.svg)
Summary
The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. Security regarding all the aforementioned subjects is high.
It is known that the weETH oracle introduced can be prone to manipulation. However, it is deemed that there is no practical risk with the intended configuration. For more information, please refer to issue weETH oracle manipulation.
Note that the oracles for wstETH, rETH and weETH may fail to provide accurate results in case of anLST/LRT depeg, see the note ETH oracle is used for LST pricing.
The general subjects covered are specification, gas efficiency, and trustworthiness. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About SparkLend Advanced
SparkDAO has implemented eight new price oracles to be used within the SparkLend protocol: a fixedprice oracle, an oracle with a capped price, a wstETH oracle, a rETH oracle, a weETH oracle, a rsETHoracle, an ezETH oracle and an spETH oracle. Additionally, three peg ratio oracles (cbBTC, rETH,weETH) have been introduced for KillSwitch depeg detection.
A MorphoUpgradableOracle has beenintroduced for use in MorphoBlue. Furthermore, two interest rate strategies have been implemented. Onesets the base rate using a rate source, while the other targets a specific rate at optimal utilization. Finally,a capped fallback rate source has been added.