Summary
We did not find severe issues. However, multiple minor issues related to fees were raised (see Missing Slippage Protection, Fee Can Be Avoided on Small Amounts and Repeated Fees) and the deposit limits are ineffective as described in Ineffective First Deposit Limit. All issues where addressed.
In summary, we find that the codebase provides a high level of security. Yet, it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About USDO & USDOExpress
OpenEden implements a USD stablecoin called USDO and a wrapper contract (acting as a vault) for it called cUSDO. The stablecoin will be backed by yield-earning U.S. treasury bills. USDOExpress adds instant mint and redeem functionality to the existing USDO token.
ChainSecurity demonstrated professionalism and thoroughness in their security assessment of our smart contract. Their meticulous and rigorous approach ensured a comprehensive audit process that validates the integrity and robustness of our codebase.
Duke Du, CTO of OpenEden