Back
"The Guardian team is incredibly knowledgeable, thorough, and mindful. They caught issues that required extensive knowledge of dependencies. I would recommend anybody work with Guardian!"
0xQuit
Yuga Labs
This case study highlights Guardian’s comprehensive audit of Yuga Labs’ NFT Shadows system—a next-generation cross-chain solution enabling Yuga NFTs to mirror, delegate, and track ownership securely across multiple chains. Guardian conducted two audit engagements of Yuga Labs’ NFT Shadows system, ensuring proper and robust security before launch.
The full reports are available here.
Guardian is the new standard in smart contract security, redefining audits with dual independent security teams, specialized fuzzing engineers, and an aggressive vulnerability discovery methodology. This approach consistently drives maximum issue discovery, ensuring projects ship with unmatched confidence.
Yuga Labs, creators of Bored Ape Yacht Club, Ape Chain, and more, designed NFT Shadows to enable secure, seamless cross-chain NFT ownership and utility. Building on prior innovations, NFT Shadows introduces "shadow NFTs" to represent assets on secondary chains while maintaining real-time ownership synchronization and delegation tracking across chains.
Given the highly complex state-syncing, ownership mirroring, and cross-chain delegation logic, Yuga Labs needed a security partner with deep experience in EVM cross-chain interactions and race condition modeling. Guardian’s dual-team methodology, deep fuzzing capabilities, and infrastructure expertise were critical to securing the protocol across its development phases.
Over two separate 1-week engagements (2 weeks total), Guardian audited the NFT Shadows system:
Phase 1:
• Audit to secure the foundational cross-chain mirroring and delegation logic.
Phase 2:
• Audit of the finalized NFT Shadows system, verifying full system integrations, reorg handling, deployment scripts, and ERC standard compliance.
Across both phases, Guardian deployed two independent audit teams and a dedicated fuzzing engineer to:
• Conduct line-by-line manual review of all core contracts.
• Perform stateful fuzzing of delegation, ownership, and bridging flows.
• Simulate stale state conflicts, chain reorgs, gas-based DoS conditions, and multi-chain edge cases.
• Audit deployment scripts, LayerZero configurations, and fallback logic.
• Build custom test harnesses to validate state consistency and message handling.
Across the combined audit, Guardian uncovered 51 findings:
• 1 Critical
• 4 High Severity
• 16 Medium Severity
• 30 Low Severity
All issues have been fully remediated by the Yuga Labs team.
Messaging Channel Blocked by Locked Chain Reads
Guardian discovered a critical issue where the ownership read function would revert if the target NFT was in a locked state. In LayerZero v2, read verification is essential for message processing, and if a read call reverts, the DVNs are unable to verify the message. Because messages must be verified in order, this causes the entire messaging channel to stall at that point, blocking all subsequent messages (MessagingChannel.sol#L138).
This failure mode could lead to bricked cross-chain functionality, especially in systems relying on reliable state reads for ownership or delegation. Guardian recommended refactoring the read function to return a structured status flag instead of reverting. This ensured that even in locked states, messages could be safely verified and the channel could continue processing without manual intervention or message skipping.
Stale Delegation Writes Cause Invalid Rights
Stale state reads could allow multiple users to retain delegation rights simultaneously, breaking synchronization across chains.
Permanent Delegation to address(0)
Improper handling of burn and delegation edge cases allowed delegation rights to become irrecoverable or incorrectly reassigned.
Ownership Cannot Be Synced to Base Chain
Faulty callback paths prevented updates to ownership states on the base chain, risking permanent desynchronization.
Reorgs Invalidate the Locked Invariant
Chain reorganizations could corrupt ownership states unless probabilistic finality measures were implemented.
Guardian’s audits resulted in:
1. Delegation rights and ownership syncing fortified across chains
2. LayerZero V2 messaging reliability reinforced
3. Deployment processes refactored for cross-chain safety and gas efficiency
4. Hardening against gas-starvation DoS attacks, stale reads, and reorg edge cases
5. ERC-721C and ERC-4906 compliance gaps fully addressed
6. Internal test coverage and invariant testing enhanced at Yuga Labs
By securing the complete NFT Shadows implementation, Guardian ensured Yuga Labs could confidently launch a robust, secure cross-chain NFT ownership system.
Total Findings: 51 Issues Identified & Resolved
Platform: Crosschain EVM
