Back to Overview

DAOstack v2 Security Audit

We have successfully completed a security audit of the DAOstack smart contracts. The audit process was performed over the course of four weeks and involved four security experts. See our report to find out more about the scope of the audit, the considered properties, and our findings.

Summary

During the investigation ChainSecurity Ltd noted that the project is of high quality, employs good coding practices and has clean code. Despite the system’s complexity the DAO maintain a clear overall structure thanks to the high degree of modularity and low coupling between components.

The system’s specifications were verified against a set of general and adversarial assumptions and an attacker model. As a result ChainSecurity Ltd was able to uncover several security vulnerabilities of varying severity as well as propose design optimizations and improvements. Most notably, a missing verification check would allow beneficiaries to redeem their reputation multiple times.

Finally, ChainSecurity Ltd remarks that all vulnerabilities and issues were professionally and swiftly addressed by the DAOstack team leading to a more resilient, efficient and secure system.

About DAOstack v2

DAOstack powers decentralized companies, funds and markets to make fast and innovative decisions at scale. It’s a platform for decentralized governance that enables collectives to self-organize around shared goals or values, easily and efficiently. DAOstack is sometimes called an operating system for collective intelligence, or a Wordpress for DAOs.

Find out more about DAOStack at daostack.io