Audits & Security
Dolomite splits its smart contract development to two repositories: Core & Modules.
First, why two repositories?
Dolomite splits its smart contract source code between two repositories for a few reasons:
The Core repository was originally made by the dYdX team and uses old development practices and an older version of Solidity. We wanted to change as little as possible of the architecture of this repository because it worked exceptionally well and demonstrated its security
The Core repository is an encapsulation of the core protocol's immutability. Generally, this repository won't change
Testing in the Core repository revolves around unit tests, whereas the Modules repository enables more comprehensive testing with end-to-end integration testing by forking any live network
Dolomite Margin - Core
The Dolomite Margin Core smart contracts were audited independently at various points in their lifecycle by Zeppelin Solutions, Bramah Systems, SECBIT Labs and most-recently by Cyfrin.
The Cyfrin audit report covers the most recent suite of updates to the smart contracts. The SECBIT audit was conducted prior to launch of Dolomite on Arbitrum One. The Zeppelin Solutions and Bramah Systems audit reports cover the original version of the smart contracts that was created by dYdX (when the protocol was called Solo Margin).
Dolomite Margin - Modules
The DolomiteMargin Modules smart contracts are were audited by Zokyo and Guardian Audits. Please be aware that this repository undergoes active development and the scope (and smart contracts) covered by each audit is different.
This repository will contain most active development, since it's where the protocol performs its integrations and creates new features that sit atop the Core's immutable infrastructure.
Code Coverage
All production smart contracts are extremely well-tested and have 100% line, statement, and branch coverage.
Coverage Report for
Dolomite Margin - CoreCoverage Report for
Dolomite Margin - Modules
Last updated