C4 Audit: ERC-5164

Brendan · January 6, 2023, 8:49pm

ERC-5164 is a spec to standardize cross-chain calls between smart contracts. PoolTogether will be using this spec to bridge Draws across chains.

PoolTogether has written the first implementation of the spec for Polygon, Optimism and Arbitrum. You can see the ERC-5164 Implementation on Github

Code Arena ran an auditing contest for the implementation from December 1 to December 5, 2022.

Contest Details
Contest Findings

The total cost of the audit was $30,200 USDC. This leaves $127.4k remaining from the original funding from PTIP-44: C4 Partnership .

BraveNewDeFi · January 9, 2023, 10:19pm

Right now, I believe the Contest Findings are in a private repo. Could you please make that public for anyone who wants to review?

Brendan · January 9, 2023, 10:54pm

I see! Yes I’ll ask C4

Tjark · January 17, 2023, 11:35am

Code4rena updated the results for the ERC-5164 audit contest. There are 0 high-risk findings - very cool to see! Will there be a report by Code4rena going over the findings?

Edit Jan 23
The report is out:

Summary

The C4 analysis yielded an aggregated total of 3 unique vulnerabilities. Of these vulnerabilities, 0 received a risk rating in the category of HIGH severity and 3 received a risk rating in the category of MEDIUM severity.

Additionally, C4 analysis included 4 reports detailing issues with a risk rating of LOW severity or non-critical. There were also 8 reports recommending gas optimizations.

All of the issues presented here are linked back to their original finding.