Overview

Front-ends

IP Address Screening

Front-end web applications implement geo-blocking, VPN blocking, and other sanctions compliance features to restrict access in certain regions and ensure compliance with legal and regulatory requirements. As a result, users from specific jurisdictions or using VPNs may be unable to access the platform.

Audits

The codebases have undergone extensive auditing by multiple audit firms and have also been subjected to a public audit contest on the Sherlock platform. Please find the links to the audit reports for the various codebases below:

LitePSM

ChainSecurity

• https://github.com/makerdao/dss-lite-psm/blob/main/audits/ChainSecurity_MakerDAO_PSM_Lite_audit.pdf

Cantina

• https://github.com/makerdao/dss-lite-psm/blob/main/audits/report-review-makerdao-dss-lite-psm.pdf

Endgame Launch

ChainSecurity

• https://github.com/makerdao/usds/blob/dev/audit/20240730-ChainSecurity_MakerDAO_NST_audit.pdf

• https://github.com/makerdao/sky/blob/dev/audit/ChainSecurity_MakerDAO_NGT_audit.pdf

• https://github.com/makerdao/sky/blob/dev/audit/ChainSecurity_MakerDAO_NGT_deployment_scripts_audit.pdf

• https://github.com/makerdao/sdai/blob/susds/audit/20240730-ChainSecurity_MakerDAO_Savings_NST_audit.pdf

• https://github.com/makerdao/endgame-toolkit/blob/master/audits/ChainSecurity_MakerDAO_Endgame_Toolkit_audit.pdf

• https://github.com/makerdao/lockstake/blob/dev/audit/20240730-ChainSecurity_MakerDAO_Lockstake_audit.pdf

• https://github.com/makerdao/vote-delegate/blob/v2/audit/20240730-ChainSecurity_MakerDAO_VoteDelegate_audit.pdf

• https://github.com/makerdao/dss-flappers/blob/master/audit/ChainSecurity_MakerDAO_FlapperUniV2SwapOnly_audit.pdf

• https://github.com/makerdao/dss-flappers/blob/master/audit/ChainSecurity_MakerDAO_FlapperUniV2_audit.pdf

• https://github.com/makerdao/dss-flappers/blob/dev/audit/20230606-ChainSecurity_MakerDAO_FlapperUniV2_audit.pdf

• https://github.com/makerdao/dss-flappers/blob/dev/audit/20230727-ChainSecurity_MakerDAO_FlapperUniV2SwapOnly_audit.pdf

• https://github.com/makerdao/dss-flappers/blob/dev/audit/20240904-ChainSecurity_MakerDAO_Dss_Flappers_audit.pdf

Cantina

• https://github.com/makerdao/usds/blob/dev/audit/20231124-cantina-report-review-makerdao-nst.pdf

• https://github.com/makerdao/usds/blob/dev/audit/20240703-cantina-report-maker-nst.pdf

• https://github.com/makerdao/sky/blob/dev/audit/cantina-report-review-makerdao-ngt.pdf

• https://github.com/makerdao/sdai/blob/susds/audit/20240703-cantina-report-maker-snst.pdf

• https://github.com/makerdao/endgame-toolkit/blob/master/audits/report-review-makerdao-endgametoolkit_final.pdf

• https://github.com/makerdao/lockstake/blob/dev/audit/20240626-cantina-report-maker-LSE.pdf

• https://github.com/makerdao/vote-delegate/blob/v2/audit/20240703-cantina-report-maker-vote-delegate.pdf

• https://github.com/makerdao/dss-flappers/blob/dev/audit/20240703-cantina-report-maker-flappers.pdf

ABDK

• https://github.com/makerdao/vote-delegate/blob/master/audits/ABDK-MakerDAO-Vote%20Delegate.pdf

Sherlock

• https://github.com/sherlock-protocol/sherlock-reports/blob/main/audits/2024.08.05 - Final - MakerDAO Endgame Audit Report.pdf

Multi-Collateral Dai

• https://github.com/makerdao/mcd-security/blob/master/Audit Reports/TOB_MakerDAO_Final_Report.pdf

• https://github.com/makerdao/mcd-security/blob/master/Audit Reports/PeckShield_Final_Audit_Report.pdf

• https://github.com/makerdao/mkr-mcd-spec

Liquidations 2.0

• https://github.com/makerdao/mcd-security/raw/master/Audit Reports/Liquidations_2.0/Quantstamp_MakerDAO Liquidations 2.0 - Final Report with Maker Comments.pdf

• https://github.com/makerdao/mcd-security/raw/master/Audit Reports/Liquidations_2.0/Trail of Bits_MakerDAO Liquidations 2.0 Final Report.pdf

• https://github.com/makerdao/mcd-security/raw/master/Audit Reports/Liquidations_2.0/ChainSecurity_MakerDAO_Liquidations2.0_Final.pdf

• https://www.gauntlet.xyz/resources/maker-auction-assessment

Bug Bounty Program

Bug Bounty Program is managed by ImmuneFi and you can find the scope and rules on their website.