LogoLogo
  • CrossCurve MetaLayer
    • ⚙️What is CrossCurve MetaLayer
      • CrossCurve Consensus bridge
      • CrossCurve Pools v2
    • 🗺️Roadmap
      • 2024
  • 🏢CrossCurve DAO
    • Overview of CrossCurve DAO
    • Voting
    • Obtaining veEYWA and Calculating the Boost
    • Staking mechanics
    • NFTs
      • CrossCurve DAO NFT
      • EYWA NFT Collection
  • 💼Earn with CrossCurve
    • Staking in CrossCurve
    • Providing Liquidity to CrossCurve Pools
    • Voting for Incentives
  • 📖user documentation
    • 🛸Migration to Sonic
      • Why are we moving to Sonic
      • Sonic Upgrade Stages
      • Liquidity transfer from Fantom to Sonic
      • Sonic Incentives on CrossCurve MetaLayer
    • 🔃Swap interface
      • How to trade
      • Slippage settings
      • Routing
    • 🌊Liquidity Interface
      • Easy mode
      • via Curve (Balanced)
      • Liquidity provision use cases
        • Deposit
          • Easy mode (Imbalanced)
          • via Curve (Balanced)
        • Withdraw
          • Easy mode (Imbalanced)
          • via Curve (Balanced)
        • Curve Knowledge Database
          • Balanced liquidity provision
          • Guide to transferring CRV from Fantom chain to Ethereum mainnet
          • Disclamer
    • Dashboard interface
    • 🏢DAO
      • Locker Interface
      • Vote Interface
      • Incentives Interface
      • Proposals Interface
      • Working with the EYWA Locker contract in Arbiscan.
    • 🌾Yield
      • Farms Interface
        • Staking liquidity and earning rewards
      • APR Calculator
      • EYWA pool via Convex
    • 💼Vesting
      • Claim portal interface
      • Early farming program interface
    • EYWA NFT
      • Bridge interface in the Aurora chain
      • Merge interface in the Arbitrum chain
      • EYWA NFT Manager interface
    • Leaderboard
    • ❄️Outdated
      • Early farming program
  • 📖Developer documentation
    • Pools/asset contracts
      • Hubchain Pools and Assets
      • 💱Supported tokens
    • 🔗CrossCurve smart contracts
    • 💻Guide for Developers
      • Technical Documentation for CrossCurve DAO Smart Contracts
        • CalldataHelperV1
        • DelegationManagerV1
        • DelegationConditionValidatorV1
        • EmissionManagerV1
        • EscrowManager
        • EscrowVoteManagerV1
        • GaugeFactoryV1
        • GaugeV1
        • IncentiveRewardsDistributor
        • LockHolderFactoryV1
        • LockHolderV1
        • ProposalManager
        • RebaseRewardsDistributorV1
        • RewardsDistributorFactoryV1
        • Treasury
      • 📔Technical Documentation for CrossCurve API
        • API Specification
  • 📣About CrossCurve
    • 🛡️Security audits
    • 🧠Team
    • Project History
    • Website
    • Telegram
    • Twitter
    • Medium
    • Discord
    • YouTube
    • LinkedIn
    • GitHub
Powered by GitBook
On this page
  • CrossCurve DAO Security Audit Report by MixBytes
  • CrossCurve CLP security audit by MixBytes
  • CrossCurve CDP security audit by Smartstate
  • CrossCurve CLP security audit by Smartstate
  • Security audits by Hexens
Export as PDF
  1. About CrossCurve

Security audits

CrossCurve DAO Security Audit Report by MixBytes

1. Project architecture review:

  • Build an independent view of the project's architecture.

  • Identifying logical flaws.

2. Checking the code in accordance with the vulnerabilities checklist:

Eliminate typical vulnerabilities (e.g. reentrancy, gas limit, flash loan attacks etc.).

3. Checking the code for compliance with the desired security model:

Detect inconsistencies with the desired model.

4. Consolidation of the auditors' interim reports into one:

  • Double-check all the found issues to make sure they are relevant and the determined threat level is correct.

  • Provide the Client with an interim report.

5. Bug fixing & re-audit:

  • Verify the fixed code version with all the recommendations and its statuses.

  • Provide the Client with a re-audited report.

6. Final code verification and issuance of a public audit report:

  • Conduct the final check of the code deployed on the mainnet.

  • Provide the Customer with a public audit report.

CrossCurve CLP security audit by MixBytes

A group of auditors are involved in the work on the audit. Security engineers check the provided source code independently of each other in accordance with the methodology described below:

1. Project architecture review:

  • Build an independent view of the project's architecture.

  • Identifying logical flaws.

2. Checking the code in accordance with the vulnerabilities checklist: Eliminate typical vulnerabilities (e.g. reentrancy, gas limit, flash loan attacks etc.).

3. Checking the code for compliance with the desired security model:

Detect inconsistencies with the desired model.

4. Consolidation of the auditors' interim reports into one:

  • Double-check all the found issues to make sure they are relevant and the determined threat level is correct.

  • Provide the Client with an interim report.

5. Bug fixing & re-audit:

  • Verify the fixed code version with all the recommendations and its statuses.

  • Provide the Client with a re-audited report.

6. Final code verification and issuance of a public audit report:

  • Conduct the final check of the code deployed on the mainnet.

  • Provide the Customer with a public audit report.

CrossCurve CDP security audit by Smartstate

The core architectural element of the CrossCurve ecosystem is the CrossCurve Cross-chain Data Protocol, which is a transport layer between blockchains. All CrossCurve products for DeFi users are based on this protocol.

Although at the time of this audit the core of CrossCurve multisig is represented by a trusted group of projects, CrossCurve aims for DAO, as reflected in CrossCurve project current documentation.

CDP Smart Contracts: These smart contracts serve as a means for sending and accepting cross-chain calls. They also include a node registration contract used in the Proof of Authority (POA) consensus among oracle nodes.

Smart State evaluation: 8/10

CrossCurve CLP security audit by Smartstate

CrossCurve Cross-chain Liquidity Protocol ensures the operation of EYWA DEX v1

CLP smart contracts - are smart contracts for processing synth and burn operations, as well as mint and lock tokens. They are also responsible for swap processing and liquidity handling operations.

Smart State evaluation: 10/10

Security audits by Hexens

PreviousTechnical Documentation for CrossCurve APINextTeam

Last updated 1 month ago

🔗 to MixBytes EYWA reports.

CDP report from SmartState

CLP report from SmartState

🔗 to SmartState CrossCurve reports.

The Hexens team of CrossCurve, such as the BLS cryptography module in CrossCurve CDP as well as EYWA NFT.

📣
🛡️
5MBEywa DAO Security Audit Report.pdfpdf
3MBEywa CLP Security Audit Report.pdfpdf
Link
5MB05062305_EYWA_CDP_SС_report.pdfpdf
10MB05062302_EYWA_CLP_SС_report.pdfpdf
Link
audited various components