Summary
The smart contracts are forked from Frankencoin v2024, which we previously audited. This review was limited to the changes applied by dEURO, under the assumption that the Frankencoin codebase does not contain any vulnerabilities.
The most critical subjects covered in our audit are asset solvency, functional correctness and accounting correctness. Security regarding asset solvency was improved, see Interest Accrual Can Lead to Under-Collateralization. Security regarding functional correctness was improved, see Auctions May Never End. Accounting correctness is improvable, see Challengers must calculate virtualPrice themselves.
In summary, we find that the codebase currently provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About dEURO Smart Contracts
dEURO implements a decentralized protocol to issue dEURO on-chain, a stablecoin that is pegged to theEuro. Each dEURO minted is backed either by collateral assets or other trusted stablecoins pegged to the EURO.
We chose Chainsecurity to audit dEURO because they had already worked on Frankencoin and understood the protocol inside out. That background, combined with their reputation for top-tier audits, made them the obvious choice. The process was smooth, the findings were clear and helpful, and we were glad to share the results with our community.
Patrick Larsen-Ledet, Lead Developer at dEURO Association