Lombard Finance: Security Consortium Smart Contracts audit report
Project Information
CATEGORY
Smart Contracts
NETWORK
Ethereum
WEBSITE
https://www.lombard.finance/
DESCRIPTION
From Oct. 14, 2024 to Dec. 13, 2024, Lombard engaged Veridise to conduct a security assessment of their Security Consortium Smart Contracts. Specifically, the assessment covered an update to the implementation of the Lombard protocol, which Veridise had reviewed several times before. Compared to the previous version, the updated version splits up the monolithic codebase for the Consortium validator node into separate, simpler, and more focused components. Veridise conducted the assessment over 18 person-weeks, with 4 security analysts reviewing the project over 9 weeks. The review strategy involved a tool-assisted analysis of the program source code performed by Veridise security analysts as well as thorough code review.
Audit Report
SCOPE
The scope of this security assessment is limited to the following paths of the following projects in the source code provided by the Security Consortium Smart Contracts developers:
- Smart contracts (commit: 109a3f2699bc79dde728c81133bbad23a7f4e9af)
- contracts/**.sol
- …excluding contracts/bascule/Bascule.sol, contracts/bridge/**.sol, and test/-
mock contracts
- Smart contracts (commit: ebfda9fdbfd710a7c5991aa9876dba8e8af8914a)
- contracts/bridge/**.sol
- contracts/bascule/BasculeV2.sol