MakerDAO implemented a new flapper contract. Rather than auctioning off the surplus DAI, it is now exchanged and added to an UniswapV2 pool.
The most critical subjects covered in our audit are functional correctness of the changed code and the impact of the change on the existing system.
It’s worth noting that, by design, this new flapper spends up to x2.2 times the amount of DAI the Vow expects it to spend. For more details please refer to the informational issue.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.