At Burrow, we care about providing the best experience to DeFi users who often feel like they are in the wild, wild west. For this reason, Burrow has undergone two smart contract audits by the independent auditing firm BlockSec between February and March of 2022.
Scope
The scope of the first audit included:
- The core money market protocol The scope of the second audit included:
- Upgrade via DAO functionality
- xBRRR token contract and staking logic The second audit was commissioned to review the added functionality (upgrades and xBRRR) before the protocol was deployed on mainnet.
Findings
Through the two audits, BlockSec found 7 potential mid to low risk issues in the smart contract, all of which have been fixed before Burrowโs mainnet launch (March 28th, 2022). Additionally, BlockSec has made 8 recommendations with regard to the documentation or design of the protocol, which have all been acknowledged or confirmed by the Burrow team.
For the full reports, see below: https://github.com/NearDeFi/burrowland/blob/main/blocksec-audit-signed-1.pdf https://github.com/NearDeFi/burrowland/blob/main/blocksec-audit-signed-2.pdf
Disclaimer
Audits, though a good practice to maintain security standards and minimize potential risks, are not an end-all-be-all when it comes to protocol security. The completed audit of specific contracts does not equate to the security of the entire protocol, and does not relate to other layers of risk such as runtime pricing or the human influence on protocols. Moreover, security does not mean the elimination of risk inherent in financial products: always do your own research and manage risk appropriately.