Tokemak
Off-Chain (Private)
Audited on 2021/09/20
No active critical issues
Summary
In the security audit of the selected contracts of Tokemak (listed in the appendix) we identified two high-severity, one medium-severity, and several low/informational/undetermined-severity issues. One high-severity issue was fixed. A remaining high-severity problem is the assumed trust in the manager. That is, the manager can perform any operation with the provided user funds based upon some calculations that are carried out off the chain. The staking logic does not force locking funds on the contract side (to which we assigned a medium-severity label). The Tokemak team decided upon not fixing the locking issue. Nevertheless, they have resolved 10 issues and acknowledged all the remaining issues.
Project
Multi-Chain
