LayerZero

Project Information

Network

Ethereum

Website

https://layerzero.network/

LayerZero (V2)

Commissioned

13 Jul 2023

Completed

15 Dec 2023

Contracts Audited

EndpointV2	Meter:
	0xef02BacD67C0AB45510927749009F6B9ffCE0631
	Shimmer:
	0x148f693af10ddfaE81cDdb36F4c93B31A90076e1
	ZkSync:
	0xd07C30aF3Ff30D96BDc9c6044958230Eb797DDBF
	All other chains:
	0x1a44076050125825900e736c501f859c50fE728c
	Note: The BB1, Conflux, DKF, Rarible, Tomo, XPla, and ZkSync contracts do not match the ETH one.
MessageLibManager	Dependency
MessagingChannel	Dependency
MessagingComposer	Dependency
MessagingContext	Dependency
AddressCast	Dependency
SafeCall	Dependency
BitMaps	Dependency
PacketV1Codec	Dependency

View Audit Report

TH	Found	Resolved	Partially Resolved	Acknowledged (no change made)
Governance	0	–	–	–
High	0	–	–	–
Medium	3	2	–	1
Low	10	6	–	4
Informational	20	13	2	5
Total	33	21	2	10

Audit Report (Verifier Network)
Commissioned

Completed

26 Aug 2023

Contracts Audited

VerifierNetwork refer to: https://layerzero.gitbook.io/docs/ecosystem/oracle/google-cloud-oracle
Worker Dependency
MultiSig Dependency

View Audit Report
Issues
Risk Summary

TH Found Resolved Partially Resolved Acknowledged
(no change made)

High 0 – – –

Medium 1 1 – –

Low 4 4 – –

Informational 5 1 – 4

Total 10 6 – 4

When using this protocol, the main risks you want to look out for are:

Ensuring that the contracts you are interacting with matches the one we audited. This can be done by comparing the addresses with the one present in the contracts page in our audit.

Our audits only cover code-related risks. Users will have to do their own due diligence on other aspects of the protocol such as the reputation of the team, the protocol’s tokenomics, and other aspects of the project that might be relevant.

Issues Classification

TH	Found	Resolved	Partially Resolved	Acknowledged (no change made)
High	0	–	–	–
Medium	1	1	–	–
Low	4	4	–	–
Informational	5	1	–	4
Total	10	6	–	4

Audit Report (MessageLib)

Commissioned

17 Jul 2023

Completed

15 Dec 2023

Contracts Audited

MessageLibBaseE1	Due to the large number of chains, please refer to this document for the addresses and code match status:
	https://docs.google.com/spreadsheets/d/1YxZIE8q2gwNL-7GLJ5GBQ-7w6a6X9wF1cjUyQ6bhPf4/edit#gid=0
TreasuryFeeHandler	Dependency
ReceiveULN301	Due to the large number of chains, please refer to this document for the addresses and code match status:
	https://docs.google.com/spreadsheets/d/ 1YxZIE8q2gwNL-7GLJ5GBQ-7w6a6X9wF1cjUyQ6bhPf4/edit#gid=0
ReceiveULN302	Due to the large number of chains, please refer to this document for the addresses and code match status:
	https://docs.google.com/spreadsheets/d/ 1YxZIE8q2gwNL-7GLJ5GBQ-7w6a6X9wF1cjUyQ6bhPf4/edit#gid=0
SendULN301	Due to the large number of chains, please refer to this document for the addresses and code match status:
	https://docs.google.com/spreadsheets/d/ 1YxZIE8q2gwNL-7GLJ5GBQ-7w6a6X9wF1cjUyQ6bhPf4/edit#gid=0
SendULN302	Due to the large number of chains, please refer to this document for the addresses and code match status:
	https://docs.google.com/spreadsheets/d/ 1YxZIE8q2gwNL-7GLJ5GBQ-7w6a6X9wF1cjUyQ6bhPf4/edit#gid=0
SendUlnBase	Dependency
ReceiveUlnBase	Dependency
UlnConfig	Removed
MessageLibBase	Dependency
SendLibBase	Dependency
SendLibBaseE2	Dependency
ReceiveLibBaseE2	Dependency
OutboundConfig	Dependency
AddressSizeConfig	Dependency

View Audit Report

TH	Found	Resolved	Partially Resolved	Acknowledged (no change made)
Governance	0	–	–	–
High	1	1	–	–
Medium	5	1	1	3
Low	5	2	–	3
Informational	18	13	1	4
Total	29	17	2	10

Audit Report (sveSTG)
Commissioned

03 Mar 2023

Completed

09 Mar 2023

Contracts Audited

sveSTG 0xd56E00A493eD90C490a54cf58cc5a713556bfdBB
ERC20 Dependency

View Audit Report
Issues
Risk Summary

Found Resolved Partially Resolved Acknowledged
(no change made)

High 0 – – –

Medium 2 2 – –

Low 1 – – 1

Informational 2 2 – –

Total 5 4 – 1

When using this protocol, the main risks you want to look out for are:

Ensuring that the contracts you are interacting with matches the one we audited. This can be done by comparing the addresses with the one present in the contracts page in our audit.

Our audits only cover code-related risks. Users will have to do their own due diligence on other aspects of the protocol such as the reputation of the team, the protocol’s tokenomics, and other aspects of the project that might be relevant.

Issues Classification
Audit Report (AASTGClaim)
Commissioned

03 Mar 2023

Completed

09 Mar 2023

Contracts Audited

AASTGClaim 0x879ca077b05579fa68aab2827bed21f5f50eacbb

View Audit Report
Issues
Risk Summary

Found Resolved Partially Resolved Acknowledged
(no change made)

High 1 1 – –

Medium 0 – – –

Low 2 – – 2

Informational 4 – – 4

Total 7 1 – 6

When using this protocol, the main risks you want to look out for are:

Ensuring that the contracts you are interacting with matches the one we audited. This can be done by comparing the addresses with the one present in the contracts page in our audit.

Our audits only cover code-related risks. Users will have to do their own due diligence on other aspects of the protocol such as the reputation of the team, the protocol’s tokenomics, and other aspects of the project that might be relevant.

Issues Classification
Audit Report (Stargate V2 Fee Claimer)
Commissioned

18 Jul 2023

Completed

10 Sep 2023

Contracts Audited

FeeDistributor 0xAF667811A7eDcD5B0066CD4cA0da51637DB76D09 (same address on all chains)

View Audit Report
Issues
Risk Summary

TH Found Resolved Partially Resolved Acknowledged
(no change made)

High 0 – – –

Medium 0 – – –

Low 2 2 – –

Informational 6 6 – –

Total 8 8 – –

When using this protocol, the main risks you want to look out for are:

Ensuring that the contracts you are interacting with matches the one we audited. This can be done by comparing the addresses with the one present in the contracts page in our audit.

Our audits only cover code-related risks. Users will have to do their own due diligence on other aspects of the protocol such as the reputation of the team, the protocol’s tokenomics, and other aspects of the project that might be relevant.

Issues Classification

VerifierNetwork	refer to: https://layerzero.gitbook.io/docs/ecosystem/oracle/google-cloud-oracle
Worker	Dependency
MultiSig	Dependency

sveSTG	0xd56E00A493eD90C490a54cf58cc5a713556bfdBB
ERC20	Dependency

LayerZero

Project Information

Category

Network

Website

LayerZero (V2)

Commissioned

Completed

Contracts Audited

Audit Report (Verifier Network)

Commissioned

Completed

Contracts Audited

Audit Report (MessageLib)

Commissioned

Completed

Contracts Audited

Audit Report (sveSTG)

Commissioned

Completed

Contracts Audited

Audit Report (AASTGClaim)

Commissioned

Completed

Contracts Audited

Audit Report (Stargate V2 Fee Claimer)

Commissioned

Completed

Contracts Audited

Browse more audits

Smart Contract Security Assessment

Delirium – Sandman Finance

Smart Contract Security Assessment

SpikeSwap

Smart Contract Security Assessment

PolyPup Finance

Smart Contract Security Assessment

Optix Protocol

Smart Contract Security Assessment

FANTerra

Smart Contract Security Assessment

Arcadium LootBox

Be Part of the Movement –Contact Us Today

Smart Contract
Security Assessment

Smart Contract
Security Assessment

Smart Contract
Security Assessment

Smart Contract
Security Assessment

Smart Contract
Security Assessment

Smart Contract
Security Assessment

Be Part of the Movement –
Contact Us Today