Skip to content

Latest commit

 

History

History

internal3

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
analysis
analysis
 
 
README.md
README.md
 
 

README.md

autonolas-governance-audit

The review has been performed based on the contract code in the following repository:
https://github.com/valory-xyz/autonolas-governance
commit: 01c92ed0b79a72ffac35191b2cb91aa46022b1b1

Update: 12-04-2023

Objectives

The audit focused on FxGovernorTunnel contract.

Flatten version

Flatten version of contracts. contracts

Coverage

Hardhat coverage has been performed before the audit and can be found here:

------------------------|----------|----------|----------|----------|----------------|
File                    |  % Stmts | % Branch |  % Funcs |  % Lines |Uncovered Lines |
------------------------|----------|----------|----------|----------|----------------|
 contracts/bridges/     |      100 |      100 |      100 |      100 |                |
  FxGovernorTunnel.sol  |      100 |      100 |      100 |      100 |                |

Security issues (instumantal)

Some of the checks are obtained automatically. They are commented and I do not see any serious problems.

All automatic warnings are listed in the following file, concerns of which we address in more detail below: slither-full

  • zero-check on target.call{value: value}(payload); . Low risk. [x] fixed.

Notes:
Reentrancy in FxGovernorTunnel.processMessageFromRoot does not seem feasible.

Needed Improvements and Bugs fixning

changeRootGovernor not event. [x] fixed.