Back to Overview

Oasis PositionManager Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, system design and safety of user funds. We uncovered two medium severity issues regarding functional correctness, which have been addressed. There was one high severity issue regarding system design, which also has been remedied.

The general subjects covered are gas efficiency, code complexity, trustworthiness and access control. Some improvements can be made to the gas efficiency of the contracts. Security regarding the remaining subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Oasis PositionManager

PositionManager implements a way for users to easily create proxy contracts to manage various DeFi positions without built-in asset separation. The proxies should be capable of replacing instances of MakerDAO’s DSProxy.

Chain Security's team showed a high level of professionalism in the essential/engineering area and communication. They were helpful and open for dialogue while providing expertise and recommendations. Oasis.app must be a product our users can trust. We look forward to continuing our work with Chain Security to assure this trust.
Lukasz Baksik, Head of Operations at Oazo Apps Ltd. (oasis.app)