MAGIC Grants contracted Trail of Bits, a leading cybersecurity and research firm, to audit the Ethereum smart contract that is expected to be used by Serai. Serai is a forthcoming decentralized exchange that will initially be compatible with the Ethereum, Bitcoin, and Monero blockchains.
Serai is open-source and has a strong potential to be important public infrastructure. Thus, security reviews are essential to ensure the safety of its components.
The Trail of Bits audit was prepared by Gustavo Grieco and Opal Wright under the direction of Jim Miller, Director of Cryptography.
The review consisted of three engineer-weeks of effort. Their testing efforts focused on on-chain and off-chain code for the Ethereum side of the Serai DEX, including router operations, ERC-20 token handling, and the use of cryptography primitives.
They found that the code in scope follows best practices for development and is well documented. The review produced two information-severity findings and three code quality suggestions. Zero high, medium, and low-severity findings were discovered.
Both informational findings were resolved. Further information on these findings and their resolutions are available in the public audit report.
MAGIC Grants would like to thank Trail of Bits for their detailed review of this project, and we would like to thank Luke Parker for their efforts in developing Serai.