Summary
The most critical subjects covered in our audit are security, functional correctness and the impact on the existing system.
In summary, we find that the codebase provides a high level of security. There is a risk that the shutdown process is blocked in case the Governance pauses the Cure contract. For more information please refer issue description in this report.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO – DSS Cure
Cure is an extension for the Dai Stablecoin System which allows contracts to report DAI amounts which must be subtracted from the total debt during the shutdown process. The necessity for this arose as a new extenstion, DSS-Wormhole generates such DAI which must not be included the settlement during shutdown.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”