Summary
The most critical subjects covered in our audit are functional correctness, access control, and integration with the existing contracts. The general subjects covered are documentation, trustworthiness, and unit testing.
Security regarding all aforementioned subjects is high. However, it is improvable due to potential escalation of privileges as outlined in Bypassing step-size and DoSing ilk initializations.
In summary, we find that the codebase provides a good but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Sky SP-BEAM Module
Sky implements SP-BEAM, a module enabling permissioned actors to make direct changes to stability and savings rates.
“The Sky Protocol (formely known as MakerDAO) is one of the largest dapps on the Ethereum blockchain. Designed by a disparate group of contributors, including developers within the MakerFoundation, its outside partners, and other persons and entities, it is the first decentralized finance (DeFi) application to see significant adoption.”
ChainSecurity has been an invaluable partner throughout almost two years of high-stakes product launches. We prize them for their proactivity, consistency & flexibility—we’re looking forward to continuing the partnership!
Deniz Yilmaz, Tech Lead at Sky