MakerDAO – DSS-Charter Smart Contracts Security Audit

Download Audit Report
Summary

DSS-Charter introduces a permissioned vault manager which allows users to take debts with origination fees instead of standard fees of Maker (stability fee). This is targeted for institution which have off-chain agreements with Maker. The fee is accrued when debt is taken and in exchange those urns feature fix/beneficial lending rates. For this, special ilks (collateral types) will be enabled in the Vat of the Maker system. These ilks use a special join adapter, which is also part of this review (join-managed). The join-managed adapter ensures that entrance/exit of collateral happens through the CharterManager only, and the CharterManager contract ensures that this is done only for urnproxys.

The receiver of the fee in form of generated DAI is the VOW Contract (Settlement Engine). 

Anyone may open an urnproxy at the CharterManager contract and deposit collateral in form of a supported ilk. Apart from permissioned vaults, un-permissioned vaults may be supported as well. Note
that, by default the un-permissioned mode is enabled for any
ilk where any user is allowed to draw debt. The mapping gate allows wards to enable the permissioned mode per ilk. For ilks with the permissioned mode enabled, only whitelisted accounts, namely accounts that have received a non-zero debt ceiling may draw debt. Attempts of un-permissioned vaults to draw debt for those ilk fails as their debt ceiling is zero.

Joining or exiting collateral and repaying debt (call to frob() with dart less or equal to zero) are indifferent between permissioned and unpermissioned vaults for any ilk. The intended use is that each user executes the DssProxyActionCharter code through his own DSProxy.

Note that it’s nevertheless possible to directly interact with the CharterManager.

About MakerDAO – DSS-Charter Smart Contracts

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

(Source: https://awesome.makerdao.com/#beginner-guides)

It was a pleasure working alongside ChainSecurity throughout the audit of our smart contracts and oracles. They maintained clear and direct dialogue with us, and an attention to detail that covered all bases. We look forward to working with them on future solutions to help grow the adoption of DAI.
Derek Flossman, Head of Protocol Engineering Core Unit (MakerDAO)