Security Audits

The primary focus of these modifications is on the UMA Data Verification Mechanism (DVM) 2.0 system. PR #4135 is notable because it reverts some suggested changes from the prior UMA DVM 2.0 audit in…

The UMA Data Verification Mechanism (DVM) is the ultimate source of truth in the oracle and governance system of the UMA Protocol. UMA's purpose is to serve as a trustworthy oracle for price requests…

This first security assessment for zkSync 2.0 was prepared by OpenZeppelin, as part of an ongoing security partnership with Matter Labs. 

Origin Dollar (OUSD) is an ERC-20 compliant stablecoin backed by USDT, USDC, and DAI. Users can mint OUSD by depositing any of these assets to the system's vault, to later be invested in different…

The main purpose of the system is to provide parametric insurance products with focus on covering smart contract hacks. At a high level, the core system comprises the protocol, storage, NPM token,…

Given the relatively small scope of this audit with respect to the size of the entire project, we assess the severity of findings based on our recommendations for best practices without consideration…

The Coinbase team engaged us to review and audit their Wrapped tokens project. We looked at the code and now publish our results.

The OpenZeppelin security services team audited the crypto-payments project of the Freeverse team. This escrow project is about bidding on or buying assets that are referenced through a paymentId,…

The UMA team asked us to review and audit their Across Token and Token Distributor repository. The system is composed of the Across token (ACX) and the Across token distributor. Together, these are…

The UMA team asked us to review and audit their Optimistic Governor contract. This aims to allow anyone to control DAO funds and activities as long as their proposed activities conform to a set of…