search

🛡️Security audits

hashtag
CrossCurve Consensus Bridge CDP Security Audit Report by MixBytes

CrossCurve CDParrow-up-right (Cross-Chain Data Protocol) is a messaging protocol designed for cross-chain data transfers, utilizing multiple projects like LayerZeroarrow-up-right, Axelar Bridgearrow-up-right and CrossCurve Bridgearrow-up-right. This security audit covers the latest updates to the protocol logic, including the integration of Router Protocol as an additional cross-chain messaging layer.

The audit was conducted over 2 days by 3 auditors, involving an in-depth manual code review and automated analysis within the scope.

During the audit, in addition to verifying standard attack vectors and our internal checklist, we conducted an in-depth review of the following areas:

  • Cross-Chain Message Replay Protection.

  • Cross-Chain Data Decoding Consistency.

  • Treasury Fund Protection.

  • Bridge State Enforcement.

  • Threshold-Based Message Validation.

  • Threshold and Validation Enforcement.

  • Multi-Bridge Priority System.

  • State Consistency.

  • Request ID Uniqueness.

  • Correctness of the integration with Router.

  • Verification of the fee compensation module.

Eywa CDP Security Audit Report.pdfarrow-up-right

🔗 Linkarrow-up-right to MixBytes EYWA reports.

hashtag
CrossCurve DAO Security Audit Report by MixBytes

1. Project architecture review:

  • Build an independent view of the project's architecture.

  • Identifying logical flaws.

2. Checking the code in accordance with the vulnerabilities checklist:

Eliminate typical vulnerabilities (e.g. reentrancy, gas limit, flash loan attacks etc.).

3. Checking the code for compliance with the desired security model:

Detect inconsistencies with the desired model.

4. Consolidation of the auditors' interim reports into one:

  • Double-check all the found issues to make sure they are relevant and the determined threat level is correct.

  • Provide the Client with an interim report.

5. Bug fixing & re-audit:

  • Verify the fixed code version with all the recommendations and its statuses.

  • Provide the Client with a re-audited report.

6. Final code verification and issuance of a public audit report:

  • Conduct the final check of the code deployed on the mainnet.

  • Provide the Customer with a public audit report.

Eywa DAO Security Audit Report.pdfarrow-up-right 🔗 Linkarrow-up-right to MixBytes EYWA reports.

hashtag
CrossCurve CLP security audit by MixBytes

A group of auditors are involved in the work on the audit. Security engineers check the provided source code independently of each other in accordance with the methodology described below:

1. Project architecture review:

  • Build an independent view of the project's architecture.

  • Identifying logical flaws.

2. Checking the code in accordance with the vulnerabilities checklist: Eliminate typical vulnerabilities (e.g. reentrancy, gas limit, flash loan attacks etc.).

3. Checking the code for compliance with the desired security model:

Detect inconsistencies with the desired model.

4. Consolidation of the auditors' interim reports into one:

  • Double-check all the found issues to make sure they are relevant and the determined threat level is correct.

  • Provide the Client with an interim report.

5. Bug fixing & re-audit:

  • Verify the fixed code version with all the recommendations and its statuses.

  • Provide the Client with a re-audited report.

6. Final code verification and issuance of a public audit report:

  • Conduct the final check of the code deployed on the mainnet.

  • Provide the Customer with a public audit report.

Eywa CLP Security Audit Report.pdfarrow-up-right

🔗 Linkarrow-up-right to MixBytes EYWA reports.

hashtag
CrossCurve CDP security audit by Smartstate

The core architectural element of the CrossCurve ecosystem is the CrossCurve Cross-chain Data Protocol, which is a transport layer between blockchains. All CrossCurve products for DeFi users are based on this protocol.

Although at the time of this audit the core of CrossCurve multisig is represented by a trusted group of projects, CrossCurve aims for DAO, as reflected in CrossCurve project current documentation.

CDP Smart Contracts: These smart contracts serve as a means for sending and accepting cross-chain calls. They also include a node registration contract used in the Proof of Authority (POA) consensus among oracle nodes.

Smart State evaluation: 8/10

EYWA_CDP_SС_report.pdfarrow-up-right CDP report from SmartState

hashtag
CrossCurve CLP security audit by Smartstate

CrossCurve Cross-chain Liquidity Protocol ensures the operation of EYWA DEX v1

CLP smart contracts - are smart contracts for processing synth and burn operations, as well as mint and lock tokens. They are also responsible for swap processing and liquidity handling operations.

Smart State evaluation: 10/10

file-pdf
10MB
EYWA_CLP_SС_report.pdf
PDF
arrow-up-right-from-squareOpen
CLP report from SmartState Jun 05 2023
file-pdf
1MB
CrossCurve_Metalayer_CLP_smart_contract_audit_report_Ver_1_2_August.pdf
PDF
arrow-up-right-from-squareOpen
CLP Smart contract audit report from SmartState Aug 29 2025

🔗 Linkarrow-up-right to SmartState CrossCurve reports.

hashtag
Security audits by Hexens

The Hexens team audited various componentsarrow-up-right of CrossCurve, such as the BLS cryptography module in CrossCurve CDP as well as EYWA NFT.

PreviousTreasuryNextTeam

Last updated