{"id":383,"date":"2022-07-25T12:00:20","date_gmt":"2022-07-25T10:00:20","guid":{"rendered":"https:\/\/ackeeblockchain.com\/blog\/?p=383"},"modified":"2022-12-14T23:45:10","modified_gmt":"2022-12-14T21:45:10","slug":"axelar-ethereum-contracts-audit-summary","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/axelar-ethereum-contracts-audit-summary\/","title":{"rendered":"Axelar: Ethereum Contracts\u00a0Audit Summary"},"content":{"rendered":"

Between July<\/strong> 4 and July 12, 2022<\/b>, Axelar<\/a>\u00a0engaged\u00a0Ackee Blockchain<\/a>\u00a0to review and\u00a0audit<\/a> changes on several Ethereum contracts. The entire audit process was conducted with a total time commitment of\u00a05 engineering days<\/a><\/b>. We now publish a summary of our results.<\/span><\/p>\n

METHODOLOGY<\/b><\/h4>\n

We start by reviewing the specifications, sources, and instructions provided to us, which is essential to ensure we understand the project\u2019s size, scope, and functionality. This is followed by due diligence using the automated\u00a0Solidity<\/a>\u00a0analysis tools and\u00a0Slither<\/a>.<\/p>\n

In addition to tool-based analysis, we continue with a detailed manual code review, which is the process of reading the source code line by line to identify potential vulnerabilities or code duplications. When the code review is complete, we run unit tests to ensure the system works as expected and potentially write missing unit or fuzzy tests. We also deploy the\u00a0contracts<\/a>\u00a0locally and try to attack and break the system.<\/p>\n

SCOPE\u00a0<\/b><\/h4>\n
\n
\n
\n

The audit was performed on two repositories: we audited commit 9f9ca0d<\/em>\u00a0<\/i>of the axelarnetwork\/axelar-cgp-solidity<\/a> repository (file: contracts\/AxelarAuthMultisig.sol) and commit 327c543\u00a0<\/em>of the axelarnetwork\/axelar-xc20-wrapper<\/a> repository (file: contracts\/*).<\/p>\n<\/div>\n<\/div>\n<\/div>\n

During the security review,\u00a0we paid particular attention to<\/strong>:<\/p>\n

\n
\n
\n
\n
\n
\n