Back to case studies

Oku Trade

Uniswap v3

Audit dates:

May 17, 2023


May 31, 2023

Company Background

Driven by a $1.6m grant from the Uniswap Foundation, the GFX Labs team built Oku to directly bring the most advanced trading experience to Uniswap v3 markets across Ethereum, Polygon, Arbitrum, and Optimism.

Through a UI familiar to centralized exchanges, Oku leverages the properties of single-sided Uniswap v3 liquidity positions with hyper-reliable Chainlink Automation infrastructure to offer on-chain limit orders. These orders then allow users to apply specific conditions to trading pools for enhanced control over their trading strategies.

Audit Summary


Lead Security Researchers
Bugs found


Audit Overview

Cyfrin recently conducted a comprehensive security review of Oku Trade by GFX Labs over three weeks. Despite Oku being previously audited in a comprehensive security review by another top-notch blockchain security company, our team at Cyfrin was able to raise many additional findings.

Lead auditors Giovanni Di Siena and Hans and assisting auditor Alex Roan prepared the final audit report, uncovering a total of 21 issues, including six medium-risk and five low-risk.

Here you can read the full Oku Trade security report.

Audit Details

High-level Protocol Breakdown

The Cyfrin team reviewed all protocol features and entry points, including storage mappings data structures, user functions, and external protocol dependencies.

Variable instances of the type OrderStatus enum were particularly interesting since they were heavily used to trigger change based on the current Uniswap v3 pool tick. One particular scenario identified involved circumventing the OrderStatus validation to modify orders in a state in which this should not be possible.

Our most relevant findings were concerned with the implementation of the order book as a doubly linked list of BatchOrders with lower/upper ticks for a given target tick price, separated by one tick space.

However, limit orders go in both directions, so additional validation is also required on the direction of orders. Getting this validation wrong can result in registering the deposit of one asset as the other, which could allow an attacker to own an outsized proportion of the deposits for a given position.

This particular issue was fixed in an earlier commit, but we found that this order book implementation still gave rise to issues when creating and canceling orders under certain conditions.

Auditor notes

Why is Cyfrin the best choice for this audit

With two of Cyfrin’s co-founders coming from the Chainlink ecosystem, Cyfrin was perfectly positioned for a thorough review of the Oku protocol - which leverages Chainlink automation functions to perform trades.

Our auditors’ deep knowledge of Chainlink meant we could jump quickly into the codebase, be better aware of its potential and limitations, ask more thoughtful questions, and look at edge cases we would’ve not likely thought out otherwise.

The team performed architecture analysis and diagrams, invariant tests, pattern mapping, entry point stress testing, stateful fuzzing, and a manual review process.

Our Auditing Process

At Cyfrin, our audit process is both meticulous and customer-centric. It begins with individual manual reviews of the codebase by each team member. We then examine previous audit reports to identify potential weak areas. This is complemented by an initial ramp-up period for auditors to familiarize themselves with the codebase, followed by continuous internal calls with the client's team throughout the audit timeframe.

We use static analysis tools like Cyfrin Aderyn and Slither to identify minimal findings, and Cyfrin Solodit, our vulnerabilities aggregator, for in-depth research into similar bugs in the field. Techniques like invariant testing and stateful fuzzing also come into play to support the primary manual audit process.

Communication is key in our process; we establish separate internal communication channels at the start of each audit and maintain a separate per-audit GitHub project board for more formal tracking of ideas and findings. Our commitment to our customers and open, ongoing communication is at the core of what we do at Cyfrin.

“At Cyfrin, we aim to be more than the sum of our parts; so each auditor individually follows their process to begin with, and then we come together within the team to exponentiate our findings and creative thought processes. We diverge and converge.” ~ Giovanni Di Siena, Lead Auditor


Incubating security at every part of the developer’s journey, Cyfrin performed an in-depth review of the Oku protocol, leveraging its Chainlink expertise.

Through reviewing Oku, our auditor team also became proficient in the underlying Uniswap v3 contracts the protocol leverages and gained deeper expertise in batch operations and trades.

In this process, we learned about the importance of invariant tests and competitive audits to follow in ensuring the protocol’s full safety.


Cyfrin has performed a thorough security review of the codebase in scope as of the date specified, which should not be construed as an endorsement of the protocol. Despite our comprehensive review, vulnerabilities may still exist, and we encourage users to conduct their own research before engaging.

Secure your protocol today

Join some of the biggest protocols and companies in creating a better internet. Our security researchers will help you throughout the whole process.
Stay on the bleeding edge of security
Carefully crafted, short smart contract security tips and news freshly delivered every week.