From May. 5, 2025 to May 8, 2025, Common engaged Veridise to conduct a security assessment of their Common Yield Aggregator protocol. The security assessment covered the Common Aggregator ERC-4626 vault which acts as a yield aggregator for multiple other ERC-4626 vaults. Veridise conducted the assessment over 8 person-days, with 2 security analysts reviewing the project over 4 days. The review strategy involved a tool-assisted analysis of the program source code performed by Veridise security analysts as well as thorough code review.