Bware Bridge Vault Security Audit

We were tasked with auditing the codebase of Bware Labs and in particular their cross-chain bridge and vault implementation.

The code style of the contracts does not conform to the official Solidity style guide and we strongly recommend the codebase to be adjusted to be compliant with it to enhance its legibility.

We identified a potentially exploitable mechanism in the way the governance of the Bware bridge operates that we strongly advise the Bware team to remediate. Additionally, we pointed out certain inefficiencies as well as minor issues that we think should be alleviated before the contracts are considered ready for launch.

Overall, the contract system's design is sound and does not possess any irrepairable flaws.

During the audit, we filtered and validated a total of 3 findings utilizing static analysis tools as well as identified a total of 14 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.

The list below covers each segment of the audit in depth and links to the respective chapter of the report:

• 💻 Compilation
• 🔍 Static Analysis
• 👁️ Manual Review
• 🖋️ Code Style