MakerDAO logo - ChainSecurity Smart Contract Audit

MakerDAO Endgame Toolkit Deployment Scripts

Security Audit

Download Audit Report
Summary

The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.

SDAO and SubProxy contracts are not going to be deployed yet. The current state of the deployment and initialization scripts shows a high level of security, however.

In the latest version actual deployment scripts for the farming module based on the previous scripts originally used for testing only have been added.

In a production setting, Deployment verification is strongly recommended.

While Foundry does not atomically perform deployment, no frontrunning possibilities have been found.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About MakerDAO Endgame Toolkit Deployment Scripts

MakerDAO implements a toolkit for SubDAO governance including a governance token, a proxy contract for governance spell execution and a reward farming contract.

“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”

Source: https://makerdao.com/en/whitepaper/