Audits
Extension Core & Backend Services
Auditor: Enigma Dark Date: February 2025 Status: β All issues resolved
The Wallet Extension Core and Backend Services underwent a comprehensive 3-week security review and penetration testing engagement. The audit covered the browser extension, backend APIs, and infrastructure components.
Findings:
- 0 Critical
- 3 High (all fixed)
- 3 Medium (all fixed)
- 2 Low (all fixed)
- 2 Informational (all fixed)
Key issues addressed included AWS credential management, API secret leakage protection, DoS prevention, and memory security for sensitive data.
Download: View full audit report | GitHub
Strategy Module (Smart Contracts)
Auditor: vnmrtz (Victor Martinez) Date: November 2023 Status: β Production-ready
The Strategy Module smart contracts underwent a comprehensive security audit covering the factory, proxy, and handler implementations for major DeFi protocols including Uniswap, Aave, Compound, and Lido.
Findings:
- 0 Critical
- 2 High (all fixed)
- 5 Medium (3 fixed, 2 acknowledged)
- 3 Low (all fixed)
- 8 Informational/Gas optimizations (5 fixed, 3 acknowledged)
Key improvements included fixing transaction replay vulnerabilities, implementing proper EIP-712 signatures, enhancing flash loan callback security, and optimizing gas efficiency.
Download: View full audit report | GitHub
Recurring Execution Module
Coming soon ...