The question is about CertiK audit results Onyx Protocol - CertiK Skynet Project Insight
See the Code Security section, View findings ⟶ Centralization Related Risks
Short answer: Onyx resolved this issue permanently on 28 Mar 2023.
Full answer:
Initially Onyx deployed contracts with centralized management to monitor bugs, issues, and set base parameters.
On 24 Mar 2023 with OIP-9: Launch OLP Governance, the Onyx Protocol:
- Transferred smart contracts ownership from centralized to the Onyx Governance and Onyx DAO
- Introduced the DAO Governance and the Voting module to increase transparency and user involvement
- Enabled Time locks for awareness of privileged operations
- Deployed the Onyx app, the website, and Onyx services using IPFS, decentralized and independent storage; the code is available on Onyx’s GitHub
- Shared this information with XCN holders to manage the protocol with the DAO Governance and Voting module
For details, see Onyx Protocol
Starting from 28 Mar 2023, when the protocol executed the OIP-9, the Onyx protocol is decentralized permanently; Users manage and secure the protocol.
CertiK audited Onyx on 2/28/2023, and the audit results do not reflect decentralization changes.
From a security perspective, this audit is not outdated, as the code remains the same; Onyx changed the ownership of the smart contracts from centralized to decentralized. Still, we do have plans for future security audits Engage a 2nd auditing firm to conduct an audit on ONYX - #2 by alex
Additionally, see OIP-6 Secure Proposal Timelock, Onyx Protocol