Summary
The most critical subjects covered in our audit are the functional correctness of the proposal and the correctness of the proposal with regards to lifecycle of a proposal in the Arbitrum ecosystem. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, testing, documentation and specification. There was no end-to-end testing for the proposal flow. Security regarding all the rest of the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Arbitrum Security Council AIP
Arbitrum Foundation implements an Arbitrum Improvement Proposal (AIP) that aims to increase the signature threshold of the non-emergency Security Council multisig on Abitrum One (0xADd68bCb0f66878aB9D37a447C7b9067C5dfa941) from 7 to 9 signatures. Moreover, a library for conditional updates of the constitution was implemented.
---
"Arbitrum is a protocol that makes Ethereum transactions faster and cheaper. Developers use Arbitrum to build user-friendly decentralized apps (dApps) that can take advantage of the scalability benefits of the Arbitrum Rollup and AnyTrust protocols."