About Chainsecurity

USDFI is audited by Chainsecurity

ChainSecurity history and credentials

In 2017, at ETH Zurich, one of the leading universities for computer science in the world, academic researchers developed Securify [1]. Securify was the first static analyzer for Solidity smart contracts. As the tool gained in popularity, the team of researchers was approached multiple times for smart contract security services.
Hence, ChainSecurity was founded. The team quickly grew and audited over 70 projects for more than 50 clients. With the support of the Ethereum Foundation, Securify became open source [3] and publicly available. Furthermore, in collaboration with ETH Zurich, ChainSecurity developed formal verification tools such as VerX [4].
The team also received visibility during the Constantinople [5] and Berlin [6] hard forks, as it discovered two issues. Other multiple low-level issues in Ethereum client were reported and resulted in the 5th place on the global Ethereum bug-bounty leaderboard [7].
Beginning of 2020, ChainSecurity was acquired by PwC Switzerland [8]. The goal was to provide a joint business offering for smart contract code audits and financial audits, thus spearheading the tokenized securities industry.
However, in April 2021, as our DeFi clients became increasingly decentralized, it was challenging to serve them from such an established and regulated company. Hence, ChainSecurity amicably spun-off from PwC. ChainSecurity learned from the best practices of the financial audit sector and, with leading blockchain security engineers and PwC- alumni, we make up a world-class team bringing quality, reliability, and experience.
In 2021, after the spin-off from PwC, ChainSecurity performed approximately 50 audits, hired talent from leading universities, and identified a vulnerability in live Compound code [9] during an audit on a different scope [10]. In 2022, ChainSecurity continued performing audits with increased capacity, won Ethereum Foundation’s underhanded Solidity contest [11], identified a live vulnerability in the Fuse pools of Rari Capital [12], and another one in Balancer [13]. More live vulnerabilities will soon be disclosed publicly after being patched.

Selected smart contract audit reports

MAKER – Liquidations 2.0

Liquidations 2.0 for multi collateral DAI has been developed to mitigate uncovered shortcomings in the previous liquidation system. https://chainsecurity.com/security-audit/maker-protocol-liquidations-2-0/

MAKER – Optimism DAI-Bridge & Starknet-DAI bridge

CURVE FINANCE – Tricrypto

Curve Finance’s Tricrypto system extends their exchanges to swap 3 coins instantly, where the coins no longer need to be equivalent in value. https://chainsecurity.com/security-audit/curve-finance-tricrypto/

COMPOUND – Comet

Compound Comet is a gas-efficient lending platform allowing more efficient liquidity use due to a streamlined application of borrowing stablecoins against various collaterals. https://chainsecurity.com/security-audit/compound-comet/

1INCH – Farming

1inch implements two types of farming contracts. While the first one is a traditional farming contract where tokens need to be deposited for reward eligibility, the second one is as ERC-20 library contract which has farming capabilities built-in and, thus, allows for participating in multiple farms without requiring individual deposits in each one. https://chainsecurity.com/security-audit/1inch-farming/

KYBER – KyberSwap Elastic (based on UNISWAP V3)

KyberSwap Elastic is an automated market maker (AMM) implementation, that allows liquidity providers to concentrate the liquidity in a certain price range. https://chainsecurity.com/security-audit/kyberswap-elastic/

POA (Gnosis) – Omnibridge

OmniBridge is a system of smart contracts that allows cross-chain token transfers between Ethereum-compatible blockchains. https://chainsecurity.com/security-audit/poa-network-omnibridge/

GEARBOX – Generalized leverage protocol

This system allows users to take leverage in one place and then use it across various DeFi protocols and platforms in a composable way. https://chainsecurity.com/security-audit/gearbox/