C4 Audit: ERC-5164

ERC-5164 is a spec to standardize cross-chain calls between smart contracts. PoolTogether will be using this spec to bridge Draws across chains.

PoolTogether has written the first implementation of the spec for Polygon, Optimism and Arbitrum. You can see the ERC-5164 Implementation on Github

Code Arena ran an auditing contest for the implementation from December 1 to December 5, 2022.

Contest Details
Contest Findings

The total cost of the audit was $30,200 USDC. This leaves $127.4k remaining from the original funding from PTIP-44: C4 Partnership .

Right now, I believe the Contest Findings are in a private repo. Could you please make that public for anyone who wants to review?

I see! Yes I’ll ask C4

Code4rena updated the results for the ERC-5164 audit contest. There are 0 high-risk findings - very cool to see! Will there be a report by Code4rena going over the findings?

Edit Jan 23
The report is out:

Summary

The C4 analysis yielded an aggregated total of 3 unique vulnerabilities. Of these vulnerabilities, 0 received a risk rating in the category of HIGH severity and 3 received a risk rating in the category of MEDIUM severity.

Additionally, C4 analysis included 4 reports detailing issues with a risk rating of LOW severity or non-critical. There were also 8 reports recommending gas optimizations.

All of the issues presented here are linked back to their original finding.

Hi everyone,

I would like to know if there is someone I can speak security with at Pool. You have worked with OpenZeppelin and Code4rena for your audits so I’m keen to know if you are open to work with other firms.

Omniscia.io could be valuable to Pool I believe. We have audited close to 250 projects like L’Oreal, Euler, Morpho, DappRadar, Tokemak, AvaLabs, Matic, LimitBreak, OlympusDAO. We are not on the rekt keaderboard.

Best