At Burrow, we care about providing the best experience to DeFi users who often feel like they are in the wild, wild west. For this reason, Burrow has undergone two smart contract audits by the independent auditing firm BlockSec between February and March of 2022.
The scope of the first audit included:
- The core money market protocol
The scope of the second audit included:
- Upgrade via DAO functionality
- xBRRR token contract and staking logic
The second audit was commissioned to review the added functionality (upgrades and xBRRR) before the protocol was deployed on mainnet.
Through the two audits, BlockSec found 7 potential mid to low risk issues in the smart contract, all of which have been fixed before Burrow’s mainnet launch (March 28th, 2022). Additionally, BlockSec has made 8 recommendations with regard to the documentation or design of the protocol, which have all been acknowledged or confirmed by the Burrow team.
For the full reports, see below:
Audits, though a good practice to maintain security standards and minimize potential risks, are not an end-all-be-all when it comes to protocol security. The completed audit of specific contracts does not equate to the security of the entire protocol, and does not relate to other layers of risk such as runtime pricing or the human influence on protocols. Moreover, security does not mean the elimination of risk inherent in financial products: always do your own research and manage risk appropriately.
The BlockSec Team focuses on the security of the blockchain ecosystem, and collaborates with leading DeFi projects to secure their products. The team is founded by top-notch security researchers and experienced experts from both academia and industry. They have published multiple blockchain security papers in prestigious conferences, reported several zero-day attacks of DeFi applications, and released detailed analysis reports of high-impact security incidents.