Service
Smart Contract Audit
DMD Diamond is not a new name in crypto. As an enterprise-grade Proof-of-Stake blockchain built on the HBBFT-POSDAO consensus, it first launched its original mainnet back in 2013, and most recently upgraded to the DMDv4 EVM mainnet on October 13, 2025, bringing instant finality, DAO governance, and a modern smart-contract stack to the network. DMD is positioning itself as a secure, scalable base layer for decentralized innovation.
To support that vision, the DMD Diamond Association engaged Softstack to perform an in-depth security audit of the core smart contract stack – including staking, validator set management, block rewards, DAO governance and the claiming contracts used for legacy DMD v3 migration.
The scope of the audit covered three main components:
Claiming / migration contracts – the ClaimContract used to migrate legacy DMD v3 coins to the new network through a trustless, signature-based mechanism.
Altogether, the review included more than 6,000 normalized lines of Solidity, multiple OpenZeppelin upgradeable components, and several custom libraries powering DMD’s validator rotation, bonus score system, and governance engine.
Three independent Softstack experts reviewed the contracts in isolation, combining:
The team focused on:
Governance controls – verifying upgrade paths, treasury spending and parameter changes can only be triggered through properly authorized DAO processes.
Across the entire codebase, the audit identified 48 findings ranging from high to informational severity. These included:
All findings were documented with clear impact analysis, proof-of-concept scenarios, and recommended fixes.
The DMD Diamond team then iterated closely with Softstack’s auditors, implementing code changes, adding protections and tightening edge-case handling wherever necessary. After remediation, the full codebase was re-checked twice, confirming that all issues had been successfully mitigated and that no regressions were introduced.
For validators, delegators and builders, the completed audit provides three key assurances:
Secure Migration from Legacy DMD
The claiming pipeline, which uses ECDSA signatures and Bitcoin-style addresses for legacy v3 holders, has been hardened against replay, signature-malleability and input-validation issues – helping protect both the old and new communities during migration.
DMD Diamond is a fully launched, modular Proof-of-Stake blockchain platform powered by HBBFT-POSDAO consensus. It offers instant finality, energy-efficient validation and an on-chain DAO that has the power to upgrade the contracts and treasury allocation. The mainnet is live with staking, delegation, governance and legacy asset migration.
Softstack is a leading Web3 security and software engineering partner, with more than 1,200 smart contract audits and a zero-exploit rate, delivered for ecosystems such as Ripple, Tezos, TON, BitGo, Fetch.ai and others. The company specializes in deep protocol reviews, infrastructure deployments and production-grade Web3 development across EVM, SVM, Cosmos SDK, Substrate and L2 stacks.
Together, DMD Diamond and Softstack are raising the security bar for BFT-based Proof-of-Stake networks – proving that serious infrastructure deserves serious review.
📞 Book a free consultation at https://calendly.com/softstack
OR
📤 Email hello@softstack.io with a link to your code repository so we can review your codebase and get you an accurate quotation.
Join our Service Partner Program (SPP) and provide your network with a trustworthy partner.
✅ Fast tracked onboarding
✅ Heavily discounted rates
✅ Over 1 million dollars in partner savings via https://deals.softstack.io
✅ Lead sharing and co marketing support
Softstack Finalizes Smart Contract Audit for Strobe Protocol’s Cross-Chain Money Market on XRPL EVM.
Service
Smart Contract Audit
Strobe Protocol is redefining DeFi for XRP holders, bridging the XRPL ecosystem with EVM-compatible environments using secure cross-chain communication via Axelar. The platform enables users to lend, borrow, and participate in vault-based yield strategies while preserving full composability across chains.
The audit covered mission-critical components of the protocol including:
⚙️ Cross-Chain Messaging Integrity
Auditing Axelar-based GMP flows to ensure state consistency, prevent spoofing, and avoid fund desyncs.
💸 Lending & Borrowing Logic
Reviewing all withdrawal, borrow, repay, and liquidation flows for security and accounting accuracy.
🔐 Oracle & Interest Rate System
Validating price feed integrity and interest rate curve enforcement to ensure proper risk management.
⚠️ Edge-Case Defense
Testing DoS risks, state reentrancy, and gas-scaling impacts on core pool functions.
✅ All vulnerabilities were remediated with appropriate mitigations
Notable findings and fixes include:
Cross-chain state handling safeguard to prevent ledger inconsistencies on failed token transfers
Oracle validation and staleness checks to avoid price manipulation or liquidation errors
Post-liquidation reserve accounting bug patched
ERC-20 decimals check added to avoid DoS on reserves
This collaboration reinforces the importance of security in DeFi. With Softstack’s audit complete, Strobe Protocol is now ready to enter production with improved resilience and cross-chain safety.
