Empiric Oracle is a decentralized, transparent and composable oracle network, leveraging state-of-the-art zero-knowledge cryptography. Empiric Oracle partners with market makers and exchanges who sign and timestamp their own high quality, robust data and send it directly on-chain.
Zellic conducted an audit for Empiric Network from August 29th to September 16th, 2022.
Our overall assessment of the project is that it was well-written and demonstrated a strong familiarity with Starknet, was well-structured, and often employed defensive implementation and designs that suggest resilience to security issues during development. Despite the restrictions that development with Starknet and Cairo impose, Empiric Network has done an excellent job not only implementing non-trivial features but doing so in a way that is safe in the relatively novel Starknet ecosystem.
We applaud Empiric Network for their attention to detail, as evident by Empiric Network self-identifying issues early on in the course of the audit.
Zellic thoroughly reviewed the Empiric Oracle codebase to find protocol-breaking bugs as defined by the documentation and to find any technical issues outlined in the Methodology section of this document.
During our assessment on the scoped Empiric Oracle contracts and non-contract code, six findings were discovered. Two high issues, one medium issue, and two low issues were identified, and the remaining finding was informational in nature due to updates in Starknet's platform.
Additionally, Zellic identified and recorded suggestions during the course of the audit for Empiric Network's benefit in the Discussion section at the end of the document.