Summary
The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.
In a production setting, Deployment verification is strongly recommended.
While Foundry does not atomically perform deployment, no frontrunning possibilities have been found.
The current state of the deployment and initialization scripts shows a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO - Endgame Toolkit Deployment Scripts
MakerDAO implements a toolkit for SubDAO governance including a governance token, a proxy contract for governance spell execution and a reward farming contract. This audit report reviews the security and correctness of the corresponding deployment scripts.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”