Arbitrum Token Bridge
Summary
During auditing, we found `9` potential issues of various levels of severity: `1` high-severity, `2` medium-severity, `2` low-severity, `3` informational-level findings, and `1` finding with undetermined severity. We made `8` best practices recommendations. We highly recommend addressing the findings before going live. **Disclaimer:** This project utilized Arbitrum layer2 blockchain and its existing cross-chain communication infrastructures. All the dependencies and external infrastructures are not part of this audit. This scope of the current audit is for all the contracts under `packages\arb-bridge-peripherals\contracts\tokenbridge`, except those contracts under `misc` folder. **2021-08-03 Update**: During this fix-review, the admin team has brought the status of some of the findings into fixed or mitigated. Some of the low and informational-severity issues have been solely acknowledged. One undetermined finding has been confirmed as a false positive and one medium-severity finding has been changed from Medium to Low.
Issues (9)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 5 | - | - | - | 5 |
Fixed | 2 | 1 | 1 | - | 4 |
| Total | 7 | 1 | 1 | 0 | 9 |