. We advised to increase the test suite as the issues could have been caught by e.g., testing redeems with strategies that partially fulfill the request.
The team was always very responsive and was clarifying all questions quickly and professionally. In summary, we find that the current codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Yelay implements a dedicated vault system that directs all yield into a yield extractor. Users will be rewarded outside of the protocol from the respective clients. The vault is for approved projects only.


We could not identify any relevant issue in the code base. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Velodrome implements a setup to lower the need of newly minted Velo which consequently slows down or could even stop the inflation rate. This is achieved by using a special gauge contract. If users vote for this gauge, the corresponding rewards will be sent directly from the voter to the minter contract. There is also a pool without functionality and the factory contracts to correctly integrate the setup in the overall ecosystem.
#Source
.png)
.png)
The most critical subjects covered in our audit are asset solvency and front-running resistance. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, code complexity, and documentation. The robustness regarding all the aforementioned subjects is satisfactory but can be improved, see Redundant checks in...Many() functions and Inaccurate NatSpec. Furthermore, this report contains notes highlighting considerations to prevent unexpected behavior during operation.
In summary, we find that the codebase provides a high level of security. No issues were identified that would pose a significant risk to the system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Uniswap Foundation's Franchiser system enables multi-level delegation of UNI tokens' voting power. This latest version introduces support for expirations with permissionless recall of funds to the original owner after expiry.
"The Uniswap Foundation is dedicated to building a self-sustaining community that contributes to the future growth of the Uniswap Protocol. We have strategically designed our grants program to create a long-lasting ecosystem made up of developers, researchers, and governance contributors. We strive to create shared ownership for our entire community and work with them to define the future of DeFi’s most important protocol."


The most critical subjects covered in our audit are the safety of the funds, the security of the ownership recovery mechanisms and their resistance against malicious actors, the signature validation, and the correct configuration of the wallet. Our most important findings concerned the different recovery mechanisms of the wallet, as described in the issues Ownership transfer race conditions and Social recovery with less than minConfirmations possible. All the issues have been addressed by Unstoppable and security regarding the afore mentioned areas is high.
The general subjects covered are interactions with other addresses, access control, and gas efficiency. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase could provide a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Unstoppable implements a smart contract wallet that supports authentication via WebAuthn, and enables ownership transfers via an inheritance, and a social recovery mechanism.
"Unstoppable is on a mission to render centralized platforms obsolete by providing a comprehensive permissionless alternative for every CEX feature."


The most critical subjects covered in our audit are functional correctness, asset solvency and Enzyme's integration with the external system.
Functional correctness did not hold due to claimable collateral that might have been tracked incorrectly. For details please refer to the issue: Overestimation of Claimable Collateral in getManagedAssets. Further, the position's value could have been temporarily decreased by hiding value in the execution fee, which was not accounted for when evaluating the external position's total value: ExecutionFee of Orders in getManagedAssets.
After the intermediate report, all issues have been resolved.
During the assessment period, it became apparent that the technical documentation for GMX V2 lacks key information. As a result, our in-depth understanding of the external system was primarily derived from analyzing the available source code.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Enzyme Foundation implements a new external position for GMX V2. Supported orders are MarketIncrease, MarketDecrease (to modify long or short positions), StopLossDecrease (to set stop loss) and LimitDecrease (to set take profit). Additionally, a new policy DisallowedAdapterIncomingassetsPolicy has been implemented.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
.png)

The most critical subjects covered in our audit are functional correctness, access control, and upgradeability. No significant vulnerabilities were identified during this review, therefore security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
In this project, the second version of the Arbitrum Extension of the TetherToken is implemented. This version of the token migrates the bridging functionalities from the Arbitrum Bridge to LayerZero.

The most critical subjects covered in our audit are asset solvency, internal accounting, functional correctness, and access control. Security regarding all the aforementioned subjects is good. Please note that several issues have been marked as risk accepted.
Security regarding internal accounting has been improved after fixing the issue State Not Updated Before Staking. Security regarding asset solvency has been improved after fixing the issue Disembarking AaveV3Ark Can Fail. Security regarding functional correctness has been improved after fixing the issues Tip Not Collected and Wrong Order Assumption in Withdrawable Arks Caching. The most critical issues have been addressed after the first intermediate report but some issues were introduced with the fixes, see Wrong Direction for Buffer Adjustment Checks.
The general subjects covered are gas efficiency, trustworthiness, specification, and code complexity. Security and quality regarding all the aforementioned subjects is high. Gas efficiency is good but can be enhanced further, see Gas Optimizations. See Power of AdmiralsQuarters role, Power of Governance and How to choose auction parameters for findings regarding privileged actions. See BuyTokens Can Revert From Frontrunning and Sequencer Downtime Can Influence Auction Price for findings regarding MEV. See Misnaming of Quadratic Decay Function for findings on terminology.
We want to highlight the assumptions over the governor role, i.e. the governor role is unique and is controlled only by the DAO, and its power over the system, see Roles and Trust Model and Power of Governance. We also want to highlight the limited use cases of PendlePtOracleArk, see System Overview and Excluded from scope.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Summer.fi primarily implements an investment protocol, where users can deposit their funds in a so called "fleet" which is bound to an underlying asset. The liquidity of each fleet is then managed by some trusted manager. The whole protocol is globally managed by a DAO controlled by the Summer token. Summer.fi also implements dutch auctions and rewards distribution for Summer Earn, an ark for Pendle PT token, a contract to batch user interactions with the system, and a contract to manage the vesting of Summer token.
.png)
Our review focuses exclusively on code security issues introduced by the changes against the forked codebase. The review does not cover any economic risks. Any errors made by privileged users of the system, including those due to misunderstanding the intricacies and caveats of the forked code base, are out of scope.
The most critical subjects covered in our audit are asset solvency, functional correctness, and access control. Security regarding asset solvency is high.
In the latest version of the codebase:
The general subjects covered are event handling, specifications, and precision of arithmetic operations, which are further improvable, see Events Are Improvable, Incorrect Specifications, and Loss of Precision in Price Calculation Due to Scaling Logic.
In summary, we find that the codebase provides a satisfactory level of security.
Continuing to allocate sufficient time for more extensive internal QA would further increase the security level of the codebase.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Decentralized USD implements USDD V2, a fork of the MakerDAO Protocol (now Sky) on the Tronblockchain. It enables users to mint USDD stablecoin using various collaterals.
.png)
The most critical subjects covered in our audit are asset solvency, functional correctness, and access control. The reported issue Incorrect USDT Address has been resolved, hence security regarding all the aforementioned subjects is high.
The general subjects covered are gas optimizations and specification. Security regarding both subjects is high.
In summary, we find that the codebase provides an good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Decentralized USD implements a Peg Stability module (PSM) for USDD V2. The PSM is a system designed to help maintain the peg of USDD by enabling the direct exchange of USDD for supported stablecoins (and vice versa) at a fixed exchange rate of 1:1.
.png)
The most critical subjects covered in our audit are asset solvency, functional correctness, and access control.
The general subjects covered are gas optimizations and specifications.
Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Decentralized USD implements an USDD Exchange contract which facilitates the one way exchange from the old TRC-20 USDD token to the new USDD token with a 1:1 exchange rate.
.png)
The most critical subjects covered in our audit are functional correctness, security of the vault's assets, and the proxy/upgradabilitiy pattern. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements an ERC-4626 USDC Vault wrapping interactions with the PSM and SavingsUSDS allowing users to deposit USDC and earn yield from the Sky savings rate.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
ChainSecurity has been consistently thorough in their reviews, reliable and accommodating in our time working with them.
Lucas Manuel, Co-founder at Phoenix Labs, working on Spark

The most critical subjects covered in our audit are function correctness, access control and integration with Symbiotic. The general subjects covered are gas efficiency, documentation and upgradeability. Security regarding the aforementioned subjects is good but improvable.
The most notable issues found were:
Note that the first two issues have been resolved through code correction. For the third and the fourth item, the risk has been accepted. Note that some other issues have been only partially corrected or their risk has been accepted.
Further, we provide some considerations for migration in Migration Considerations. See also the Notes for other considerations.
In summary, we find that the codebase provides a good but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Mellow Finance implements simple LRTs to tokenize deposits in Symbiotic.
"Mellow LRT is an innovative liquid restaking primitive allowing permissionless creation of modular LRTs. Mellow offers a series of vault smart contracts tailored to different risk profiles, managed by LRT curators."

The most critical subjects covered in our audit are precision of arithmetic operations, asset solvency, invariant preservation, functional correctness, and front-running. Several issues of high and critical severity issues were identified in the first two iterations of the codebase, see Resolved Findings. The Governance contract was refactored in Version 3 to mitigate the reported issues by changing the core accounting and placing new restrictions on user operations (always reset all votes before new allocations).
In summary, we find that the codebase provides a satisfactory level of security. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Liquity implements Liquity V2, a decentralized stablecoin system with user set interest rates, iterating on Liquity V1. For more information, see our audit report for Liquity V2 - Bold Smart Contracts.
Liquity V2 implements a voting contract that distributes the incoming revenues based on the votes from users that have a stake in the system. A set of contracts are also provided to simplify the development of smart contracts that serve as proposals in the voting, known as initiatives.
.png)
The most critical subjects covered in our audit are functional correctness, access control and message passing.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

The most critical subjects covered in our audit are asset solvency, internal accounting, functional correctness, and access control. Security regarding all the aforementioned subjects is good. Please note that several issues have been marked as risk accepted.
Security regarding internal accounting has been improved after fixing the issue State Not Updated Before Staking. Security regarding asset solvency has been improved after fixing the issue Disembarking AaveV3Ark Can Fail. Security regarding functional correctness has been improved after fixing the issues Tip Not Collected and Wrong Order Assumption in Withdrawable Arks Caching. The most critical issues have been addressed after the first intermediate report but some issues were introduced with the fixes, see Wrong Direction for Buffer Adjustment Checks.
The general subjects covered are gas efficiency, trustworthiness, specification, and code complexity. Security and quality regarding all the aforementioned subjects is high. Gas efficiency is good but can be enhanced further, see Gas Optimizations. See Power of AdmiralsQuarters role, Power of Governance and How to choose auction parameters for findings regarding privileged actions. See BuyTokens Can Revert From Frontrunning and Sequencer Downtime Can Influence Auction Price for findings regardingMEV. See Misnaming of Quadratic Decay Function for findings on terminology.
We want to highlight the assumptions over the governor role, i.e. the governor role is unique and is controlled only by the DAO, and its power over the system, see Roles and Trust Model and Power of Governance. We also want to highlight the limited use cases of PendlePtOracleArk, see SystemOverview and Excluded from scope.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Summer.fi primarily implements an investment protocol, where users can deposit their funds in a so called "fleet" which is bound to an underlying asset. The liquidity of each fleet is then managed by some trusted manager. The whole protocol is globally managed by a DAO controlled by the Summer token. Summer.fi also implements dutch auctions and rewards distribution for Summer Earn, an ark for PendlePT token, a contract to batch user interactions with the system, and a contract to manage the vesting of Summer token.
.png)

The most critical subjects covered in our audit are asset solvency, cross-contract interaction and access control. Security regarding all aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security. Discovered low-severity issues do not pose an immediate treat and can only be triggered by human error. They were addressed in Version 2 of the code; however redeployment was considered unwarranted. If bugs ever trigger, they can be mitigated by upgrading the system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
USDT0 offers a set of smart contracts that implement the Omnichain extension for USDT. These smart contracts rely on LayerZero's provided Omnichain Fungible Token (OFT) infrastructure to facilitate bridging functionalities to other chains.
.png)

The most critical subjects covered in our audit are proposal execution correctness, proposal sanitization during creation, and signature handling. Issues reported in the first version of the code were satisfactorily addressed. Security regarding all aforementioned topics is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Velodrome implements two governance mechanisms to direct the emission rate of the VELO token. The SimpleEpochGovernor allows a trusted EOA or MultiSig to change the emission rate, and the EpochGovernor implements a system where stakers of VELO in the Velodrome protocol can vote on how to change the emission rate.
"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."
.png)

The most critical subjects covered in our audit are soundness of the design, safety of arithmetics, and integration with concentrated liquidity oracles. Security regarding all aforementioned subjects is high.
In summary, we find that the codebase has a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Velodrome implements the Slipstream Dynamic Fee module. A fee module that integrates with the Slipstream Concentrated Liquidity AMMs to provide the pools with dynamic fees which depend on market volatility.
"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."
.png)
The most critical subjects covered in our audit are soundness and completeness. Before the intermediate report, several missing constraints allowed proving arbitrary statements:
• Padding Filter Allows Bypassing STARK Constraints
• Missing Constraints for Some starting values of STARKs
For details and further issues, please refer to the detailed issue description in the report. No issues were uncovered in Plonky2 Keccak.
After the intermediate report all issues have been resolved. In summary, we find that the Plonky2 Keccak256 and Plonky2 BN254 codebases provide a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Intmax implements two specialized libraries for use in Intmax2 ZKP: Plonky2 BN254 for scalar multiplication on the bn254 curve with additional utility functions and Plonky2 Keccak, a circuit gadget that calculates keccak256 hashes compatible with Solidity.

The most critical subjects covered in our audit are functional correctness, integration with Arrakis Modular and external systems, asset solvency and precision of arithmetic operations. The general subjects covered are specification, gas efficiency, and trustworthiness.
The most significant findings are:
• Array manipulation during iteration
• Bad rounding
• Manager fee collected multiple times
• Token allowance abuse during module change
The first three items have been corrected through code corrections while the risk for the last one has been accepted. Note that other lower severity issues have been partially corrected or acknowledged.
It is also worth noting that the project is subject to certain roles that are not fully trusted and can, theoretically, extract small parts of the liquidity in discrete timer intervals. See Possibilities of executors to drain funds for details.
In summary, we find that the codebase provides a good level of security, although it depends on the correct usage by trusted accounts.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Arrakis Finance implements modules integrating with Uniswap V4 for Arrakis Modular. That allows managers to manage a vault's liquidity on Uniswap V4.
"Arrakis is web3's trustless market making infrastructure protocol that enables running sophisticated algorithmic strategies on Uniswap V3. Liquidity providers can utilize Arrakis Vaults to have their liquidity be managed in an automated, capital efficient, non-custodial and transparent manner."

The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Client implements DssVest, an abstract contract for creating vesting plans, with concrete implementations defining payout methods (mintable, transferable, suckable). In this latest version, DssVestSuckable has been refactored to support USDS.


Throughout the engagement, the communication and cooperation with the Curve and Yearn teams were excellent. The Curve team was responsive and provided the necessary information to conduct the audit efficiently. Besides the audit we also supported the Curve team with questions and feedback on the codebase.
The general subjects covered were proper use of Yearn vault, access control, and correct accounting.Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security. Yet, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Curve adopted Yearn's vault to distribute rewards to crvUSD holders that deposit their tokens in the vault. The rewards' origin from fees generated by Curve's stablecoin system. If the vault registers a profit, the profit is paid to the users over time by issuing shares to the vault backed by the profit and burning these shares over time.
Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”
.png)
The most critical subjects covered in our audit are integration with external protocols, DoS possibilities and functional correctness. The general subjects covered are upgradeability, gas efficiency and event emissions.
The most significant findings Broken clisBNB withdrawals and DoS by Donation have been corrected through code correction.
In summary, we find that the codebase provides a good level of security.
Moreover, we would like to highlight that it is necessary to make the assumptions described in Integration with Lista DAO to reliably integrate with the Lista DAO protocol. Failure to meet these assumptions could put Kernel user funds at risk.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Kernel DAO provides a token staking system that manages user assets within designated vaults. The contracts are upgradeable and form the basis for the development of a restaking protocol that KernelDAO ultimately plans to implement.
"Kernel is a premier restaking protocol maximizing staked assets' potential."
.png)

The most critical subjects covered in our audit are functional correctness and accounting correctness.
Functional correctness has been improved, as the new liquidation mechanism could interfere with the existing one, see buyExpiredCollateral Can Disincentivize Challenging. Additionally, the minimum collateral requirement for positions was not enforced, see Minimum Collateral Can Be Partially Withdrawn. Accounting correctness was improvable, as bad debt was not accounted correctly, see forceSale Does Not Account for Bad Debt.
The general subjects covered are specification and trust model. Specification is improvable, as the only specification provided was in the form of code comments. Security regarding the trust model is high, as the system still relies on the same trust model as the original Frankencoin contracts, with no additional trusted roles.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Frankencoin implements extensions to the already deployed Frankencoin stablecoin system. The extensions include a MintingHub with variable interest rates, a PositionRoller that enables flashloans, and a Savings module. The contracts must be accepted as Minters by Frankencoin Governance to become usable.
“Frankencoin is a collateralized, oracle-free stablecoin that tracks the value of the Swiss franc. Its strengths are its decentralization and its versatility.”


The most critical subjects covered in our audit are functional correctness, the isolation of the adapter from the rest of the system, and the correct integration with the external system. The isolation of the adapter was improved in response to BatchTrade Should Revert On Error. Security regarding all aforementioned subjects is high.
Some notes on the external system’s behavior can be found in Replayable TradeSigner Signature and Rebasing Tokens with Transfer Loss are Not Supported.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
31Third implements an adapter for Enzyme, which allows batch trades using the 31Third protocol. The adapter was made possible through an Enzyme grant to 31Third.
—
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

The most critical subjects covered in our review are protocol correctness and network security. Security regarding protocol correctness is high. Network security is improvable, see Insecure TLS Default Configuration.
The general subjects covered are behavior in the presence of malicious nodes and denial-of-service vectors. Security regarding all the aforementioned subjects is good. Functionality issues may arise in the presence of malicious nodes, see Crash by Malicious Operator and Ignored DKG Phases. Plausible denial-of-service vectors have been found, see Denial of Service via Spam.
In summary, we find that the codebase provides a good level of security.
It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SSV Labs implements a distributed key generation tool to enable the creation of threshold keypairs for Ethereum validators.
.png)

The most critical subjects covered in our audit are integration with the Velodrome superchain system, cross-chain compatibility, and gauge liquidity accounting. The security of all aforementioned subjects is high, after some of the issues uncovered by ChainSecurity were properly addressed.
The general subjects covered in our audit are ABI compatibility of similar contracts, address collisions, correct deployment of pools and gauges. The security of all aforementioned subjects is high. Possibility of address collisions are discussed in the note Attackers can in the future generate address collisions.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Velodrome implements Superchain Slipstream, a Superchain extension of the Velodrome Slipstream concentrated liquidity pools and liquidity mining incentives. Superchain Slipstream allows deploying Concentrated Liquidity pools and gauges on Leaf chains, chains which are part of the Optimism Superchain ecosystem. The Leaf chain gauges will receive rewards for Liquidity Providers in the form of Velodrome emissions bridged from the Root chain (OP Mainnet).
"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."
.png)

The most critical subjects covered in our audit are functional correctness and access control. General subjects covered are gas efficiency and trustworthiness. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
In this iteration we reviewed the new BurnerRouter and its corresponding BurnerRouterFactory. BurnerRouter is a contract that allows for the redirection of slashed collateral tokens to configurable addresses. It provides the flexibility to change and configure the receiver of slashed tokens.


The most critical subjects covered in our audit are LP token price manipulation by unprivileged users, price manipulation by privileged users, and decimal precision in mathematical operations. For all aforementioned subjects, the security is high.
The general subject covered by this audit is the integration of SafeguardPool LP tokens as collateral in Euler lending markets. Regarding this subject security is good, but as seen in Potentially significant underpricing in Some Scenarios, the price returned by the oracle is only a lower bound on the value of the LP tokens. Users whose positions are collateralized by SafeguardPool LP tokens should be aware of the pricing mechanism.
Since the price returned by the oracle is a lower bound, ChainSecurity reminds future users of SwaapSafeguardOracle that it can only be used to price the collateral of lending markets, and never the borrowable token.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Swaap Labs implements SwaapSafeguardOracle, a price feed that integrates in the Euler Price Oracles system to allow using Liquidity Tokens of Swaap SafeguardPool as collateral in Euler vaults.
.png)

The most critical subjects covered in our audit are functional correctness, access control and front-running prevention. Security regarding all the aforementioned subjects is high. However, one minor issue was found, that might endanger the system, if access control restrictions are ever softened, see CreateX entropy bit limit.
The general subjects covered are code complexity, upgradeability and unit testing. Code complexity is low due to the use of standard libraries and good readability. Security regarding Upgradeability is good. Testing is good, but the compiler version is not fixed for tests and deployment, see Floating pragma version.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Velodrome Superchain is an extension of existing Velodrome V2 Optimism reward mechanics to other networks within the Optimism Superchain ecosystem. Deployments on all leaf chains are managed from the Optimism mainnet Root chain, via Hyperlane bridge infrastructure.
"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."

The most critical subjects covered in our audit are callback handling, nested operations, nonce processing, and slippage protection in swaps. Security regarding all aforementioned subjects is high. The unexpected slippage caused by accumulation of deviations of oracles, described in RecurringSwap Oracle deviations contributing to slippage, has been acknowledged as part of the behavior of the system, and properly documented.
All the issues raised have been satisfactorily addressed by Legend Labs, however a QuarkWallet is designed to execute arbitrary code in the context of a user's wallet through delegatecall. Script developers must understand the core mechanics of the Quark wallet before integrating with it, and Legend Labs should safeguard users against blind-signing malicious payloads by providing appropriate tooling to inspect wallet operations.
In summary, we find that the Quark codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Legend Labs implements Quark v2, a smart contract wallet that enables accounts to run arbitrary scripts, Legend Labs also provides a suite of scripts to facilitate wallet operation and interact with DeFi systems. This audit follows our first audit of Quark, which can be found here. The new system implements an updated version of nonce control and state isolation, and introduces transient storage.
.png)
The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. The general subjects covered are documentation, unit testing and gas efficiency. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements a peg stability module that supports three assets - two stable coins (USDC and USDS) and one yield-bearing wrapped stablecoin (sUSDS). That is intended to both stabilize the peg and offer liquidity on L2s.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
.png)
The most critical subjects covered in our audit are the security of the funds and the liveness and correctness of the bridging process. Only minor issues were uncovered. Security regarding all the aforementioned subjects is high.
The general subjects covered are the efficiency of the implementation, centralization, specification, documentation, and testing. The efficiency of the implementation could be improved in some cases. The centralization of the system is very high. This means that the admins of the system are in full control of the funds on the bridge and Tron. Specification and documentation are sufficient as well as unit testing.End-to-end testing seems to not be sufficient. This is particularly important given that TronVM might differ from Ethereum in unexpected ways.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
JustCrypto launches a Tron-peg USDC token on Tron Chain and implements a bridge between Ethereum and Tron to allow users to transfer USDC between the two chains. Users' assets are locked on TronUSDCBridge contract controlled by TronUSDCBridgeController. An operator of the bridge then mints an appropriate amount of USDC on Tron. Tron USDC is controlled by the USDCController.

The most critical subjects covered in our audit are functional correctness, access control and the integration with Arbitrum's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a custom token bridge between Ethereum and Arbitrum that supports the bridging of multiple tokens.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.
The most critical subjects covered in our audit are functional correctness, access control and the integration with the OP stack's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are functional correctness, and access control. Security regarding all the aforementioned subjects is high.
The audit did not uncover any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Enzyme Foundation implements a smart account for AaveV3 flash loans. Only flash loans with interestRateMode 0 can be performed, enforcing the flash loan to revert if not payed back directly.

The most critical subjects covered in our audit are functional correctness, access control and front running resistance.
Security regarding all the aforementioned subjects is high. A missing sanity check (see Rate is not validated) has been added.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a governance token and an exchange contract for exchanging MKR against the new token in a predefined ratio. This audit report reviews the security and correctness of the corresponding deployment scripts.
--
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

The most critical subjects covered in our audit are functional correctness, security of the assets and the proxy/upgradability pattern. Security regarding all the aforementioned subjects is high.
The general subjects covered include the specification, adherence to the ERC standards and optimisations.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements Savings USDS, a tokenized implementation of a savings rate for USDS.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO introduces a new stablecoin token (USDS, rebranded DAI) along with a permissionless converter for 1:1 conversions between DAI and USDS. The USDS is an ERC-20-compliant token, and the converter, DaiUsds, enables seamless exchanges. The project also features UsdsJoin, which is the USDS equivalent of DaiJoin.
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are denial of service, correct access control and correct usage of the new Vyper modules. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Curve implements fee splitter to distribute fees (in crvUSD token) from the crvUSD stablecoin markets to different recipient according to configured weights.
“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.
Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”

The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to afarm contract on OP Stack L2s.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

.png)
The most critical subjects covered in our audit are asset solvency and front-running resistance. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, code complexity, and documentation. Security regarding all the aforementioned subjects is satisfactory, but can be improved, see Franchiser.subDelegateMany() Modifier Called in a Loop and Inaccurate NatSpec.
In summary, we find that the codebase provides a high level of security. No issues were identified that would pose a significant risk to the system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Uniswap Foundation implements a Franchiser system, that allows multi-level delegation of UNI tokens' voting power.
"The Uniswap Foundation is dedicated to building a self-sustaining community that contributes to the future growth of the Uniswap Protocol. We have strategically designed our grants program to create a long-lasting ecosystem made up of developers, researchers, and governance contributors. We strive to create shared ownership for our entire community and work with them to define the future of DeFi’s most important protocol."
.png)
SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.
The most critical subjects covered in our audit are functional correctness, access control and message passing.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

The most critical subjects covered in our audit are asset solvency, functional correctness and the correct integration into the existing D3M v2 system.
The general subjects covered include the consistency of the codebase. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO has implemented a new component for the existing D3M v2 system: a pool supporting USDS deposits into Aave V3-like protocols without supply caps, such as SparkLend.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.
Security regarding all the aforementioned subjects is high. Some Missing checks introduced small problems but these have been fixed / will be fixed as soon as it is possible.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements an allocation system for funding certain SubDAOs of the MakerDAO ecosystem with USDS. This audit report reviews the security and correctness of the corresponding deployment scripts.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.
The most critical subjects covered in our audit are asset solvency, access control and functional correctness. Security regarding all the aforementioned subjects is high.
The general subjects covered are specification and integration with 3rd party systems. All the aforementioned subjects are covered well.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are frontrunning, effect of withdrawal delays, and jumps in value because of slashings. Security regarding all the aforementioned subjects is high.
The general subjects covered are accounting of assets, and correct integration. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Swell implements Symbiotic-Aera Adapter, an adapter smart contract that allows the Aera treasury management protocol to deposit funds in the Symbiotic restaking protocol. Swell intends to use this within the scope of the swBTC project, to allocate WBTC to Symbiotic through a managed Aera vault.
--
"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."


Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.
The most critical subjects covered in our audit are the functional correctness of the delayed withdrawal module and the correct integration of Yearn's VaultV3 and tokenized strategy systems. Security regarding all the aforementioned subjects is extensive.
Other general subjects covered are access control and interactions with the Aera vault. Security regarding all the aforementioned subjects is high.
The test coverage is minimal and should be improved to ensure that all code paths and features are tested.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.
"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."

The most critical subjects covered in our audit are functional correctness and security. The general subjects covered include usability, gas efficiency, and documentation.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a permissionless wrapper to swap USDS using the PSM-lite.
--
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
.png)
SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.
The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. Security regarding all the aforementioned subjects is high.
The general subjects covered are unit testing and documentation. Both are good. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.
Security regarding all aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
MakerDAO implements a migration script that moves MakerDAO’s DAI/MKR Uniswap v2 LP position to a new USDS/SKY pool.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are functional correctness and resistance to oracle manipulations. The contracts are functionally correct and are, in most cases, resistant against oracle manipulations under the assumptions that:
However, some certain edge conditions can enable oracle manipulation attacks that are able to extract value: Oracle manipulation during withdrawal. Conic, for now, accepts this risk and tries to find an optimal solution.
In summary, we find that the codebase provides an improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Conic implements a new oracle for pricing LP tokens of Curve Crypto pools. Additionally, Conic implements a new contract for determining the share of CNC rewards that is distributed to each Conic pool.
“Conic Finance is an easy-to-use platform built for liquidity providers to easily diversify their exposure to multiple Curve pools. Any user can provide liquidity into a Conic Omnipool which allocates funds across Curve in proportion to protocol controlled pool weights.”


The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.
The audit did not uncover any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Enzyme Foundation implements two new Enzyme price feeds: a primitive price feed that converts ynETH (YieldNest ETH) to ETH and a derivative price feed that converts Stader SD tokens to ETH.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

The most critical subjects covered in our audit are correctness of the proxy upgrade and the overall functional correctness. Security regarding both subjects is high after Storage Collisions have been mitigated.
The documentation of the codebase is improvable.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Polygon implements several changes to the Polygon ecosystem that consolidate the transition to the POL token, the native token for Polygon 2.0 and the successor to the MATIC token.
--
“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”


This is a LIMITED REVIEW: a time-bound effort to provide security insights on a codebase without reviewing it fully.
Due to the complexity of Java-Tron and the limited allocated time, this review cannot uncover all the bugs inside of it. Instead, the goal of this review was to uncover as many bugs as possible while focusing on the following parts of the code:
• Tron Virtual Machine (TVM)
• Consensus
• Peer-to-Peer (P2P)
Some of the most significant findings are:
• PBFT Messages Create State Expansion
• Unpermissioned Censoring of Fork Blocks
• Resource Consumption by Blocks Not Signed by Witnesses
These three findings have all been addressed through code corrections. For some other issues, the risks have been accepted based on the assumption of economically acting super representatives. Lastly, some issues with non-critical severity have been redacted to prevent malicious actors from creating disturbances.
It is important to note that such reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Tron uses Java-Tron as the node software to run the Tron network. Hence, Java-Tron is (among other things) responsible for executing transactions, generating blocks, achieving consensus and operating the peer-to-peer network.
"TRON is dedicated to accelerating the decentralization of the Internet via blockchain technology and decentralized applications (DApps)."


The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.
The audit did not find any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Enzyme Foundation implements a new Enzyme price feed that converts wstETH to ETH.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

The most critical subjects covered in our audit are functional correctness, asset solvency, arithmetic operations and oracle safety.
Generally, functional correctness is good. However, note that there are some low-severity issuesregarding functional correctness. Security regarding the remaining subjects is high.
The general subjects covered are gas efficiency, trustworthiness, error handling and specification.Security regarding all the aforementioned subjects is good. However, specifications could be improved,see Initial Liquidity Mismatches Whitepaper and Mismatches With EIP-5115.
In summary, we find that the codebase provides a good level of security. Also, note that the security ofSYs is highly dependent on the more derived implementation which was out of scope. Further, note thatthe scope only includes the base SY implementation, PY V1 and markets V1. Please see AssessmentOverview, Trust Model and Roles, and Notes.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Pendle Finance implements a yield tokenization platform along with an interest rate market. The products are built on top of each other and use the implementations of the standardized yield standard as a baselayer.
"With Pendle, you can always maximise your yield: increase your yield exposure in bull markets and hedge against yield downturns during bear markets."


The most critical subjects covered in our audit are asset solvency, functional correctness and integration with external systems and Enzyme's core system. Security regarding all the aforementioned subjects is high.
The general subjects covered are error handling, specification and trustworthiness. Security regarding all the aforementioned subjects is high. Note that the trust model for using GSN slightly changed, see the note Gas relay paymaster will fund arbitrary calls.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Avantgarde Finance implements a price feed for EETH and a wrapper for Chainlink-like oracles with non-standard decimals. Additionally, the GSN integration is adapted. A new policy restricting redeem-for-specific-assets is introduced along with a peripheral FIFO contract that can redeem-for-specific-assets. Further, an asset manager contract is introduced that limits the share price loss an asset manager can cause. For integrations, a Pendle Finance external position and a Swell adapter are introduced.
---
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.

The most critical subjects covered in our audit are asset solvency, functional correctness and security. Security regarding all the aforementioned subjects is high.
The general subjects covered are documentation, gas efficiency and the integration of the wrapper into the existing system. All reported issues have been addressed in the latest version of the codebase.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
M^ZERO Labs implements an upgradable, non-rebasing wrapper for the M token, supporting yield accrual while respecting the original whitelist of earners.
.png)

The most critical subjects covered in our audit are functional correctness, role management and front-running tolerance.
Security regarding the aforementioned subjects is high as only minor issues could be uncovered during this review.
It should be noted that the protocol design is very open, allowing various participants to create registered smart contracts with configurations that can potentially be dangerous. For this reason, it is advised to take special care when trusting any vaults, networks and operators.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SymbioticFi implements a security layer for restaking. Deposited tokens can be assigned to operators running node software of networks. The assigned tokens are guaranteed to be slashable by networks incase of operator misbehaviors.

The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to aFarm contract on Arbitrum L2.
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are the isolation of the pools, asset solvency and functional correctness.
The general subjects covered are usability, oracle security, access control, adherence to the specification and general design issues.
All issues uncovered during the review process have been addressed with suitable fixes. We believe the codebase to have a satisfactory level of security. The high complexity and extensibility of the project present a large attack surface. VESU internally relies primarily on one smart contract developer which, even though supported by external reviewers, limits the ability for internal QA. During the audit timeline, significant improvements in design and overall code quality have been achieved, but some novel issues and regressions remained present during the last review cycle. In our experience, these factors combined present an elevated risk of undiscovered vulnerabilities in the current codebase.
Continuing to allocate sufficient time and resources, strengthening the robustness of the design, and introducing internal security-focused quality assurance practices such as thorough unit- and regression-testing can significantly increase the level of security of the codebase and our confidence in it.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
VESU implements a fully permissionless DeFi lending protocol. Anyone can deploy and configure a pool. A core contract called Singleton holds all funds and manages all pools. All operations go through theSingleton, each pool has an extension which is called before/after any operation and defines the values for the operation. A default extension is provided, arbitrary extensions and/or misconfigured parameters can break their respective pools without affecting the rest of the protocol.
.png)
The most critical subjects covered in our audit are access control and functional correctness. The generalsubjects covered are unit testing, specification and trustworthiness. Security regarding all theaforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
SparkDAO implements a relay for governance actions that allows for the execution of governance proposals across chains.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."

Spacing Guild implements an ecosystem of private and public vaults with strategies managed by the Arrakis backend. The vaults use so-called modules to integrate with a third-party system to implement the strategies. Currently, the only available module is an integration with Valantis HOT.
The most critical subjects covered in our audit are asset solvency, functional correctness and precision of arithmetic operations. Security regarding all the afore mentioned subjects is good.
The general subjects covered are code complexity, gas efficiency, testing, and trustworthiness. Security regarding all the aforementioned subjects is satisfactory. However, the review brought to light the lack of thorough and meaningful testing, basic unit tests are done, but some of the bugs uncovered during the review could have been caught by proper end-to-end testing, see Rebasing Tokens Can Cripple theFunctionality of Vaults and RouterSwapExecutor Cannot Swap to Native Token. We encourage SpacingGuild to implement a more complete test suite.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Spacing Guild implements an ecosystem of private and public vaults with strategies managed by the Arrakis backend. The vaults use so-called modules to integrate with a third-party system to implement the strategies. Currently, the only available module is an integration with Valantis HOT.
"Arrakis is web3's trustless market making infrastructure protocol that enables running sophisticated algorithmic strategies on Uniswap V3. Liquidity providers can utilize Arrakis Vaults to have their liquidity be managed in an automated, capital efficient, non-custodial and transparent manner."

The most critical subjects covered in our audit are functional correctness, assets solvency and the correct adherence to the MakerDAO specifications. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, interaction with third party systems and the documentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
Maker implements a gas-efficient Peg Stability Module (PSM) where users can freely swap Dai for stablecoins.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


The most critical subjects covered in our audit are functional correctness, precision of arithmetic operations, and front-running.
Front-running protection has improved, as there was previously missing slippage protection, see Stop-Loss missing slippage protection. Functional correctness has improved, as swaps could previously fail on external markets, see Position Can Become Impossible to Close Due to Zero Swaps. Precision of arithmetic operations has been improved as there were previously rounding issues when providing liquidity, see Inflation Attack on Newly Added Tokens.
The general subjects covered are specification and gas efficiency.
The specification has improved, as the changes made during the fixes review process make the system more robust than it was previously, see Large Liquidations Can Fail. Gas efficiency has improved, as there were a large number of unecessary storage writes and reads in the margin dex contract, see Reading Unused Values from Storage in MarginDex.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Unstoppable offers a margin trading platform that leverages the existing liquidity of decentralized exchanges (DEXs).
---
"Unstoppable is on a mission to render centralized platforms obsolete by providing a comprehensive permissionless alternative for every CEX feature."

The most critical subjects covered in our audit are the usage of transient storage and functionalcorrectness. Functional correctness is improvable due to incorrect data being written, see Aave V3actions bad data written. Additionally, there could be reentrancy scenarios in bad setups, see ReentrancyInto the Contract. In case governance is untrusted, governance could add contracts such that this couldbe exploited. Further, the design is improvable due to Collisions on Operations.
The general subjects covered are documentation, trustworthiness and gas efficiency. Documentation isimprovable, see Unclear actions setup. Trustworthiness is satisfactory. However, it is improvable, see theparagraph above.
In summary, we find that the codebase provides a satisfactory but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
Summer.fi implements updates to the DeFi Modular (DMA) Actions v2 architecture to support the usage of transient storage. See the previous report for reference.
---
“Summer.fi mission is to provide the best and most trusted entry point to deploy your capital. We are building Summer.fi to let our users benefit from all of the potential in DeFi. Our team is made of passionate thinkers and builders.”

Limited code reviews are best-effort checks and do not provide assurance comparable to a non-limited code assessment. This review was not conducted as an exhaustive search for bugs, but rather as a best effort sanity check. Given the large scope and codebase and the limited time, the findings are not exhaustive.
During the review we were able to uncover a medium severity issue regarding function deduplication. More specifically, functions that are not functionally identical could be assumed as such. As a result, calls to some of them would be replaced with calls to another one.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Fuel implements various optimization passes for the IR. These aim to facilitate the bytecode generation that follows in the later steps of the compilation, as well as to improve the overall efficiency of the compiled program, both in terms of size and execution cost.
---
"Fuel is an operating system purpose-built for Ethereum rollups, designed to help developers build decentralized economies at scale".


The most critical subjects covered in our audit are functional correctness, access control and asset solvency. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, trustworthiness, and upgradeability. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Everstake implements a system to replace Everstake's core system in case of emergency. If due to any reasons, the Everstake protocol becomes unhealthy, the implementation in their deployed proxies will temporarily switch to the corresponding Dummy contract, until the issue gets addressed.
--
“Everstake is a responsible validator trusted by 625k+ users across 70+ blockchain networks. Created by engineers for the entire community in 2018”


The most critical subjects covered in our audit are the correctness of the accounting, asset solvency, access control and functional correctness. During the audit, the most important reported issues were:
• Replacing a Validator Eventually Blocks the System
• Usage of address(this).balance in restake Can Block the System that requires from Everstake to inject liquidity to correct the accounting in case of necessity.
The issues have been fixed during the second week of the audit.
Security regarding all the aforementioned subjects is satisfactory. Even though the probability of one of the validators getting slashed is low, slashing could occur. That would require manual, trust-based intervention, see Slashing is not taken into account and Trust Model.
The general subjects covered are documentation, unit testing, code complexity, and gas efficiency. Documentation has been greatly improved after Version 3. Unit testing and testing in general is basic, a good test suite will help ensure corner cases are considered.
In summary, we find that the codebase provides a satisfactory level of security, provided the Trust Model. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Everstake implements a pooled staking service for Ethereum, where the rewards are reinvested in the pool and the validators are managed by Everstake.
--
“Everstake is a responsible validator trusted by 625k+ users across 70+ blockchain networks. Created by engineers for the entire community in 2018”

The most critical subjects covered in our audit are compliance with the specification, correctness of the arithmetic operations, and functional correctness. No major issues were uncovered. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Lido implements an improvement of the OracleReportSanityChecker which aims to mitigate the riskof malicious oracle daemons colluding and reporting excessive negative rebases of stETH.
“Lido is a liquid staking solution for ETH backed by industry-leading staking providers. Lido lets users stake their ETH – without locking assets or maintaining infrastructure – whilst participating in on-chain activities, e.g. lending.
Lido attempts to solve the problems associated with initial ETH staking – illiquidity, immovability and accessibility – making staked ETH liquid and allowing for participation with any amount of ETH to improve security of the Ethereum network.”


Limited code reviews are best-effort checks and don't provide assurance comparable to a non-limitedcode assessment. This review was not conducted as an exhaustive search for bugs, but rather as abest-effort sanity check for the pull requests of interests. The review was executed by one engineer overtwo weeks. Given the large scope and codebase and the limited time, the findings aren't exhaustive.
The most critical subjects covered in our review are the functional correctness of the ABI decode routine,invalid memory and storage reads as well as correct handling of function exports. Several issues werefound in the ABI decoding routine as shown in the issues ABI-decode incorrect checks for complex typeshead and ABI-decode incorrect checks for Dynamic array head and fixed in subsequent pull requests.Additionally make_setter overlaps with static call presents an issue with an invalid read due to aread-after-write pattern.
It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
The following sections will give an overview of the system, our methodology, the issues uncovered andhow they have been addressed. We are happy to receive questions and feedback to improve our service.
This review concentrated on multiple pull requests of the to-be-released version 0.4.0 of the Vypercompiler. The review focused on the ABI decode routine, recent fixes and new features such as functionexports or transient storage integration.
---
“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”

The most critical subjects covered in our audit are the system's solvency, the precision and correctness of arithmetic operations and oracle manipulation resistance. We found that the security of the former two topics is high. Oracle manipulation resistance is high, especially since the BAMM does not rely on an oracle as a traditional Lending protocol would, however, we emphasize the costs and risks of oracle manipulation in Oracle manipulation on FIFO L2s.
Other general subjects covered are rounding direction correctness and denial of service. We found that the rounding direction has generally been implemented correctly and only minor denial of service patterns were found and documented in Denial of Service against liquidations and Denial of Service against redeeming and executing actions.
Frax Finance has been very responsive to our findings and has addressed most of the issues we reported. The remaining issues are minor and do not pose a significant problem.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Frax Finance implements BAMM, a Borrow AMM, that wraps Frax swap LP tokens and allows users to borrow the two underlying assets of the pair.
"The Frax ecosystem is a self-sufficient DeFi economy utilizing stablecoins as currency."

The most critical subjects covered in our audit are liquidation rewards, functional correctness and precision of arithmetic operations.
Security regarding liquidation incentives is high, an unexpected peculiarity was identified where the system can incentivize liquidators to perform multiple partial liquidations instead of a single full liquidation (see Multiple partial Liquidations can result in higher than expected discount). Security regarding functional correctness and arithmetic precision are also high.
The general subjects covered are liveness, solvency, and access control. Security regarding all theaforementioned subjects is high.
During the review by ChainSecurity, issues identified by other concurrent auditors were disclosed before they could be found by ChainSecurity. Those issues are not included in the report, and we are unable to tell whether they would have been found or not.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
Euler implements Euler Vault Kit, a system for building lending vaults where lenders can earn interest on their deposited assets and borrowers can borrow the deposited assets against collateral. The system is designed to be modular, allowing the creation of lending markets with flexible configurations.
—
Euler v2 is a modular lending platform with two main components at launch: 1) the Euler Vault Kit (EVK), which empowers builders to deploy and chain together their own customised lending vaults in a permissionless manner; and 2) the Ethereum Vault Connector (EVC), a powerful, immutable, primitive which give vaults superpowers by allowing their use as collateral for other vaults. Together, the EVK and EVC provide the flexibility to build or recreate any type of pre-existing or future-state lending product inside the Euler ecosystem.