We were tasked with auditing the codebase of Alliance Block and in particular their Bridge implementation.
The bridge works by creating a wrapped token implementation with minting and burning capabilities that is minted upon a token's entry and exit in the bridge respectively. Such actions are governed via a subset of members that all receive a portion of the minting and burning fee respectively that are part of the cross-chain interactions of the contract.
The codebase has been coded conforming to the EIP-2535 Diamond standard and is well documented and defined. Over the course of the audit, we were able to point out certain minor misbehaviours of the system as well as optimizations across the board, the former of which we strongly advise the Alliance Block team to deal with.
During the audit, we filtered and validated a total of 7 findings utilizing static analysis tools as well as identified a total of 11 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: