Summary
The most critical subjects covered in our audit are functional correctness and memory consistency.
Security regarding all the aforementioned subjects is high.
The general subjects covered are a check of the specification and error handling. The specification is improvable, e.g. examples of encoded data can be added. Error handling is improved, after the fix of Assumptions on output from unsuccessful call.
In summary, we find that the codebase provides a good level of security. The remaining unfixed Complexity of Commands Effect Evaluation issue is fundamentally linked to the same risks as any other Ethereum transaction – however, the novelty of Enso-Weiroll requires additional tooling and user education to minimize this risk.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Enso Weiroll Smart Contracts
Enso implements Enso-Weiroll – a virtual machine that is capable of grouping a chain of smart contract function calls into a single transaction. This chain of operations, or scripts, can perform arbitrary calls with user-defined data and allow the output of one command to be used as the input for the subsequent commands.
“A unified DeFi API that enables you to interact with all DeFi primitives conveniently.”