# Audits

## Starknet

All contracts were most recently audited by Plainshift, concluding February 14th, 2025.

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FpJYdg1jp3g9ut87p5Emq%2Fplainshift%20ekubo.pdf?alt=media&token=1a51726d-1fcc-411a-ae1d-949e90f7e2e0>" %}
Audit report from Plainshift
{% endfile %}

### Core Contracts

Our core contracts were audited for 15 eng-weeks by Nethermind Security.

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FQRpaG8UbUhVThiOUpCEo%2FNM0123_EKUBO_FINAL_PUBLIC.pdf?alt=media&token=f985eb7a-5b04-49fa-908a-558d090a93c3>" %}
Partially redacted version of the report
{% endfile %}

### TWAMM Extension

The TWAMM extension, powering [DCA-enabled pools and DCA orders](https://docs.ekubo.org/user-guides/dollar-cost-average-orders), has been audited.

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FYQSqaiRS0PJCjMb01laE%2FNM0205_EKUBO_TWAMM.pdf?alt=media&token=177a2291-5069-4344-a119-d4d2524041fb>" %}

### Revenue buybacks

The [first version of the revenue buybacks contract](https://github.com/EkuboProtocol/revenue-buybacks/releases/tag/v1.0.0) has been audited.

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FRlH3JYzOLne0Yi9K9TDg%2FNM_0282_FINAL_Ekubo_Revenue_Buybacks.pdf?alt=media&token=7be6984a-b7b7-40bc-8f32-4dc6e6b0212c>" %}

### Oracle Extension

The [oracle extension](https://github.com/EkuboProtocol/oracle-extension) has not been audited.

## Ethereum

The Ethereum Ekubo Protocol smart contracts have been audited by both ABDK and Plainshift. The Ethereum smart contracts are immutable.

### Ekubo Protocol Audits

Audits for our V3 smart contracts can be found in the [audits directory](https://github.com/EkuboProtocol/evm-contracts/tree/main/audits) of our source code. Below are audits of previous versions of the EVM smart contracts.

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FwOLy0F8Kln2qG2ZFyc3V%2FEkubo%20EVM%20Deployment%20Plainshift%20Audit.pdf?alt=media&token=8c3c0b43-5537-441d-a5a1-f5fabad3cb77>" %}
Plainshift V2 audit report
{% endfile %}

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2FIEez2iqmq6I9MoOf6tQE%2FABDK_Ekubo_EkuboProtocol_v_1_0.pdf?alt=media&token=406964ef-d5a4-491a-a9b5-a25271307c6d>" %}
ABDK V2 Core Audit Report
{% endfile %}

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2F5lHIaxebizbUqCjxg0Qo%2FABDK_Ekubo_InvariantAnalysis_v_1_0.pdf?alt=media&token=39c3124c-3dfc-416d-8702-a182dc563ce5>" %}
ABDK V2 TWAMM Invariant Analysis
{% endfile %}

{% file src="<https://315464330-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTLfgXtzlwI2fzDVFEifT%2Fuploads%2Fz1aJ3uS9FgNNSb3K2a1D%2FABDK_Ekubo_TWAMM_v_1_0.pdf?alt=media&token=01d95dc4-5fe4-45b7-aa84-ece415c25b00>" %}
ABDK V2 TWAMM Audit
{% endfile %}

### Starknet L1 Proxy

The Governance Starknet L1 Proxy has been audited by Cairo Security Clan and the report can be found on [GitHub](https://github.com/EkuboProtocol/governance/blob/main/l1_proxy/Ekubo_Governance_L1_Proxy.pdf).