Audits

ZKsync takes security seriously and as such, we have completed multiple audits in all critical parts of the protocol.

Audits

We always ensure that all code deployed to production has been thoroughly tested before release. Our auditing and review processes begin well before any code is deployed. We conduct internal audits, followed by independent external audits from reputable auditors. If applicable, we also hold a public auditing contest and top it off with another independent external audit.

Here is the list of completed audits:

• Layer 1 Smart Contracts, Internal Audit, from 2022-06-14 to 2022-08-17.
• Layer 1 Smart Contracts, OpenZeppelin, from 2022-09-05 to 2022-09-30.
• Layer 1 Diff Audit (Upgrade Audit), OpenZeppelin, from 2022-11-21 to 2022-11-25.
• Layer 1 Diff Audit (Upgrade Audit), OpenZeppelin, from 2023-02-06 to 2023-02-17.
• Layer 1 Public Contest, Code4rena, from 2022-10-28 to 2022-11-09.
• Layer 1 Smart Contracts, Secure3, from 2022-10-22 to 2022-11-06.
• WETH Bridge Audit, OpenZeppelin, from 2023-03-27 to 2023-03-31.
• Bridge and .transfer & .send, OpenZeppelin, from 2023-04-24 to 2023-05-01.
• GnosisSafeZk Assessment, OpenZeppelin, from 2023-05-22 to 2023-05-26.
• Upgrade System, OpenZeppelin, from 2023-06-26 to 2023-06-30.
• Layer 1 Messenger Upgrade, OpenZeppelin, from 2023-08-30 to 2023-09-14.
• Diff and Governance Audit, OpenZeppelin, from 2023-12-04 to 2023-12-22.
• Layer 2, Internal Audit, from 2022-08-17 to 2022-10-24.
• Layer 2 Bootloader, OpenZeppelin, from 2022-11-28 to 2022-12-23.
• Layer 2 Fee Model and Token Bridge, OpenZeppelin, from 2023-01-23 to 2023-02-17.
• Layer 2 System Contracts Public Contest, Code4rena, from 2023-03-10 to 2023-03-19.
• Layer 2 Block Refactor, OpenZeppelin, from 2023-07-25 to 2023-07-31.
• Keccak256 Upgrade, OpenZeppelin, from 2023-10-23 to 2023-10-27.
• Layer 1 & 2 Diff Audit, OpenZeppelin, from 2023-11-27 to 2023-12-05.
• Short-Term Fee Model Changes, OpenZeppelin, from 2023-12-06 to 2023-12-13.
• ZK Proof System, Internal Audit, from 2022-10-24 to 2022-11-18.
• ZK Proof System, Halborn, from 2023-01-09 to 2023-03-08.
• Smart Contract Security Assessment, Halborn, from July 12th, 2023 - July 20th, 2023.
• SNARK Wrapper, Spearbit, November 2023
• EIP-4844 Support, OpenZeppelin, February 2024