FYEO Completes Concordia Security Assessment
FYEO is pleased to announce the completion of the Concordia security assessment.
Concordia is a modular risk and collateral management protocol that enables multi-chain collateralization of digital assets. It serves as a base layer for liquidity aggregation, enabling DeFi protocols to access liquidity without the need for their own liquidity providers. By consolidating liquidity across various chains, Concordia enhances liquidity on the blockchain.
Recently, Concordia underwent a thorough audit by FYEO, focusing on its main component built on the Aptos blockchain. The audit aimed to ensure the security, reliability, and functionality of the protocol. Through code reviews and system architecture analysis, FYEO assessed Concordia's resilience against potential threats and vulnerabilities.
The FYEO Process
When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete.
Our goal is to give our clients the following:
A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.
An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.
Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.
Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.
Findings & Report
During the Secure Code Review of Concordia, we discovered:
2 findings with CRITICAL severity rating.
2 findings with HIGH severity rating.
4 findings with MEDIUM severity rating.
5 findings with LOW severity rating.
11 findings with INFORMATIONAL severity rating.
Following the audit, the Concordia team worked in conjunction with the FYEO team to remediate all security vulnerabilities identified and shared.
Please see the attached full report to learn more.