Solady Solidity Library Audit by Cantina

Low-Level Solidity Utility Library Audit of Solady

Solady is a collection of gas-optimized Solidity libraries widely used across the Web3 ecosystem for efficient and minimal smart contract development. It includes utilities for clone factories, ECDSA recovery, Merkle proofs, and ERC token standards, with a focus on low-level memory and calldata manipulation.

To support its long-term security, Solady underwent a security audits review coordinated by Cantina as a public goods engagement. The review covered components like LibClone, SignatureCheckerLib, ERC20, and ERC1967Factory, highlighting risks in length handling, memory pointer safety, and cryptographic assumptions.

Cantina supports open-source and infrastructure projects like Solady with additional layers of assurance through bug bounty programs, crowdsourced security competitions, and multisig security, helping secure shared tooling across the smart contract ecosystem.