Audit Report

Trail of Bits (January 28, 2021)

Throughout this assessment, we [Trail of Bits] sought to answer various questions about the security of CREAM. We focused on flaws that would allow an attacker to:

  • Manipulate asset prices returned by the price oracles.

  • Subvert the imposed caps on borrowing or supplying.

  • Bypass access controls to modify contract state.

Trail of Bits Publications GitHub