Project Information

CATEGORY

Smart contract

NETWORK

Ethereum

WEBSITE

https://pay.daimo.com/

DESCRIPTION

From Nov. 1, 2023 to Nov. 3, 2023, Daimo engaged Veridise to review the security of an update to their Daimo project. Compared to the previous version, which Veridise has audited previously in Sep. 2023 , the new version has been modified to support passkey authentication. Veridise conducted the assessment over 6 person-days, with 2 engineers reviewing code over 3 days. The auditing strategy involved a tool-assisted analysis of the source code performed by Veridise engineers as well as extensive manual auditing.

Audit Report

DURATION

6 person-days

COMPLETED

November 7, 2023

View Audit Report

SCOPE

The scope of this audit is limited to the following files of the source code provided by the Daimo developers:

  • DaimoAccount.sol from daimo
  • DaimoAccountFactory.sol from daimo
  • WebAuthn.sol from p256-verifier
  • Base64URL.sol from p256-verifier

Other files within the daimo and p256-verifier repositories, as well as third-party dependencies such as OpenZeppelin, are not in the scope of this audit. During the audit, the Veridise auditors referred to the excluded files but assumed that they have been implemented correctly.

Total Findings
0
Mitigated
0
Critical Severity
0
High Severity
0
Medium Severity
0
Low Severity
0

Considering an audit?
Contact us today!

Contact Us