# Audit Report

### Trail of Bits (January 28, 2021)

Throughout this assessment, we \[Trail of Bits] sought to answer various questions about the security of CREAM. We focused on flaws that would allow an attacker to:

* Manipulate asset prices returned by the price oracles.
* Subvert the imposed caps on borrowing or supplying.
* Bypass access controls to modify contract state.

Trail of Bits [Publications GitHub](https://github.com/trailofbits/publications/blob/master/reviews/CREAMSummary.pdf)

{% file src="<https://3057495129-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MKJWcUfnKdJ1BjWKoMM-3555916521%2Fuploads%2Fgit-blob-1dd4323e898465d6750e678f0000f254227453b9%2FCREAMSummary.pdf?alt=media>" %}
Audit Report - Trail of Bits
{% endfile %}