ChainSecurity has completed a security audit of Kyber.Network. See the full report to learn more about the scope of the audit and considered properties.
Kyber is building The Decentralized Liquidity Network that powers instant and seamless inter-token transactions between platforms, ecosystems, and other use cases. By allowing open contribution of liquidity from token holders and easy integration from DApps and projects to leverage the contributed liquidity pool, Kyber enables a more connected tokenized world where tokens are liquid and useful.
These interesting properties of Kyber’s platform make the smart contract security non-trivial. Kyber has a detailed trust model that combines upgradability and trustworthiness, an achievement that is rarely seen. In particular, users are protected by the proxy contract from misbehaving administrators or exchanges. This is because the proxy contract enforces a minimal conversion rate while still allowing upgrades to the underlying business logic.
Overall, the ChainSecurity team found that Kyber’s platform is well-designed. Moreover, the implementation of the smart contracts is clean, follows best practices and guidelines, and comes with an extensive test suite. During the security audit, the ChainSecurity team made several minor recommendations, which have been addressed by the Kyber team and so we see no remaining security issues.