Prime: Wormhole Path Audit Summary

prime protocol Users can deposit an asset on a supported chain and take out another asset loan backed by the entire asset portfolio. The scope of this audit was the wormhole path used to pass messages in the protocol.

Prime has partnered with Ackee Blockchain to conduct a security review of the Wormhole route in the Prime protocol with a total donation of time. Engineering 5 days in the period between January 9th and January 13, 2023.

methodology

We began our review using a static analysis tool called Woke. We then analyzed the contract logic in depth and used the Woke testing framework for cross-chain testing. During the review process, we paid special attention to the following:

Ensure chain ID is translated correctly during cross-chain calls
Ensure messages are not maliciously reproduced
Detect possible reentrancy in your code
Ensure access controls are neither too relaxed nor too strict
I’m looking for common problems like data validation.

range

An audit has been performed on the commit. 5942f84 The exact scope was the following files:

WormholeAdmin.sol
WormholeEvents.sol
WormholeModifiers.sol
WormholeRoute.sol
WormholeStorage.sol

result

Here we have our result.

critical severity

No critical severity issues were found.

Severity High

No high severity issues were found.

medium severity

M1: unlimited allowance

M2: Downcasting overflow

M3: Insufficient data verification

low severity

No low-severity issues were found.

warning severity

W1: Management function data verification

W2: Replay attack protection

W3: How to use Solc optimizer

Information Severity

I1: Missing NatSpec document

I2: There are too many similar function names.

I3: The ChangeAdmin function must fire an event.

conclusion

Our review yielded the following six findings: information to warning Seriousness.

we Prime is recommended for:

Create a NatSpec document for easier review
Addresses all other reported issues.

Ackee blockchain is full Early You can find the audit report with a more detailed description of all findings and recommendations. here.

We were happy to give our thanks. Early I look forward to working with them again.

Prime: Wormhole Path Audit Summary

Chinese woman pleads guilty ahead of trial in $7 billion British Bitcoin fraud case

CME Group Launches CFTC Regulated Solana and XRP Options

Foundry vs Echidna vs Wake: Fuzz Reduction Comparison

MEXC Celebrates ZEROBASE (ZBT) Listing With Airdrop+ Event Featuring 55,000 USDT Prize Pool

How MasterQuant’s AI Trading Bot Is Becoming Every Investor’s Favorite Trade Machine

Seascape Launches First Tokenized BNB Treasury Strategy On Binance Smart Chain

ETH And BTC Holders Are Flocking To OAK Mining For Stable Profits Of $8,600 Daily

Will Solana price fall to $170 once it gets close to the important support level?

Crypto Market Rebound, L2 Surge and ZEC Shock: Daily Insights

ZBCN is tradable!

Analysts expect a breakout of $135 as ETF approval buzz grows.

Chinese woman pleads guilty ahead of trial in $7 billion British Bitcoin fraud case

XMoney Launches $XMN On Sui, Expands Listings Across Global Exchanges

ZNB) STRENGTHENS BALANCE SHEET WITH USD 231 MILLION BITCOIN-BACKED INVESTMENT AMID MARKET TURBULENCE

Top Insights

MEXC Celebrates ZEROBASE (ZBT) Listing With Airdrop+ Event Featuring 55,000 USDT Prize Pool

How MasterQuant’s AI Trading Bot Is Becoming Every Investor’s Favorite Trade Machine

Seascape Launches First Tokenized BNB Treasury Strategy On Binance Smart Chain

Most Popular

Japanese financial firm merges with Unbanked to expand digital liquidity initiatives

Latest Meme Coins to Buy Right Now, Tuesday, July 2 – Landwolf, Hoppy, Super Trump, Pepe Unchained

Ark Invest continues to reduce holdings of Coinbase (COIN) and GBTC.

Prime: Wormhole Path Audit Summary

methodology

range

result

critical severity

Severity High

medium severity

low severity

warning severity

Information Severity

conclusion

Related Posts