Zivoe Vault
Decentralized RWA Credit Protocol
Critical / High
Medium
Low / Informative
Report files
Audit lifecycle
Public reports represent completed engagements with finalized deliverables.
Completed
Scheduled
Scope, timeline, and review plan were agreed.
Completed
In Progress
Manual review and verification work were carried out.
Current stage
Completed
The engagement wrapped with a published final report.
Executive Summary
High-level assessment and conclusions
A concise overview of the audit scope, core findings, and the key outcomes from the engagement.
Runtime Verification Inc. was engaged by Zivoe to conduct a security audit of its Zivoe Vault functionality, focusing on the ZivoeVault, ZivoeRouter, and OCT_Convert contracts. This audit aimed to evaluate the security and correctness of the implementation, identify any exploitable vulnerabilities, and offer recommendations to enhance the system's reliability. The audit took place over one calendar week, from March 24 to March 31, 2025. The process began with a design review to understand the high-level intent and security-critical invariants of the vault system, followed by a detailed manual review of the Solidity implementation. This comprehensive approach was supported by Kontrol, a formal verification tool, to write and check invariants across symbolic state transitions, ensuring a thorough examination within the allocated timeframe.
Reports
Download the audit artifacts
Access the published PDF deliverables associated with this engagement.
PDF report 1
Zivoe Vault.pdf
Download the published report for this engagement.