Organization
- @makerdao
Engagement Type
Cantina Reviews
Period
-
Repositories
Researchers
CCTP and Swap Flow Logic Review of Spark ALM
MakerDAO built the Spark ALM Controller to manage cross-chain stablecoin flows using CCTP and rate-limited transfer systems. This includes USDC transfers, token swaps, and proxy execution logic, supporting the broader Maker ecosystem's goal of stable, automated liquidity operations across chains.
To reinforce safety in early-stage deployments, MakerDAO engaged Cantina for a security audits review of the Spark ALM codebase. The audit focused on controller rate limit granularity, function clarity in token swap parameters, and initialization consistency within the Mainnet and Foreign Controllers to ensure secure setup and avoid unintended execution paths.
Cantina also offers continued protection for MakerDAO’s liquidity and governance systems through bug bounty programs, crowdsourced security competitions, and multisig security, reinforcing secure capital flow across permissioned bridges and automated vault infrastructure.
Findings
Low Risk
1 findings
1 fixed
0 acknowledged
Informational
6 findings
5 fixed
1 acknowledged