The MakerDAO zkSync-DAI Bridge is not yet deployed.
The most critical subjects covered in our audit are the functional correctness of the DAI bridging mechanism, the L2-DAI ERC-20 contract and the relay of governance spells, protection against censorship, and upgradeability.
Security regarding all other aforementioned subjects is high. However, users should be aware of the trust model, see Trust Model & Roles.
The general subjects covered are upgradeability, error handling, trustworthiness, documentation, and testing. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.