This document provides a summary of the security audits conducted on the Wyoming OFT (Ominichain Fungible Token) smart contracts. Two independent audits were performed by OtterSec and Zellic to identify potential vulnerabilities and ensure the security of the codebase.
| Auditor | Report Date | Number of Findings | Critical | High | Medium | Low | Informational |
|---|---|---|---|---|---|---|---|
| OtterSec | August 4, 2025 | 1 | 0 | 0 | 0 | 0 | 1 |
| Zellic | August 7, 2025 | 3 | 0 | 0 | 1 | 2 | 0 |
OtterSec conducted a security assessment of the upgraded solana-OFT program and wy contracts. Note: Contracts were renamed after this audit was conducted.
The audit focused on the following components:
- The endpoint interface program.
- A fork of the Anchor-spl library.
- A diff of the OFT program against the standard OFT program.
- The WY contracts.
The solana-OFT-update involved forking the anchor-spl library to support the Pausable extension and upgrading OApp programs to Anchor v0.31.1. The wy-contracts introduce a base token (WYST) and a yield-bearing token (wWYST) and manage cross-chain transfers.
See report.
Zellic performed a security assessment for LayerZero Labs from August 5th to August 7th, 2025, which was a continuation of a previous audit from July 14th, 2025. Note: Contracts were renamed after this audit was conducted.
The audit covered the Wyoming OFT contracts, including a secondary review of eef8740 and a tertiary review of b0a7eac4. The contracts introduce a base token (FRNT) and a yield-bearing token (wFRNT) using an ERC-4626 vault.
See report.
This summary is for informational purposes only and does not constitute financial or security advice. The full audit reports should be consulted for detailed information. The audit findings and remediation efforts reflect the state of the codebase at the time of the audits.