MakerDAO logo - ChainSecurity Smart Contract Audit

MakerDAO – Curve LP & stETH oracle

Security Audit

Download Audit Report

During the review no important issue was uncovered. The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.

General subjects covered were code complexity and gas efficiency. All the aforementioned subjects were of high quality.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About MakerDAO – Curve LP & stETH oracle

The curve lp oracle contract implements a specialized oracle for the maker ecosystem that provides prices for lp tokens of a pool. It determines the price based on the curve pools get_virtual_price() function. Its architecture is very similar to other pricefeeds such as e.g. the G-UNI LP Oracle. The stETH price feed implements a specialized oracle retrieving the price of stETH.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”


It was a pleasure working with ChainSecurity. They maintained clear and direct dialogue with us and we look forward to working with them on future Layer 2 solutions to help us scale and grow the DAI ecosystem.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)