Omniscia Gamma Strategies Audit
Tokemak Hypervisor Controller Security Audit
Audit Overview
We were tasked with auditing the Gamma Strategies codebase and in particular their controller implementation for the Tokemak ecosystem integrating with Tokemak's Hypervisor.
Over the course of the audit, we were able to identify potential mis-integrations with the Hypervisor based on the implementation that was provided within the repository of the Gamma system.
We advise the Gamma Strategies team to evaluate all of our exhibits including the optimizational ones and remediate the vulnerabilities identified within the report.
Post-Audit Conclusion
The Gamma Strategies team alleviated all exhibits identified within the report as advised, with one of the exhibits being properly addressed in a second iteration and another one being nullified after extensive deliberation between Omniscia and Gamma Controller.
All optimizational exhibits identified were considered by the Gamma Strategies team and were not applied as in some cases they would negatively impact the compatibility of the system with other contracts and in others would simply not achieve an observable gas benefit.
Contracts Assessed
Audit Synopsis
| Severity | Identified | Alleviated | Partially Alleviated | Acknowledged |
|---|---|---|---|---|
 | 2 | 2 | 0 | 0 |
 | 0 | 0 | 0 | 0 |
 | 2 | 2 | 0 | 0 |
 | 8 | 4 | 1 | 3 |
During the audit, we filtered and validated a total of 3 findings utilizing static analysis tools as well as identified a total of 9 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: