Throughout this assessment, we [Trail of Bits] sought to answer various questions about the security of CREAM. We focused on flaws that would allow an attacker to:
- Manipulate asset prices returned by the price oracles.
- Subvert the imposed caps on borrowing or supplying.
- Bypass access controls to modify contract state.
Trail of Bits Publications GitHub
{% file src=".gitbook/assets/creamsummary.pdf" caption="Audit Report - Trail of Bits" %}