The full report, including the scope of the audit, findings and considered properties, is available #here.
During the investigation ChainSecurity noted that the project is of high quality, employs good coding practices and has clean code. Despite the system’s complexity the DAO maintain a clear overall structure thanks to the high degree of modularity and low coupling between components.
The system’s specifications were verified against a set of general and adversarial assumptions and an attacker model. As a result ChainSecurity was able to uncover several security vulnerabilities of varying severity as well as propose design optimizations and improvements. Most notably, a missing verification check would allow beneficiaries to redeem their reputation multiple times.
Finally, ChainSecurity remarks that all vulnerabilities and issues were professionally and swiftly addressed by the DAOstack team leading to a more resilient, efficient and secure system.
About DAOstack
DAOstack powers decentralized companies, funds and markets to make fast and innovative decisions at scale. It’s a platform for decentralized governance that enables collectives to self-organize around shared goals or values, easily and efficiently. DAOstack is sometimes called an operating system for collective intelligence, or a Wordpress for DAOs.
Find out more about DAOStack #here.