We did not uncover critical issues. The most severe subjects covered in our audit are the following two medium rated issues: Admin Set Too Early in LiquidityGaugeV4Strat and Zero Address Reward Distributor. As the system is already deployed and the issues are not critical, StakeDAO decided to not change the code.

In summary, we find that the codebase provides a good level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

StakeDAO implements so called liquid lockers. They allow users to earn yield on their locked tokens, make them transfer and still preserve voting power for the users.

“Stake DAO is a non-custodial platform where you can do more with your money. Easily grow, track, and control your assets right from your wallet.”

(Source: https://stakedao.org/)