As far as I knoe, either Certik or other firms audit only certain parts of the code/smart contract (depending on the client's request), not all of them. The contract audit firm will offer some kind of audit package to its clients and one project can choose several audit firms at once that handle different parts of the smart contract/code (perhaps for price reasons).
As some of the members said above, a project that has been audited is not necessarily guaranteed to be safe. Also, some reckless actions of the project team could damage audit certificates like a hacked defi project had a few months ago.
No, neither of them admitted that this was the result of their audit. LOL
Mixbytes claims
they did not audit the part of the contract that was the target of hacking, they only audit other contracts.Source:
https://twitter.com/MixBytes/status/1330413943148441602HAECHI claims that
the contract which is the target of the hack is a new contract that is not subject to the security audit.Source:
https://twitter.com/haechi_audit/status/1330347468802973698I'm not a coder to ask questions: how the contract that triggers the hack can be said to be not subject to a security audit?
This would put Pickle even more into the corner.
-snip-
So it means
the Pickle Finance run a new contract (yesterday they tweeted about such update)
which wasn't audited for security and putting the funds of contributors at risk.