Summary
The most critical subjects covered in our audit are functional correctness and frontrunning. Functional correctness is high and frontrunning is only possible to a small extent determined by the want factor.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Maker FlapperUniV2SwapOnly
MakerDAO implements a new Flapper contract for the Maker Core contract Vow that is used to convert DAI surplus. In comparison to the other FlapperUniV2 contract, the DAI are only swapped on a Uniswap v2 pair and the proceedings sent to a predefined receiver address instead of deposited into the pair as liquidity.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
It was a pleasure working with ChainSecurity. They maintained clear and direct dialogue with us and we look forward to working with them on future Layer 2 solutions to help us scale and grow the DAI ecosystem.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)