.svg)
Articles
Smart contract audits
Smart contract audits
July 16, 2025
Audits for V4
We upgraded Glo Dollar on Celo to V4 to introduce the capability to use Glo Dollars as a gas token. We used standardized code supplied by Celo to do this. Hals audited the upgraded contracts—see the token security review report—from May 21st to May 22nd, 2025, with a focus on the security aspects of the USDGLO V4 smart contract.
Audits for V3
We upgraded the smart contracts from V2 to V3 on June 6th 2023 upon receiving the below positive audit results–read more about it here.
0xmacro
0xmacro audited V3 in the week of May 15th 2023. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts to keep the smart contract stable for the next audit.
AfterDark Labs
AfterDark’s @sjkelleyjr and @securerodd audited V3 in the week of May 29th 2023. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts so that we could proceed with the upgrade without restarting the audit process.
Previous audits (V1)
Certik security audit
In Q4'2022, Glo recently underwent a comprehensive security audit by Certik, a blockchain security firm. The report identified two Centralization/Privilege risks and one informational risk.
- We addressed the first two by implementing a multisig wallet controlled by a governance council.
- We resolved the third by downgrading to a solidity release that Certik deemed stable. Our codebase is open source, and you can review the pull request here.)
Upgrading from V1 to V2
On April 3rd in 2023, the Glo team identified a critical security vulnerability. This vulnerability allowed any holder of Glo Dollar to increase their balance by sending any amount of Glo Dollar to themselves, after which their total balance would be increased by the sent amount. A malicious actor could have exploited this issue to steal funds.
Once we identified the issue, we took immediate action to confirm that it had not been taken advantage of, and then fixed the issue by upgrading from V1 to V2 on April 4th 2023. (We describe this in more details, and how we changed our processes to better address threats like this, in this blogpost.)
This could be the info box
In this program, GiveDirectly identifies impoverished African villages to give their citizens $30 per month, transferred via mobile money technology, for 3-5 years. For people living on less than $2/day this is a transformational amount.
Glo's economic model is to invest its reserve in short-term Treasury bills and give the proceeds away entirely to GiveDirectly.
References (this is a heading2)
- This is a list for references
- reference 2
- reference 3
This is additional reference text
Audits for V4
We upgraded Glo Dollar on Celo to V4 to introduce the capability to use Glo Dollars as a gas token. We used standardized code supplied by Celo to do this. Hals audited the upgraded contracts—see the token security review report—from May 21st to May 22nd, 2025, with a focus on the security aspects of the USDGLO V4 smart contract.
Audits for V3
We upgraded the smart contracts from V2 to V3 on June 6th 2023 upon receiving the below positive audit results–read more about it here.
0xmacro
0xmacro audited V3 in the week of May 15th 2023. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts to keep the smart contract stable for the next audit.
AfterDark Labs
AfterDark’s @sjkelleyjr and @securerodd audited V3 in the week of May 29th 2023. Their report includes a number of non-critical recommendations, which we chose to postpone to a future upgrade of the smart contracts so that we could proceed with the upgrade without restarting the audit process.
Previous audits (V1)
Certik security audit
In Q4'2022, Glo recently underwent a comprehensive security audit by Certik, a blockchain security firm. The report identified two Centralization/Privilege risks and one informational risk.
- We addressed the first two by implementing a multisig wallet controlled by a governance council.
- We resolved the third by downgrading to a solidity release that Certik deemed stable. Our codebase is open source, and you can review the pull request here.)
Upgrading from V1 to V2
On April 3rd in 2023, the Glo team identified a critical security vulnerability. This vulnerability allowed any holder of Glo Dollar to increase their balance by sending any amount of Glo Dollar to themselves, after which their total balance would be increased by the sent amount. A malicious actor could have exploited this issue to steal funds.
Once we identified the issue, we took immediate action to confirm that it had not been taken advantage of, and then fixed the issue by upgrading from V1 to V2 on April 4th 2023. (We describe this in more details, and how we changed our processes to better address threats like this, in this blogpost.)
Worldwide • Full remote
Worldwide • Full remote
Worldwide • Full remote
