.png)
Summary
The most critical subjects covered in our audit are functional correctness, access control and front-running prevention. Security regarding all the aforementioned subjects is high. However, one minor issue was found, that might endanger the system, if access control restrictions are ever softened, see CreateX entropy bit limit.
The general subjects covered are code complexity, upgradeability and unit testing. Code complexity is low due to the use of standard libraries and good readability. Security regarding Upgradeability is good. Testing is good, but the compiler version is not fixed for tests and deployment, see Floating pragma version.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Velodrome Superchain
Velodrome Superchain is an extension of existing Velodrome V2 Optimism reward mechanics to other networks within the Optimism Superchain ecosystem. Deployments on all leaf chains are managed from the Optimism mainnet Root chain, via Hyperlane bridge infrastructure.
"Velodrome Finance is a next-generation AMM that combines the best of Curve, Convex and Uniswap, designed to serve as the liquidity hub for the Superchain."
Summary
The most critical subjects covered in our audit are callback handling, nested operations, nonce processing, and slippage protection in swaps. Security regarding all aforementioned subjects is high. The unexpected slippage caused by accumulation of deviations of oracles, described in RecurringSwap Oracle deviations contributing to slippage, has been acknowledged as part of the behavior of the system, and properly documented.
All the issues raised have been satisfactorily addressed by Legend Labs, however a QuarkWallet is designed to execute arbitrary code in the context of a user's wallet through delegatecall. Script developers must understand the core mechanics of the Quark wallet before integrating with it, and Legend Labs should safeguard users against blind-signing malicious payloads by providing appropriate tooling to inspect wallet operations.
In summary, we find that the Quark codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Legend Labs Quark V2 and Quark Scripts
Legend Labs implements Quark v2, a smart contract wallet that enables accounts to run arbitrary scripts, Legend Labs also provides a suite of scripts to facilitate wallet operation and interact with DeFi systems. This audit follows our first audit of Quark, which can be found here. The new system implements an updated version of nonce control and state isolation, and introduces transient storage.
.png)
Summary
The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. The general subjects covered are documentation, unit testing and gas efficiency. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Spark PSM
SparkDAO implements a peg stability module that supports three assets - two stable coins (USDC and USDS) and one yield-bearing wrapped stablecoin (sUSDS). That is intended to both stabilize the peg and offer liquidity on L2s.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
.png)
Summary
The most critical subjects covered in our audit are the security of the funds and the liveness and correctness of the bridging process. Only minor issues were uncovered. Security regarding all the aforementioned subjects is high.
The general subjects covered are the efficiency of the implementation, centralization, specification, documentation, and testing. The efficiency of the implementation could be improved in some cases. The centralization of the system is very high. This means that the admins of the system are in full control of the funds on the bridge and Tron. Specification and documentation are sufficient as well as unit testing.End-to-end testing seems to not be sufficient. This is particularly important given that TronVM might differ from Ethereum in unexpected ways.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Tron-peg USD Coin (USDC)
JustCrypto launches a Tron-peg USDC token on Tron Chain and implements a bridge between Ethereum and Tron to allow users to transfer USDC between the two chains. Users' assets are locked on TronUSDCBridge contract controlled by TronUSDCBridgeController. An operator of the bridge then mints an appropriate amount of USDC on Tron. Tron USDC is controlled by the USDCController.
Summary
The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. While security regarding all the aforementioned subjects is high, this report contains some notes about the proper use of the contracts. The most significant finding discusses Precision Loss in rewardRate Calculation.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Maker EndGame Toolkit
In the latest version, reviewed changes were made to the StakingRewards contract: updating the rewards duration can now be done during an active distribution. Furthermore the constructor now features an additional check to prevent an unsupported configuration. Overall the endgame-toolkit offers a new governance token for SubDAO-level governance, a SubProxy for executing governance delegatecalls and a farming module allowing stakers to earn rewards.
--
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, access control and the integration with Arbitrum's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Arbitrum Token Bridge
MakerDAO implements a custom token bridge between Ethereum and Arbitrum that supports the bridging of multiple tokens.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.
The most critical subjects covered in our audit are functional correctness, access control and the integration with the OP stack's messaging infrastructure. The general subjects covered are error handling, trustworthiness and specification. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO OP Token Bridge
MakerDAO implements a custom token bridge between Ethereum and L2s based on the OP stack.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, and access control. Security regarding all the aforementioned subjects is high.
The audit did not uncover any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Sulu AaveV3 Flashloan
Enzyme Foundation implements a smart account for AaveV3 flash loans. Only flash loans with interestRateMode 0 can be performed, enforcing the flash loan to revert if not payed back directly.
Summary
The most critical subjects covered in our audit are functional correctness, access control and front running resistance.
Security regarding all the aforementioned subjects is high. A missing sanity check (see Rate is not validated) has been added.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO Sky Deployment Scripts
MakerDAO implements a governance token and an exchange contract for exchanging MKR against the new token in a predefined ratio. This audit report reviews the security and correctness of the corresponding deployment scripts.
--
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, security of the assets and the proxy/upgradability pattern. Security regarding all the aforementioned subjects is high.
The general subjects covered include the specification, adherence to the ERC standards and optimisations.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO Savings USDS
MakerDAO implements Savings USDS, a tokenized implementation of a savings rate for USDS.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are security, functional correctness and seamless integration with the existing system. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About USDS Smart Contracts
MakerDAO introduces a new stablecoin token (USDS, rebranded DAI) along with a permissionless converter for 1:1 conversions between DAI and USDS. The USDS is an ERC-20-compliant token, and the converter, DaiUsds, enables seamless exchanges. The project also features UsdsJoin, which is the USDS equivalent of DaiJoin.
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are denial of service, correct access control and correct usage of the new Vyper modules. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Curve Fee Splitter
Curve implements fee splitter to distribute fees (in crvUSD token) from the crvUSD stablecoin markets to different recipient according to configured weights.
“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.
Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”
Summary
The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO OP Farms Smart Contracts
MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to afarm contract on OP Stack L2s.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
.png){kind=logo}
Summary
The most critical subjects covered in our audit are asset solvency and front-running resistance. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, code complexity, and documentation. Security regarding all the aforementioned subjects is satisfactory, but can be improved, see Franchiser.subDelegateMany() Modifier Called in a Loop and Inaccurate NatSpec.
In summary, we find that the codebase provides a high level of security. No issues were identified that would pose a significant risk to the system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Uniswap Franchiser smart contracts
Uniswap Foundation implements a Franchiser system, that allows multi-level delegation of UNI tokens' voting power.
"The Uniswap Foundation is dedicated to building a self-sustaining community that contributes to the future growth of the Uniswap Protocol. We have strategically designed our grants program to create a long-lasting ecosystem made up of developers, researchers, and governance contributors. We strive to create shared ownership for our entire community and work with them to define the future of DeFi’s most important protocol."
Summary
SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.
The most critical subjects covered in our audit are functional correctness, access control and message passing.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Spark XChain DSR Oracle
SparkDAO implements cross-chain oracles for the Sky Savings Rate where update messages are sent to L2s from Ethereum Mainnet.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness and the correct integration into the existing D3M v2 system.
The general subjects covered include the consistency of the codebase. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO D3M AaveV3 USDS Pool
MakerDAO has implemented a new component for the existing D3M v2 system: a pool supporting USDS deposits into Aave V3-like protocols without supply caps, such as SparkLend.
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.
Security regarding all the aforementioned subjects is high. Some Missing checks introduced small problems but these have been fixed / will be fixed as soon as it is possible.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDao Allocator Deployment Scripts
MakerDAO implements an allocation system for funding certain SubDAOs of the MakerDAO ecosystem with USDS. This audit report reviews the security and correctness of the corresponding deployment scripts.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.
The most critical subjects covered in our audit are asset solvency, access control and functional correctness. Security regarding all the aforementioned subjects is high.
The general subjects covered are specification and integration with 3rd party systems. All the aforementioned subjects are covered well.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Makerdao – DSS allocator
MakerDAO implements a token allocation system for AllocatorDAOs which consists of a core, a funnel and an automation layer.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are frontrunning, effect of withdrawal delays, and jumps in value because of slashings. Security regarding all the aforementioned subjects is high.
The general subjects covered are accounting of assets, and correct integration. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Swell Symbiotic-Aera Adapter
Swell implements Symbiotic-Aera Adapter, an adapter smart contract that allows the Aera treasury management protocol to deposit funds in the Symbiotic restaking protocol. Swell intends to use this within the scope of the swBTC project, to allocate WBTC to Symbiotic through a managed Aera vault.
--
"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."
Summary
Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.
The most critical subjects covered in our audit are the functional correctness of the delayed withdrawal module and the correct integration of Yearn's VaultV3 and tokenized strategy systems. Security regarding all the aforementioned subjects is extensive.
Other general subjects covered are access control and interactions with the Aera vault. Security regarding all the aforementioned subjects is high.
The test coverage is minimal and should be improved to ensure that all code paths and features are tested.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About swBTC Smart Contracts
Swell Finance implements a BTC LRT aiming to be compatible with any restaking protocol to allocate to the best AVS's across multiple platforms. The system is built off YearnV3's robust Vault Codebase.
"Swell is a non-custodial staking protocol with a mission to deliver the world’s best liquid staking and restaking experience, simplify access to DeFi, while securing the future of Ethereum and restaking services."
Summary
The most critical subjects covered in our audit are functional correctness and security. The general subjects covered include usability, gas efficiency, and documentation.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO USDS Wrappers
MakerDAO implements a permissionless wrapper to swap USDS using the PSM-lite.
--
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.
The most critical subjects covered in our audit are functional correctness and precision of arithmetic operations. Security regarding all the aforementioned subjects is high.
The general subjects covered are unit testing and documentation. Both are good. In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Spark User Actions
SparkDAO implements a contract that batches actions of the PSM and the savings token. Additionally, a helper contract for migrating from DAI or sDAI to USDS or sUSDS has been implemented.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
Summary
The most critical subjects covered in our audit are functional correctness, access control and frontrunning resistance.
Security regarding all aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO UniV2 Migration Deployment Scripts
MakerDAO implements a migration script that moves MakerDAO’s DAI/MKR Uniswap v2 LP position to a new USDS/SKY pool.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are access control, asset solvency, functional correctness, and the impact of the change on the existing system. An issue with functional correctness was identified, where Splitter.cage() did not lock the Splitter completely (see Splitter.cage() does not lock theSplitter). After the intermediate report, this issue has been resolved.
The general subjects covered are specifications correctness, optimizations, and soundness of the deployment and initialization scripts. The specification of babylonian.sqrt() was inaccurate (see Incorrect specification). The checks in the initialization scripts could be further enhanced (see Missing check for bump and Missing check of reward token on farm contract). All the issues have been resolved and security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO DSS Flappers
MakerDAO has implemented new contracts to process the surplus of the stablecoin system. A new Splitter contract divides the surplus between a burning engine (Flapper) and a reward farm. Flapper contracts interact with UniswapV2, exchanging USDS for Gem tokens, with two variants:FlapperUniV2SwapOnly fully converts USDS to Gem, while FlapperUniV2 adds liquidity to the pool.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness and resistance to oracle manipulations. The contracts are functionally correct and are, in most cases, resistant against oracle manipulations under the assumptions that:
- Curve's price_oracle() cannot be manipulated to a lower value during a maximum of 2 blocks.
- Curve pool imbalances are efficiently arbitraged every block
- CryptoPoolOracle is not used for StableSwap pools.
- The underlying Curve pools experience regular usage.
However, some certain edge conditions can enable oracle manipulation attacks that are able to extract value: Oracle manipulation during withdrawal. Conic, for now, accepts this risk and tries to find an optimal solution.
In summary, we find that the codebase provides an improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Conic Crypto Pool Update
Conic implements a new oracle for pricing LP tokens of Curve Crypto pools. Additionally, Conic implements a new contract for determining the share of CNC rewards that is distributed to each Conic pool.
“Conic Finance is an easy-to-use platform built for liquidity providers to easily diversify their exposure to multiple Curve pools. Any user can provide liquidity into a Conic Omnipool which allocates funds across Curve in proportion to protocol controlled pool weights.”
Summary
The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.
The audit did not uncover any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Enzyme Sulu Extensions XX
Enzyme Foundation implements two new Enzyme price feeds: a primitive price feed that converts ynETH (YieldNest ETH) to ETH and a derivative price feed that converts Stader SD tokens to ETH.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
The most critical subjects covered in our audit are correctness of the proxy upgrade and the overall functional correctness. Security regarding both subjects is high after Storage Collisions have been mitigated.
The documentation of the codebase is improvable.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About POL TransitionSmart Contracts
Polygon implements several changes to the Polygon ecosystem that consolidate the transition to the POL token, the native token for Polygon 2.0 and the successor to the MATIC token.
--
“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”
This is a LIMITED REVIEW: a time-bound effort to provide security insights on a codebase without reviewing it fully.
Summary
Due to the complexity of Java-Tron and the limited allocated time, this review cannot uncover all the bugs inside of it. Instead, the goal of this review was to uncover as many bugs as possible while focusing on the following parts of the code:
• Tron Virtual Machine (TVM)
• Consensus
• Peer-to-Peer (P2P)
Some of the most significant findings are:
• PBFT Messages Create State Expansion
• Unpermissioned Censoring of Fork Blocks
• Resource Consumption by Blocks Not Signed by Witnesses
These three findings have all been addressed through code corrections. For some other issues, the risks have been accepted based on the assumption of economically acting super representatives. Lastly, some issues with non-critical severity have been redacted to prevent malicious actors from creating disturbances.
It is important to note that such reviews are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Java-Tron
Tron uses Java-Tron as the node software to run the Tron network. Hence, Java-Tron is (among other things) responsible for executing transactions, generating blocks, achieving consensus and operating the peer-to-peer network.
"TRON is dedicated to accelerating the decentralization of the Internet via blockchain technology and decentralized applications (DApps)."
Summary
The most critical subjects covered in our audit are correct implementation of interfaces, external calls, as well as decimals usage. Security regarding all the aforementioned subjects is high.
The audit did not find any issues.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Enzyme Sulu Extensions XIX
Enzyme Foundation implements a new Enzyme price feed that converts wstETH to ETH.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
The most critical subjects covered in our audit are functional correctness, asset solvency, arithmetic operations and oracle safety.
Generally, functional correctness is good. However, note that there are some low-severity issuesregarding functional correctness. Security regarding the remaining subjects is high.
The general subjects covered are gas efficiency, trustworthiness, error handling and specification.Security regarding all the aforementioned subjects is good. However, specifications could be improved,see Initial Liquidity Mismatches Whitepaper and Mismatches With EIP-5115.
In summary, we find that the codebase provides a good level of security. Also, note that the security ofSYs is highly dependent on the more derived implementation which was out of scope. Further, note thatthe scope only includes the base SY implementation, PY V1 and markets V1. Please see AssessmentOverview, Trust Model and Roles, and Notes.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Pendle V2 Core
Pendle Finance implements a yield tokenization platform along with an interest rate market. The products are built on top of each other and use the implementations of the standardized yield standard as a baselayer.
"With Pendle, you can always maximise your yield: increase your yield exposure in bull markets and hedge against yield downturns during bear markets."
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness and integration with external systems and Enzyme's core system. Security regarding all the aforementioned subjects is high.
The general subjects covered are error handling, specification and trustworthiness. Security regarding all the aforementioned subjects is high. Note that the trust model for using GSN slightly changed, see the note Gas relay paymaster will fund arbitrary calls.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Enzyme Sulu Extensions XV
Avantgarde Finance implements a price feed for EETH and a wrapper for Chainlink-like oracles with non-standard decimals. Additionally, the GSN integration is adapted. A new policy restricting redeem-for-specific-assets is introduced along with a peripheral FIFO contract that can redeem-for-specific-assets. Further, an asset manager contract is introduced that limits the share price loss an asset manager can cause. For integrations, a Pendle Finance external position and a Swell adapter are introduced.
---
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness and security. Security regarding all the aforementioned subjects is high.
The general subjects covered are documentation, gas efficiency and the integration of the wrapper into the existing system. All reported issues have been addressed in the latest version of the codebase.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About M^ZERO Wrapped M Token
M^ZERO Labs implements an upgradable, non-rebasing wrapper for the M token, supporting yield accrual while respecting the original whitelist of earners.
.png)
Summary
The most critical subjects covered in our audit are functional correctness, role management and front-running tolerance.
Security regarding the aforementioned subjects is high as only minor issues could be uncovered during this review.
It should be noted that the protocol design is very open, allowing various participants to create registered smart contracts with configurations that can potentially be dangerous. For this reason, it is advised to take special care when trusting any vaults, networks and operators.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Symbiotic Core
SymbioticFi implements a security layer for restaking. Deposited tokens can be assigned to operators running node software of networks. The assigned tokens are guaranteed to be slashable by networks incase of operator misbehaviors.
Summary
The most critical subjects covered in our audit are functional correctness, asset solvency and cross-chain messaging. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity and specification.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About MakerDAO Arbitrum Farms
MakerDAO implements a mechanism to distribute rewards originating from a source on Ethereum L1 to aFarm contract on Arbitrum L2.
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are the isolation of the pools, asset solvency and functional correctness.
The general subjects covered are usability, oracle security, access control, adherence to the specification and general design issues.
All issues uncovered during the review process have been addressed with suitable fixes. We believe the codebase to have a satisfactory level of security. The high complexity and extensibility of the project present a large attack surface. VESU internally relies primarily on one smart contract developer which, even though supported by external reviewers, limits the ability for internal QA. During the audit timeline, significant improvements in design and overall code quality have been achieved, but some novel issues and regressions remained present during the last review cycle. In our experience, these factors combined present an elevated risk of undiscovered vulnerabilities in the current codebase.
Continuing to allocate sufficient time and resources, strengthening the robustness of the design, and introducing internal security-focused quality assurance practices such as thorough unit- and regression-testing can significantly increase the level of security of the codebase and our confidence in it.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Vesu Protocol Smart Contracts
VESU implements a fully permissionless DeFi lending protocol. Anyone can deploy and configure a pool. A core contract called Singleton holds all funds and manages all pools. All operations go through theSingleton, each pool has an extension which is called before/after any operation and defines the values for the operation. A default extension is provided, arbitrary extensions and/or misconfigured parameters can break their respective pools without affecting the rest of the protocol.
Summary
The most critical subjects covered in our audit are access control and functional correctness. The generalsubjects covered are unit testing, specification and trustworthiness. Security regarding all theaforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About SparkDAO Governance Relay
SparkDAO implements a relay for governance actions that allows for the execution of governance proposals across chains.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
Summary
The most critical subjects covered in our audit are integration with the supported bridges, access control and functional correctness. The general subjects covered are unit testing, documentation and trustworthiness. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Spark xchain-helpers
SparkDAO implements a library for cross-chain message passing along with contracts able to receive cross-chain messages.
"Spark is on a mission to empower the DAI ecosystem. As part of the MakerDAO community, Spark builds and manages DeFi infrastructure."
Summary
Spacing Guild implements an ecosystem of private and public vaults with strategies managed by the Arrakis backend. The vaults use so-called modules to integrate with a third-party system to implement the strategies. Currently, the only available module is an integration with Valantis HOT.
The most critical subjects covered in our audit are asset solvency, functional correctness and precision of arithmetic operations. Security regarding all the afore mentioned subjects is good.
The general subjects covered are code complexity, gas efficiency, testing, and trustworthiness. Security regarding all the aforementioned subjects is satisfactory. However, the review brought to light the lack of thorough and meaningful testing, basic unit tests are done, but some of the bugs uncovered during the review could have been caught by proper end-to-end testing, see Rebasing Tokens Can Cripple theFunctionality of Vaults and RouterSwapExecutor Cannot Swap to Native Token. We encourage SpacingGuild to implement a more complete test suite.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Arrakis Modular smart contracts
Spacing Guild implements an ecosystem of private and public vaults with strategies managed by the Arrakis backend. The vaults use so-called modules to integrate with a third-party system to implement the strategies. Currently, the only available module is an integration with Valantis HOT.
"Arrakis is web3's trustless market making infrastructure protocol that enables running sophisticated algorithmic strategies on Uniswap V3. Liquidity providers can utilize Arrakis Vaults to have their liquidity be managed in an automated, capital efficient, non-custodial and transparent manner."
Summary
The most critical subjects covered in our audit are functional correctness, assets solvency and the correct adherence to the MakerDAO specifications. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, interaction with third party systems and the documentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
ABOUT MAKERDAO PSM LITE
Maker implements a gas-efficient Peg Stability Module (PSM) where users can freely swap Dai for stablecoins.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, precision of arithmetic operations, and front-running.
Front-running protection has improved, as there was previously missing slippage protection, see Stop-Loss missing slippage protection. Functional correctness has improved, as swaps could previously fail on external markets, see Position Can Become Impossible to Close Due to Zero Swaps. Precision of arithmetic operations has been improved as there were previously rounding issues when providing liquidity, see Inflation Attack on Newly Added Tokens.
The general subjects covered are specification and gas efficiency.
The specification has improved, as the changes made during the fixes review process make the system more robust than it was previously, see Large Liquidations Can Fail. Gas efficiency has improved, as there were a large number of unecessary storage writes and reads in the margin dex contract, see Reading Unused Values from Storage in MarginDex.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Unstoppable Margin Dex
Unstoppable offers a margin trading platform that leverages the existing liquidity of decentralized exchanges (DEXs).
---
"Unstoppable is on a mission to render centralized platforms obsolete by providing a comprehensive permissionless alternative for every CEX feature."
Summary
The most critical subjects covered in our audit are the usage of transient storage and functionalcorrectness. Functional correctness is improvable due to incorrect data being written, see Aave V3actions bad data written. Additionally, there could be reentrancy scenarios in bad setups, see ReentrancyInto the Contract. In case governance is untrusted, governance could add contracts such that this couldbe exploited. Further, the design is improvable due to Collisions on Operations.
The general subjects covered are documentation, trustworthiness and gas efficiency. Documentation isimprovable, see Unclear actions setup. Trustworthiness is satisfactory. However, it is improvable, see theparagraph above.
In summary, we find that the codebase provides a satisfactory but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About Summer.fi DMA v2 II Smart Contracts
Summer.fi implements updates to the DeFi Modular (DMA) Actions v2 architecture to support the usage of transient storage. See the previous report for reference.
---
“Summer.fi mission is to provide the best and most trusted entry point to deploy your capital. We are building Summer.fi to let our users benefit from all of the potential in DeFi. Our team is made of passionate thinkers and builders.”
Summary
Limited code reviews are best-effort checks and do not provide assurance comparable to a non-limited code assessment. This review was not conducted as an exhaustive search for bugs, but rather as a best effort sanity check. Given the large scope and codebase and the limited time, the findings are not exhaustive.
During the review we were able to uncover a medium severity issue regarding function deduplication. More specifically, functions that are not functionally identical could be assumed as such. As a result, calls to some of them would be replaced with calls to another one.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Fuel Fuel Sway Optimizations
Fuel implements various optimization passes for the IR. These aim to facilitate the bytecode generation that follows in the later steps of the compilation, as well as to improve the overall efficiency of the compiled program, both in terms of size and execution cost.
---
"Fuel is an operating system purpose-built for Ethereum rollups, designed to help developers build decentralized economies at scale".
Summary
The most critical subjects covered in our audit are functional correctness, access control and asset solvency. Security regarding all the aforementioned subjects is high.
The general subjects covered are gas efficiency, trustworthiness, and upgradeability. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Everstake ETH B2C Staking Dummy
Everstake implements a system to replace Everstake's core system in case of emergency. If due to any reasons, the Everstake protocol becomes unhealthy, the implementation in their deployed proxies will temporarily switch to the corresponding Dummy contract, until the issue gets addressed.
--
“Everstake is a responsible validator trusted by 625k+ users across 70+ blockchain networks. Created by engineers for the entire community in 2018”
Summary
The most critical subjects covered in our audit are the correctness of the accounting, asset solvency, access control and functional correctness. During the audit, the most important reported issues were:
• Replacing a Validator Eventually Blocks the System
• Usage of address(this).balance in restake Can Block the System that requires from Everstake to inject liquidity to correct the accounting in case of necessity.
The issues have been fixed during the second week of the audit.
Security regarding all the aforementioned subjects is satisfactory. Even though the probability of one of the validators getting slashed is low, slashing could occur. That would require manual, trust-based intervention, see Slashing is not taken into account and Trust Model.
The general subjects covered are documentation, unit testing, code complexity, and gas efficiency. Documentation has been greatly improved after Version 3. Unit testing and testing in general is basic, a good test suite will help ensure corner cases are considered.
In summary, we find that the codebase provides a satisfactory level of security, provided the Trust Model. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Everstake ETH B2C Staking
Everstake implements a pooled staking service for Ethereum, where the rewards are reinvested in the pool and the validators are managed by Everstake.
--
“Everstake is a responsible validator trusted by 625k+ users across 70+ blockchain networks. Created by engineers for the entire community in 2018”
Summary
The most critical subjects covered in our audit are compliance with the specification, correctness of the arithmetic operations, and functional correctness. No major issues were uncovered. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Lido LIP-23: Rebase Check Smart Contracts
Lido implements an improvement of the OracleReportSanityChecker which aims to mitigate the riskof malicious oracle daemons colluding and reporting excessive negative rebases of stETH.
“Lido is a liquid staking solution for ETH backed by industry-leading staking providers. Lido lets users stake their ETH – without locking assets or maintaining infrastructure – whilst participating in on-chain activities, e.g. lending.
Lido attempts to solve the problems associated with initial ETH staking – illiquidity, immovability and accessibility – making staked ETH liquid and allowing for participation with any amount of ETH to improve security of the Ethereum network.”
Summary
Limited code reviews are best-effort checks and don't provide assurance comparable to a non-limitedcode assessment. This review was not conducted as an exhaustive search for bugs, but rather as abest-effort sanity check for the pull requests of interests. The review was executed by one engineer overtwo weeks. Given the large scope and codebase and the limited time, the findings aren't exhaustive.
The most critical subjects covered in our review are the functional correctness of the ABI decode routine,invalid memory and storage reads as well as correct handling of function exports. Several issues werefound in the ABI decoding routine as shown in the issues ABI-decode incorrect checks for complex typeshead and ABI-decode incorrect checks for Dynamic array head and fixed in subsequent pull requests.Additionally make_setter overlaps with static call presents an issue with an invalid read due to aread-after-write pattern.
It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
The following sections will give an overview of the system, our methodology, the issues uncovered andhow they have been addressed. We are happy to receive questions and feedback to improve our service.
About Vyper Compiler ABI decoder and v0.4.0 pull requests
This review concentrated on multiple pull requests of the to-be-released version 0.4.0 of the Vypercompiler. The review focused on the ABI decode routine, recent fixes and new features such as functionexports or transient storage integration.
---
“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”
Summary
The most critical subjects covered in our audit are the system's solvency, the precision and correctness of arithmetic operations and oracle manipulation resistance. We found that the security of the former two topics is high. Oracle manipulation resistance is high, especially since the BAMM does not rely on an oracle as a traditional Lending protocol would, however, we emphasize the costs and risks of oracle manipulation in Oracle manipulation on FIFO L2s.
Other general subjects covered are rounding direction correctness and denial of service. We found that the rounding direction has generally been implemented correctly and only minor denial of service patterns were found and documented in Denial of Service against liquidations and Denial of Service against redeeming and executing actions.
Frax Finance has been very responsive to our findings and has addressed most of the issues we reported. The remaining issues are minor and do not pose a significant problem.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Frax BAMM Smart Contracts
Frax Finance implements BAMM, a Borrow AMM, that wraps Frax swap LP tokens and allows users to borrow the two underlying assets of the pair.
"The Frax ecosystem is a self-sufficient DeFi economy utilizing stablecoins as currency."
Summary
The most critical subjects covered in our audit are liquidation rewards, functional correctness and precision of arithmetic operations.
Security regarding liquidation incentives is high, an unexpected peculiarity was identified where the system can incentivize liquidators to perform multiple partial liquidations instead of a single full liquidation (see Multiple partial Liquidations can result in higher than expected discount). Security regarding functional correctness and arithmetic precision are also high.
The general subjects covered are liveness, solvency, and access control. Security regarding all theaforementioned subjects is high.
During the review by ChainSecurity, issues identified by other concurrent auditors were disclosed before they could be found by ChainSecurity. Those issues are not included in the report, and we are unable to tell whether they would have been found or not.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Euler Vault Kit
Euler implements Euler Vault Kit, a system for building lending vaults where lenders can earn interest on their deposited assets and borrowers can borrow the deposited assets against collateral. The system is designed to be modular, allowing the creation of lending markets with flexible configurations.
—
Euler v2 is a modular lending platform with two main components at launch: 1) the Euler Vault Kit (EVK), which empowers builders to deploy and chain together their own customised lending vaults in a permissionless manner; and 2) the Ethereum Vault Connector (EVC), a powerful, immutable, primitive which give vaults superpowers by allowing their use as collateral for other vaults. Together, the EVK and EVC provide the flexibility to build or recreate any type of pre-existing or future-state lending product inside the Euler ecosystem.
Summary
The most critical subjects in our audit are functional correctness, access control and the correct adaption of the existing Curve code. The general subjects covered are documentation and error handling.
In summary, we find that the codebase provides an good level of security.
Note that the audit focused on the diff with Curve. In case there is an issue in Curve, it might be present in the audited codebase in scope.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About DeFi Money Core
DeFi.Money implements a stablecoin system based on Curve's LLAMMA architecture. The changes include architectural changes, aggregation of market data for efficiency and the introduction of hooks.
--
DeFi.Money is an agnostic stablecoin built for global order.
Source: https://defi.money/
Summary
The most critical subjects covered in our audit are access control, signature handling, functionalcorrectness, gas griefing and front-running. Security regarding all the aforementioned subjects issatisfactory.
The general subjects covered are code complexity, trustworthiness, documentation and gas efficiency.The codebase is generally well written and includes inline comments that improve the readability of code.Contracts in scope are not upgradable and do no have privileged roles, hence providing a high level oftrustworthiness.
The system offers flexibility and new features can be plugged in by scripts. We would like to emphasizethat developers should carefully assess new scripts to avoid introducing vulnerabilities that can exploituser's wallets. Users should also carefully evaluate scripts and their parameters. Interacting with amalicious script or passing wrong parameters to a verified script could be enough to exploit a wallet.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About Compound Quark Smart Contracts
Compound implements Quark Wallets which is a system for account abstraction based on walletcontracts that can run arbitrary code (scripts), deployed by a special contract CodeJar. Users can thentrigger actions from their wallets by executing scripts directly or signing messages according to EIP-712format.
---
“Compound is a protocol on the Ethereum blockchain that establishes money markets, which are pools of assets with algorithmically derived interest rates, based on the supply and demand for the asset. Suppliers (and borrowers) of an asset interact directly with the protocol, earning (and paying) a floating interest rate, without having to negotiate terms such as maturity, interest rate, or collateral with a peer or counterparty
Each money market is unique to an Ethereum asset (such as Ether, an ERC-20 stablecoin such as Dai, or an ERC-20 utility token such as Augur), and contains a transparent and publicly-inspectable ledger, with a record of all transactions and historical interest rates.”
#Source
Summary
Limited reviews are best-effort checks, and do not provide assurances comparable to a non-limited codeassessment. Note that only the differences between Gravita and Trinity were in scope, assuming Gravitais bug-free.
The most critical subjects covered are correct accounting, correctness of the liquidation and redemptionmechanisms, and correctness of the fees and their distribution. Accounting correctness was improved, asthe issue Vessel Fees Are Not Added to Global Debt was fixed. Correctness of the redemption andliquidation mechanism was low, see Redemptions Are Not Possible in Recovery Mode and LiquidationsAre Not Disabled. In response to this, there was a major specification change during the review period.Correctness of the fees is improvable, see Borrowing fees are not applied before closing a vessel andBorrowing fees need to be triggered every epoch.
The general subjects covered are testing and documentation. Testing could be improved, as manyfunctional issues were uncovered that could have been found through rigorous testing. Documentationcould be improved, as some changes made are not yet documented in detail.
As the goal of this limited review was to provide time-bound security insights on a complex codebase in alimited time, and as a large number of issues were uncovered, we refrain from assigning a specificoverall level of security to the codebase.
It is important to note that security reviews are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About Trinity
Trinity is a protocol designed to facilitate borrowing against yield-bearing collateral. Borrowers mint TRI, adollar-based token that can be used to take leveraged T-Bill positions and capture Trinity protocol feesthrough staked TRI (sTRI).
Summary
The most critical subjects covered in our audit are functional correctness, access control and signature handling. Security regarding all the aforementioned subjects is high. The general subjects covered are code complexity, specifications, and trustworthiness. The codebase is well structured, and specifications are satisfactory. Each Argent account has a trusted owner that has the ultimate control of an account and sets the rules for recovery. If owners enable recovery functionalities, they can choose any party to serve as guardian for their account.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Argent Account
Argent implements Argent account and Multisig account which are a set of smart contracts build on top of Account Abstraction of Starknet. Each Argent account is controlled by an owner who can use different signing methods to submit transactions to the account. The owner can set guardians to increase the security of their accounts, and help in recovery in case the private key is lost. Each Multisig is controlled by several signers, and a guardian can also be set for account recovery.
---
Argent is a self-custody smart wallet for Starknet with over 2 million downloads. Their smart wallets offer advanced security features, including 2FA, Fraud Protection, and no seed phrase. Argent's Starknet smart contract secures over half a billion dollars and is trusted by leading centralised exchanges. In their six years of building smart wallets, Argent’s smart contracts have never been breached.
Summary
The most critical subjects covered in our audit are functional correctness, oracle manipulation resistance and the correctness of protocol integrations.
All contracts show high security in all of the aforementioned subjects after the following issue has been successfully resolved: RedstoneCoreOracle update with stale data.
In summary, we find that the codebase currently provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Euler Price Oracles
Euler implements oracle contracts for different providers and a router that maps asset pairs to their corresponding oracle. The contracts are meant to be used in conjunction with Euler’s Ethereum Vault Kit (EVK).
—
Euler v2 is a modular lending platform with two main components at launch: 1) the Euler Vault Kit (EVK), which empowers builders to deploy and chain together their own customised lending vaults in a permissionless manner; and 2) the Ethereum Vault Connector (EVC), a powerful, immutable, primitive which give vaults superpowers by allowing their use as collateral for other vaults. Together, the EVK and EVC provide the flexibility to build or recreate any type of pre-existing or future-state lending product inside the Euler ecosystem.
Summary
The critical subjects covered in our audit are authentication, checks enforcement, and adherence to the specification. Security regarding all the aforementioned subjects is high.
Some issues of low severity have been addressed by Euler by accepting them as part of the specification and improving the documentation.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Euler Ethereum Vault Connector
Euler implements Ethereum Vault Connector, a general framework for vaults interoperability for the purpose of arbitrary lending markets creation.
Euler v2 is a modular lending platform with two main components at launch: 1) the Euler Vault Kit (EVK), which empowers builders to deploy and chain together their own customised lending vaults in a permissionless manner; and 2) the Ethereum Vault Connector (EVC), a powerful, immutable, primitive which give vaults superpowers by allowing their use as collateral for other vaults. Together, the EVK and EVC provide the flexibility to build or recreate any type of pre-existing or future-state lending product inside the Euler ecosystem.
Summary
The most critical subjects covered in our audit are functional correctness and front-running resilience.
Front-running resilience is good as long as operations admins deploy validators with the appropriate arguments.
Functional correctness is high but some functionality is missing that will be added at a later stage (seeVerified validator balance not counted).
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About Moebius smart contracts
Moebius implements a transferrable token that represents stake in EigenLayer. Liquid staking tokens and native tokens can be deposited into the protocol to mint such tokens. Deposited native tokens are handled custodially by the protocol's third party operators running Ethereum validators.
"Moebius unifies restaking, allowing users to earn tokenized points by depositing into multiple restaking protocols."
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, and precision of arithmetic operations. Security regarding asset solvency is high. Security regarding functional correctness is satisfactory, however users should be aware that the rare event of redeployment of PowerToken might cancel their token transfers or inflations in the last two epochs before the redeployment event, see Side-effects of Resets. Precision of arithmetic operations is improvable due to the rounding errors in the PowerToken that accumulate over time, see Effects of Roundings in PowerToken.
The general subjects covered are code complexity, use of uncommon language features, and gas efficiency. The code-base extensively employs assembly code to manually compute storage slots for array entries. While no specific issues have been detected with this usage, it is worth noting that this approach bypasses the safety features implemented by Solidity. The code-base can be more efficient in terms of gas, see Gas Optimizations.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About M^ZERO Protocol and Governance
M^ZERO Labs implements a stablecoin (MToken) backed by real-world assets, like T-bills, along with a Two-Tokens Governance system (TTG).
Summary
The audit found multiple severe issues (for a detailed description see the Resolved Findings section). All severe issues have been fixed accordingly. In summary, we find that the codebase now provides a good level of security.
Yet, the types of issues identified indicated that the code had an insufficient diligent internal review process and meaningful testing. E.g., the critical issues should have been caught as these issues are well-known in vaults. We highlight this to make YieldNest aware that in the event of contract updates, a thorough review and testing process is essential to ensure the security of the codebase.
For the current version of the code, we are not aware of any further severe issues, but it is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project. These measures include, but are not limited to, further unit and integration testing, fuzzing, and a careful roll-out in case significant funds are expected to be held by the new code base.
About YieldNest Protocol
YieldNest implements a liquidity pooling system built on top of EigenLayer, where users can deposit ETH and LSD tokens and earn yield.
YieldNest is a next-generation liquid restaking protocol that provides simple-to-understand, risk-adjusted restaking strategies.
Summary
The most critical subjects covered in our audit are the safety of the funds, the reward accumulation and distribution mechanism, the calculation of the computation units, and the vesting mechanism. The security of the funds is high as we were not able to uncover ways to steal user's funds. Reward distribution could be unfair in case a staker front-runs reward distribution (see Recent stakers get unfair yield). It could also be blocked if the number of workers grows a lot (see Reward distribution can run out of gas). The CU calculation could be improved as there are cases where CUs are double-counted (see Computation units are not split between an operator's gateways). The vesting could break in case the user claims their rewards through the vesting contract. All the issues have been addressed.
The general subjects covered include but are not limited to access control, rounding errors, the rollup (ArbitrumOne) where the contracts are to be deployed, documentation, and specification. The security regarding access control and rounding errors is high. Even though there exists a lot of documentation for the protocol itself, the interface of the on-chain part to the rest of the system is underspecified. Therefore, we had to make assumptions about how the system will be implemented e.g., what events are going to be observed. Hence, there could be more issues in this area that were not anticipated by the auditing team. Testing could also be improved as we uncovered a few issues that could be easily detected this way.
In summary, we find that the security of the codebase is satisfactory but there is room for improvement.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Subsquid
Subsquid implements the on-chain part of the Subsquid protocol. The various parties of the system can stake their $SQD tokens in exchange for rewards for workers and stakers or computation units (CUs) for gateway operators.
---
"A peer-to-peer network to batch query and aggregate terabytes of on-chain and off-chain data in a ridiculously efficient way"
Source: https://subsquid.io/
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, and front-running resistance. Security regarding all the aforementioned subjects is high.
The general subjects covered are system customisation, documentation, and gas efficiency. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Swaap Earn Protocol
Swaap Labs implements asset management system, based on Sommelier Protocol, where Fund contracts can be created to manage the different assets. Funds have limited functionality and rely on adaptors to interact with external protocols. The system is designed to be modular and flexible, allowing for the addition of new adaptors and supported assets.
"Swaap is an innovative market-making protocol specializing in blue-chip crypto assets. Through pioneering models developed in collaboration with leading institutions, Swaap is revolutionizing DeFi market-making by providing liquidity providers with effortless and superior market-making strategies."
Source: Swaap Finance team (https://swaap.finance/)
.svg)
Summary
The most critical subjects covered in our audit are correct accounting and access control. All covered subjects provide a high level of security.
It is worth to mention that the ambiguous guidelines for creating questions can lead to problematic cases in certain circumstances as can be seen in Emergency resolution mechanism possibly not sufficient.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Polymarket NegRisk adapter
Polymarket implements an adapter contract that plugs between a conditional token exchange and the
actual conditional tokens contract to enable prediction markets with multiple binary questions where
exactly one question resolves to YES while all other questions resolve to NO. Additionally, an auxiliary
contract is implemented that permissions the question creation.
—
“Polymarket is an information markets platform that lets you trade on the world’s most highly-debated topics (e.g. coronavirus, politics, current events, etc). On Polymarket, you build a portfolio based on your forecasts and earn a return if you are right. When you decide to buy shares in a market, you are weighing in with your own knowledge, research, and view of the future. Market prices reflect what traders think are the odds of future events, turning trading activity into actionable insights that help people make better decisions. As a result, Polymarket is a leading source of unbiased and real-time data about future events.”
Summary
The most critical subjects covered in our audit are functional correctness, signature handling and correct interactions with the Gas Station Network (GSN).Security regarding functional correctness and signature handling are high.In summary, we find that the codebase provides a high level of security.It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Polymarket proxy wallet factories
Polymarket implements two factories for creating wallets that allow Polymarket to execute transactions
on behalf of users.
—
“Polymarket is an information markets platform that lets you trade on the world’s most highly-debated topics (e.g. coronavirus, politics, current events, etc). On Polymarket, you build a portfolio based on your forecasts and earn a return if you are right. When you decide to buy shares in a market, you are weighing in with your own knowledge, research, and view of the future. Market prices reflect what traders think are the odds of future events, turning trading activity into actionable insights that help people make better decisions. As a result, Polymarket is a leading source of unbiased and real-time data about future events.”
Summary
The most critical subjects covered in our audit are functional correctness and the resilience of elliptic curve calculations used in ID computation.Security regarding functional correctness is high. Furthermore, the possibility of negating IDs on the used elliptic curve (and the subsequent possibility if creating “all-purpose” tokens) does not pose a security risk within the conditional token framework but adds additional complexity that should be taken into consideration when using conditional tokens (see Infinite minting of position tokens with no value).In summary, we find that the codebase provides a high level of security.It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Polymarket Conditional Tokens
Polymarket uses gnosis conditional tokens to represent positions in prediction markets with binary
outcomes.
—
“Polymarket is an information markets platform that lets you trade on the world’s most highly-debated topics (e.g. coronavirus, politics, current events, etc). On Polymarket, you build a portfolio based on your forecasts and earn a return if you are right. When you decide to buy shares in a market, you are weighing in with your own knowledge, research, and view of the future. Market prices reflect what traders think are the odds of future events, turning trading activity into actionable insights that help people make better decisions. As a result, Polymarket is a leading source of unbiased and real-time data about future events.”
Summary
Gearbox Protocol implements the third version of the core Gearbox protocol, a protocol that allows users to open leveraged positions on various protocols.
The codebase has undergone a relatively large number of review iterations. These iterations included 3 brainstorming sessions with the Gearbox team where different attack vector scenarios were discussed. While our rigorous iterative process reflects our commitment to enhancing the security of the protocol, it also highlights its complexity and the need for continuous vigilance. Our client’s codebase is fundamentally secure, yet our thorough approach underlines the evolving nature of security threats and our proactive stance in anticipating and mitigating potential risks.
The most critical subjects covered in our audit are the correctness of the accounting of the debt, the interest and the fees, the voting, the configuration of the system, the implementation of the quotas, the liquidation mechanism, and the opportunities to execute arbitrary code. The most important issue Too Many Bots Can Block Liquidation, uncovered in the first iteration of the review, could temporarily prevent the liquidation of a credit account. The issue has been fixed. During the fixes review a critical issue Anyone Can Redistribute The Votes was uncovered which completely breaks the voting mechanism used by the system. The issues have been addressed. The most recent iterations only revealed up to medium severity issues. Hence, we find the security regarding the aforementioned subjects to be high. It is important to note that the project is significantly exposed to errors or misunderstandings in the functionality of integrated third-party systems. Reviewing these external systems for correctness was out of the scope of this audit.
The general subjects covered are access control, documentation and specification, gas efficiency, and the complexity of the implementation. Security regarding all the aforementioned subjects is high, however, we need to emphasize that the code complexity is high. Moreover, the contracts in this scope have undergone many changes during the review. This in combination with the fact that the reviews are limited in time reduces our confidence in the assessment of the system's security level.
In summary, we find that the codebase could provide a high level of security should all the issues be fixed and no more issues be uncovered during the review of their fixes. It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Gearbox V3 Core
Gearbox Protocol implements the third version of the core Gearbox protocol, a protocol that allows users to open leveraged positions on various protocols.
“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.
The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness and the correct integration into the existing D3M v2 system.
The general subjects covered include compliance with ERC standards and maintaining the consistency of the codebase.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO - D3M ERC4626
MakerDAO has implemented new components for the existing D3M v2 system: an ERC-4626 compatible pool designed for use with MetaMorpho and a plan that enables an operator to set a target asset amount.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are the correct use of Arbitrum's bridging mechanism, the safety of the funds and the correct implementation of the distribution intervals. No major issues were detected. Security regarding all the aforementioned subjects is high.
The general subjects covered are functional correctness, gas efficiency, specification anddocumentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but do not replace other vital measures to secure a project.
About Offchain Labs Fund Distribution
Offchain Labs implements a fund router to collect funds to the Arbitrum's DAO treasury deployed on Arbitrum One from various rollups and chains (Arbitrum Nova, or Orbit chain via Ethereum).
---
"Offchain Labs has built a suite of products for developers, businesses, and individuals to harness the full potential of Ethereum technology."
Summary
The most critical subjects covered in our audit is the functional correctness, security of assets managed and impact/added risk on the existing Maker system.
This iteration of the review focussed on the redesigned implementation of the D3MHub and fixes of issues raised in the last review. The documentation available only gives a high level description of the system, description of detailed behavior (e.g. temporary exceeding debt limits during a transaction) or limitations (unsupported/broken distribution of pool shares in case of loss) is missing.
In summary, apart from the raised concerns when a third party system makes a loss and the pool shares held no longer cover the expected DAI amount, we find that the codebase provides a high level of functional correctness and security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO Direct Deposit V2
Direct Deposit Module V2 is a modular framework which allows to generate and deposit DAI into third party systems in order to earn yield. For each supported third party a Plan contract implements the calculations to reach the target state while a pool contract manages the interaction between the D3MHub and the protocol.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are the functional correctness of the proposal and the correctness of the proposal with regards to lifecycle of a proposal in the Arbitrum ecosystem. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, testing, documentation and specification. There was no end-to-end testing for the proposal flow. Security regarding all the rest of the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don't replace other vital measures to secure a project.
About Arbitrum Security Council AIP
Arbitrum Foundation implements an Arbitrum Improvement Proposal (AIP) that aims to increase the signature threshold of the non-emergency Security Council multisig on Abitrum One (0xADd68bCb0f66878aB9D37a447C7b9067C5dfa941) from 7 to 9 signatures. Moreover, a library for conditional updates of the constitution was implemented.
---
"Arbitrum is a protocol that makes Ethereum transactions faster and cheaper. Developers use Arbitrum to build user-friendly decentralized apps (dApps) that can take advantage of the scalability benefits of the Arbitrum Rollup and AnyTrust protocols."
Summary
The most critical subjects covered in our audit are functional correctness, access control and integration with the core protocol. Security regarding all the aforementioned subjects is high.
The general subjects covered are testing and documentation. Security regarding all the aforementioned subjects is high. However, testing could be improved to test the ability to repay and to top-up.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO kill switch
Sparklend implements a switch allowing arbitrary addresses to disable borrowing in case of a depeg of a pegged asset.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are the impact of this change on the existing system and the correctness of the changes introduced. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO core updates to Sparklend
Sparklend disabled the flashloan into borrow functionality in an effort to remove a potential attack vector. This change was done as part of applying the Jan 10th patch which fixes a vulnerability. The function getReservesCount is now exposed publicly as part of the introduced changes. No issue with these changes has been uncovered.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, integration in the underlying system, and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are specification and gas efficiency. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO Sparklend Freezer
MakerDAO implements an emergency spells system for SparkLend.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness, access control and integration with external systems. Security regarding all the aforementioned subjects is high. The general subjects covered are upgradeability, documentation, specification, gas efficiency, trustworthiness. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Enzyme Sulu Extensions IV Smart Contracts
Avantgarde Finance implements a new version of the Curve price feed and adapted the Curve liquidity and and Convex Curve adapters while minor updates to the ParaswapV5 adapter have been made. Moreover, external positions for lending on Maple, borrowing on Liquity, vote-locking for Convex, and delegating on The Graph were implemented. Also, a shares splitting contract for splitting fees, including its surrounding architecture, were implemented.
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
Limited code reviews are best-effort checks and don’t provide assurance comparable to a non-limited code assessment. This review was not conducted as an exhaustive search for bugs, but rather as a best-effort sanity check for the pull requests of interests. The review was executed by one engineer over a period of two weeks. Given the large scope and codebase and the limited time, the findings aren’t exhaustive.
The largest pull requests that were reviewed revamp the import system and introduce stateless and stateful modules to the Vyper language. The semantic analysis phase has been updated to support these new features and to be globally more robust. Constant folding has been modified so that it no longer breaks Vyper semantics. Additionally, more fined-grained variable read/write analyses have been introduced.
We find that the reviewed pull requests benefit both the language by adding new important features and the codebase in terms of consistency, readability and robustness. While the enforcement of type annotation for loop iterators improve greatly the type-checking phase, multiple issues related to loops were found as highlighted in Loop iterator overflow signed type, Double evaluation of range’s start and Mistyped loop iterable.
Other important issues have that have been identified related to the layout override feature as shown in Overriding storage allocator does not handle stateful modules and Overriding storage allocator does not handle reentrant functions properly.
While no critical issues were found in the implementation of modules, we strongly recommend intensive testing of the new system before releasing it.
At the time of the review, the documentation of the modules system seems to be lacking and we recommend improving it.
About limited review - Vyper compiler modules
“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, and accesscontrol. Functional correctness is good, but there were some issues uncovered, such as Rounding Errorsin TRC20 methods. Security regarding the other subjects is high. Note that any off-chain parts of thesystem are out of the scope of this review.
The general subjects covered are unit testing, documentation, code complexity, and gas efficiency. Unittesting is non-existent, as no unit tests were provided with the code. Documentation is improvable, as thecode is missing NatSpec on many functions, and no public documentation page exists. Code complexityis improvable, as low-level code is used in places where it is not necessary. The proxy pattern usedworks correctly but does not follow best practices that aid in avoiding mistakes during upgrades. SeeProxy Upgrades Must Be Well-tested. Gas efficiency is good.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About stUSDT Smart Contracts
stUSDT is a custodial system for providing off-chain yield to users on-chain. Users receive the stUSDTtoken as a representation of their deposit in the system and can create a withdrawal request to turn theirdeposit back into USDT.
---
"stUSDT is the receipt token users receive upon staking USD stablecoins on the platform. This decentralized intermediary to real-world assets allows holders to participate in real-world investment directly and start earning rewards."
Summary
The most critical subjects covered in our audit are functional correctness, oracle security and internal accounting. Security regarding all aforementioned subjects is high.
Functional correctness is good. Issues like Execution of wrong governance change and some smaller problems have been adequately fixed.
Newly created pools allowed Endless rebalancing due to a flaw in the handling of oracle prices. This has been addresses by rebalancing rewards being activated by governance as long as this is done in a correct manner considering TVL of the pool and CNC price.
The internal accounting of some tokenomics contracts was flawed due to Reward double counting and Wrong accounting in Bonding. These issues have also been addressed.
It should be noted that the security of funds is dependent on parameters like the imbalance buffers of the Curve oracle. These must be chosen with care (considering Curve pool fees, the share of a Conic pool’s Curve LP tokens etc.) to avoid the possibility of arbitrage opportunities.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
We have also conducted a deployment validation of Conic’s codebase. All security-relevant parameters of the deployed contracts as well as the evolution of these (starting from the block of the deployment of each contract until Ethereum block # 19127196) have been reviewed. All contracts have been deployed in accordance with our security audit. The deployment validation report can be found here: Conic protocol Deployment Validation by ChainSecurity
About Conic Protocol
Conic implements Omnipools for Curve that allow to deposit a single asset into multiple Curve pools. The exposure to different Curve pools is changed in fixed time intervals by Governance vote.
—
“Conic Finance is an easy-to-use platform built for liquidity providers to easily diversify their exposure to multiple Curve pools. Any user can provide liquidity into a Conic Omnipool which allocates funds across Curve in proportion to protocol controlled pool weights.”
Summary
The most critical subjects covered in our audit are functional correctness, manipulation resiliency and the integration of the CapAutomator into the existing SparkLend protocol. A notable issue was identified in the original code where setting caps to zero is not restricted, leading to the potential bypass of the cooldown period and risks of lifting the cap (see Cap of 0 ignores increase cooldown).
After the intermediate report, all identified issues have been addressed or acknowledged.
The general subjects covered are optimizations and adherence to the specifications.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO Sparklend cap automator
SparkLends CapAutomator manages supply and borrow caps for assets in SparkLend. It allows anyone to trigger updates to these caps based on predetermined parameters, with the new cap values calculated using the current supply and a specified gap, subject to maximum limits and cooldown periods.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
.svg)
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness and access control. Security regarding asset solvency is improvable, see Broken integration with special ERC20 tokens. Security regarding the other aforementioned subjects is high.
The general subjects covered are documentation and specifications, code complexity, and gas efficiency. The security regarding all aforementioned subjects is high.
Developers deploying new OFTs or OFTAdapters should consult the documentation and specifications to ensure that omnichain fungible tokens are implemented correctly. Developers should also be aware of special behaviors that are noted in this report.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About LayerZero OFT/OAPP
LayerZero offers a set of smart contracts that implement Omnichain Applications and Omnichain Fungible Tokens, which are built on top of the LayerZero’s protocol. Omnichain Fungible Tokens extend the standard ERC20 tokens by providing bridging functionalities to other chains natively. This review is focused only on the execution layer, while the underlying infrastructure for message passing is assumed to be correct.
—
“LayerZero is an interoperability protocol that connects blockchains (50+ and counting), allowing developers to build seamless omnichain applications, tokens, and experiences. The protocol relies on immutable on-chain endpoints, a configurable Security Stack, and a permissionless set of Executors to transfer censorship-resistant messages between chains.”
Summary
The most critical subjects covered in our audit are functional correctness, security of the assets and adherence to the TRC-20 specification. Security regarding all the aforementioned subjects is high.
The general subjects covered are energy efficiency and usability. The code is derived from a legacy OpenZeppelin implementation originally written for Solidity version 0.4.24. While it has been adapted for compilation with Solidity 0.8.x, it does not utilize newer Solidity features, such as built-in SafeMath or immutables. Consequently, the code is not optimal, particularly in terms of energy consumption.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About HTX DAO - HTX Token
HTX DAO implements the HTX token following the TRC-20 standard with immutable parameters set at deployment, including its name, symbol, decimals, and an initial fixed supply minted to the deployer. The token enables standard functionalities such as transfer and approval. Importantly, it does not allow for additional token minting, ensuring a fixed supply. It operates without any roles endowed with special privileges.
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, front-running, and accurate fund valuation. The security of all aforementioned subjects is high. Please note that there might be some unexpected scenarios (e.g. undercollateralized loans in Term Finance) that are intentionally unhandled, see System Overview, Assessment Overview and Notes.
The general subjects covered are code complexity, upgradeability, unit testing, and documentation. The security of all aforementioned subjects is high. However, note that in some scenarios the system may fail to untrack positions which could lead to increased gas costs, see Failing to untrack offers of cancelled auctions.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Sulu Extensions XIV
In the development of version 5 of the protocol, which builds on the existing Sulu system, Avantgarde Finance has implemented several changes to the connectors for external systems. The ZeroEx Adapter now includes support for over-the-counter (OTC) orders. Additionally, a new external position has been introduced to interact with Term Finance, supporting lending only. For the existing Maple integration, outdated code related to version 1 and its corresponding migration code have been removed. Furthermore, the validation function has been updated to reflect recent changes in Maple.
—
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
The most critical subjects covered in our audit are functional correctness, solvency of battles, and access control. Security regarding all aforementioned subjects is satisfactory.
The general subjects covered are rounding errors, denial-of-service, documentation and gas efficiency. The security regarding rounding errors is satisfactory, while the security regarding denial-of-service is improvable (see Battles With Malicious Starting Prices). The codebase could be improved regarding gas efficiency (see Gas Optimizations). The documentation and inline code specification can also be improved.
We thank the Tenet Technology Ltd team for always being responsive and very professional during this engagement.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Divergence Protocol V1C
Tenet Technology Ltd implements an Automated Market Maker(AMM) for digital options. In this system, liquidity providers (LPs) provide liquidity at their positions of interest. Afterwards, traders can buy put or call digital options to take a position whether the price of an underlying asset exceeds the strike price at maturity or not. LPs collect the option premiums and fees paid by traders.
—
“Divergence v1 is a novel noncustodial automated market maker for options with a predetermined payoff structure. It enables access to an extensive selection of options pools, each with a distinct underlying asset, strike price, maturity, and collateral token. The decentralized protocol facilitates on-chain peer-to-pool swaps of options tokens, with minimal friction, enhanced capital efficiency, and low transaction costs. Its model-free pricing approach empowers individual users to flexibly price and tailor options exposure.”
Summary
Limited code reviews are best-effort checks and don’t provide assurance comparable to a non-limited code assessment. This review was not conducted as an exhaustive search for bugs, but rather as a best-effort sanity check for the pull requests of interests. The review was executed by one engineer over a period of two weeks. Given the large scope and codebase and the limited time, the findings aren’t exhaustive.
The subjects covered by our review are detailed in the Review Overview section.
The large number of issues related to the behavior of the compiler if the builtin functions are folded or not shows that special attention should be given to this part of the compiler. We find that the ongoing effort of merging the general Vyper semantics and folding semantics is the right approach to solve those issues altogether.
The general subjects covered are memory allocation and safety, order of evaluation and semantics of the builtin functions. No major issue was found in the aforementioned subjects.
About limited review - Vyper Compiler Built
“Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM).”
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, front-running, and accurate fund valuation. However, front-running protection and accurate fund valuation are improvable due to inaccuracies, see StakeWise V3 Position Ticket Valuation.
Similarly, delayed fund valuation may be problematic, see Slashing Can Be Avoided. Further, functional correctness could be improved, see StakeWise Deposit May Revert.
The general subjects covered are code complexity, upgradeability, unit testing, and documentation.
In summary, we find that the codebase provides a good but improvable level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Enzyme Sulu Extensions XII
Avantgarde Finance implements external positions for staking with StakeWise v3.
—
Enzyme is a decentralised asset management infrastructure built on Ethereum. Using Enzyme Smart Vaults, individuals and communities can build, scale and monetise investment (or execution) strategies that employ the newest innovations in decentralised finance.
Summary
The most critical subjects covered in our audit are the correct implementation of the PegKeeperV2 and the PegRegulator, the handling of assets by the PegKeeper, and attack vectors based on the manipulation of the liquidity and price oracles. No major issues were uncovered during the review. All the issues have been addressed. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, gas efficiency, documentation, and specification and testing. The security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
Curve implements PegKeeperV2 a more fine-grained version of PegKeeper. The goal of PegKeeperV2 is to maintain the peg of CRVUSD in its stablepools by adding or removing liquidity in the form of CRVUSD.
—
About Curve PegKeeperV2
“Curve is an exchange liquidity pool on Ethereum (like Uniswap) designed for (1) extremely efficient stablecoin trading (2) low risk, supplemental fee income for liquidity providers, without an opportunity cost.
Curve allows users (and smart contracts like 1inch, Paraswap, Totle and Dex.ag) to trade between DAI and USDC with a bespoke low slippage, low fee algorithm designed specifically for stablecoins and earn fees. Behind the scenes, the liquidity pool is also supplied to the Compound protocol or yearn.finance where it generates even more income for liquidity providers.”
Summary
The most critical subjects covered in our audit are the functional correctness of the contracts, the oracle configuration, and the interaction with the rest of the Gearbox system. No severe issues were uncovered. All the issues reported have been addressed. Security regarding all the aforementioned subjects is high.
The general subjects covered are access control, documentation and specification, gas efficiency, and the complexity of the implementation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Gearbox V3 Oracles
Gearbox Protocol extends and refactors the oracle functionality used by the Gearbox Core V3.
—
“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.
The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”
Summary
The most critical subjects covered in our audit are functional correctness, access control, absence of reentrancy possibilities, handling of funds and precision of arithmetic operations. Security regarding all is generally good. Security regarding functional correctness is good as long as drying out the Aave pool on purpose, see Provoking an Aave Liquidity Crisis, is unprofitable based on the borrow and supply caps, and the flashloan fees.
The general subjects covered are code complexity, error handling, unit testing, documentation, specification, gas efficiency, trustworthiness and error handling. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Mangrove Strategies
Mangrove Association updated the existing strategies Mangrove Order, implementing Good-till-cancelled and Fill-or-kill orders, and Kandel, a “buy low, sell high” market-making strategy that leverages the Mangrove core system, while optimizing the capital efficiency by supplying the idle funds on AaveV3. The code was mainly adapted for compatibility with the changes made in the core. Additionally, the changes include some simplifications.
“The Mangrove is an order book-based DEX that allows liquidity providers to post arbitrary smart contracts as offers. This new flexibility enables liquidity providers to post offers that are not fully provisioned. The Mangrove’s order book lists promises instead of locked commitments. Liquidity can be shared, borrowed, lent and, at the same time, be displayed in the Mangrove’s order book, ready to be sourced when, and only when, an offer is hit. The time of DeFi ‘s fragmentation in a myriad of pools is ending. In the Mangrove, liquidity reaches its ultimate potential. Value doesn’t have to be locked anymore.”
Summary
Even though the codebase is complex, we did not find any severe issues. The code quality is good and Mangrove provides a good documentation for their project.
The general subjects covered are functional correctness, security and documentation. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Mangrove core
Mangrove Association (ADDMA) implements an order book-based exchange where makers can post offers that are essentially promises to trade a certain token pair for a specified amount.
Takers can take these offers. When a taker takes an offer, the maker’s smart contract is called and needs to fulfill the promise to exchange the tokens. If the maker does not meet their obligation, a pre-defined gas reimbursement will be given to the taker. Makers need to deposit the funds to reimburse takers when creating the offer.
The project allows participants full control over their funds up until they can really be exchanged. Hence, avoiding idle or stale funds waiting for order execution. This version implements a new internal data structure, using a tree of bitmaps in order to efficiently find the next-best offer in the order book.
—
“The Mangrove is an order book-based DEX that allows liquidity providers to post arbitrary smart contracts as offers. This new flexibility enables liquidity providers to post offers that are not fully provisioned. The Mangrove’s order book lists promises instead of locked commitments. Liquidity can be shared, borrowed, lent and, at the same time, be displayed in the Mangrove’s order book, ready to be sourced when, and only when, an offer is hit. The time of DeFi ‘s fragmentation in a myriad of pools is ending. In the Mangrove, liquidity reaches its ultimate potential. Value doesn’t have to be locked anymore.”
Summary
The most critical subjects covered in our audit are security vulnerabilities and the validity and integrity of the state and storage proofs. Amongst others, the following issues have been uncovered:
- Broken CairoLib Dependency
- MMR: Verify Against An Intermediate Node Is Possible
- Empty/inexistent storage slots can not be provenAll high severity issues have been resolved.The general subjects covered are functional correctness, robustness and usability.
In summary, we find that the codebase provides a good level of security. It’s worth noting that more thorough testing could have identified most of these issues early. Moreover, there is still room for enhancement in the testing processes. Core functionality of the project is tested with minimal test cases only.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Herodotus on Starknet
Herodotus provides a bridge between Ethereum’s L1 and Starknet’s L2, allowing for trustless proofs of state and storage values of Ethereum accounts on Starknet. Data integrity is ensured through on-chain verification mechanisms leveraging Merkle Mountain Range (MMR) and Merkle Patricia Trie (MPT) verifications.
—
“Herodotus is a powerful data access middleware that provides smart contracts with synchronous access to current and historical on-chain data across Ethereum layers.”
Summary
The most critical subjects covered in our audit are security vulnerabilities and the validity and integrity of the state and storage proofs. Amongst others, the following issues have been uncovered:
- Broken CairoLib Dependency
- MMR: Verify Against An Intermediate Node Is Possible
- Empty/inexistent storage slots can not be provenAll high severity issues have been resolved.The general subjects covered are functional correctness, robustness and usability.
In summary, we find that the codebase provides a good level of security. It’s worth noting that more thorough testing could have identified most of these issues early. Moreover, there is still room for enhancement in the testing processes. Core functionality of the project is tested with minimal test cases only.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Herodotus on Starknet
Herodotus provides a bridge between Ethereum’s L1 and Starknet’s L2, allowing for trustless proofs of state and storage values of Ethereum accounts on Starknet. Data integrity is ensured through on-chain verification mechanisms leveraging Merkle Mountain Range (MMR) and Merkle Patricia Trie (MPT) verifications.
—
“Herodotus is a powerful data access middleware that provides smart contracts with synchronous access to current and historical on-chain data across Ethereum layers.”
Summary
The most critical subjects covered in our audit are functional correctness, access control and standard compliance. Security regarding standard compliance is high. Security regarding access control has been improved since the first iteration of this report (see permission can be bypassed in transferFrom()). Additionally, a critical issue allowing users to spend encumbrance of other users in certain cases has been disclosed and fixed by Compound after the first iteration of this report: Encumbered balances can be transferred. Functional correctness is now extensive.
The general subjects covered are code complexity and quality of specification documentation. Some inconsistency has been identified in the specifications, see Incorrect specs, which was corrected.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Compound SUPTB
Compound implements an EIP-7246 (under review) compliant token SUPTB (Superstate short-term U.S. government bonds) and a permission list contract. It introduces a new feature: Encumbrance on top of ERC-20 to separate the ownership of tokens from the right to transfer them.
—
“Compound is a protocol on the Ethereum blockchain that establishes money markets, which are pools of assets with algorithmically derived interest rates, based on the supply and demand for the asset. Suppliers (and borrowers) of an asset interact directly with the protocol, earning (and paying) a floating interest rate, without having to negotiate terms such as maturity, interest rate, or collateral with a peer or counterparty
Each money market is unique to an Ethereum asset (such as Ether, an ERC-20 stablecoin such as Dai, or an ERC-20 utility token such as Augur), and contains a transparent and publicly-inspectable ledger, with a record of all transactions and historical interest rates.”
Summary
The most critical subjects covered in our audit are access control and functional correctness. All raised issues have been addressed accordingly. The most critical issue found in the assessment was related to incorrectly counted votes in InclusionVote (see Blank Votes Not Counted).
In summary, we find that the codebase now provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Yearn yETH Governance
Yearn implements an on-chain governance system for yETH and the new contracts. They allow st-yETH holders to vote for generic proposals and Pool parameter changes.
—
Yearn Finance is “a suite of DeFi tools and products in an interconnected financial ecosystem running on various smart contracts. The yEarn Finance ecosystem is community-controlled and governed via a governance token called YFI.”
Summary
The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO – ArrangerConduit
MakerDAO implements a contract that is used to give access to funds of Maker SubDAOs to external actors for the purpose of investment into real-world assets.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are functional correctness and frontrunning resistance. Functional correctness is high.
While the conduit withdraw() function can be frontrun, the function is only called by members of the SubDAO which are able to mitigate the risk, if necessary, by using more private channels for the inclusion of such transactions into the blockchain.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About MakerDAO SparkLendConduit
MakerDAO implements a conduit contract for funnelling sNST into Spark, an Aave v3 fork.
—
“The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere.”
Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, and access control. Security regarding functional correctness and access control is high, while security regarding asset solvency is improvable, see No Functionality to Recover From Bridge Failure.
The general subjects covered are code complexity, upgradeability, trustworthiness, documentation, and gas efficiency. Contracts in scope of this assessment are not upgradeable and have limited privileged roles. The code is well written. The documentation is improvable and the codebase could be more gas efficient, see Findings.
In summary, we find that the codebase provides a satisfactory level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Frankencoin Smart Contracts
The Frankencoin system is a set of smart contracts that issue the Frankencoin (ZCHF) on-chain, a stablecoin that is supposed to be pegged to the Swiss Franc. Each Frankencoin minted is backed either by collateral assets or other trusted Swiss Franc stablecoins. The governance of the system is based on veto rights of shareholders that control at least 2% of the total voting power.
“Frankencoin is a collateralized, oracle-free stablecoin that tracks the value of the Swiss franc. Its strengths are its decentralization and its versatility.”
.svg)
Summary
The most critical subjects covered in our audit are functional correctness, access control, denial-of-service, precision of arithmetic operations, and reentrancy. Security regarding all the aforementioned subjects is good.
The general subjects covered are gas-efficiency, documentation, and error handling.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but do not replace other vital measures to secure a project.
About Spool V2 smart contracts
Spool implements a system for meta-strategies where users invest in vaults that then collectively invest in strategies that interact with third-party DeFi systems.
—
“Introducing Spool V2, the next evolution in our DeFi infrastructure designed for institutions and professionals. Building on our V1 proof of concept, V2 offers exponential enhancements in efficiency, composability, utility, and security.”
.svg)
Summary
The most critical subjects covered in our audit are functional correctness, asset solvency, and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are specification and gas efficiency. Security regarding the aforementioned subjects is high. Note that the zkAllocation is not specified precisely and is treated as a black box.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Sturdy Aggregator Smart Contracts
Sturdy implements Sturdy Aggregator, a lending optimizer with the ability to provide just-in-time liquidity by moving funds between different lenders.
—
“Sturdy is a lending protocol where borrowers farm with up to 10x leverage & lenders receive high yields.”
Summary
The most critical subjects covered in our audit are functional correctness and security of user funds. Security regarding all the aforementioned subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About StarknetID Auto Renew
StarknetID has implemented a non-upgradable auto-renewal contract to streamline domain renewals for users. Users can seamlessly enable or disable spending flows, which, subject to certain conditions, are executed by a designated, whitelisted renewer. These conditions include annual execution and ensure the domain expires in less than a month. The contract is governed by an admin, with users being responsible for setting accurate allowances.
—
“StarkNet.ID serves as a versatile passport for StarkNet, facilitating seamless storage and sharing of user-specific data within the StarkNet ecosystem. This robust identity protocol allows various Starknet app to access and utilize user information effortlessly, enhancing the overall user experience.”
Summary
The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are code complexity, suitability of the implementation for the intended use case and accuracy of the documentation.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Mimo Capital MCAG Contracts
Mimo Capital AG issues ERC-721 compliant NFTs called KUMABondTokens, which are backed by real-world bonds. Additional smart contracts handle functionalities like KYC compliance through KYCToken, role-based access control via AccessController, and price feed updates through MCAGAggregator and KIBTAggregator. The system also allows for pausing the tokens and maintains a blacklist of addresses that cannot interact with the KUMABondTokens.
—
“Mimo Capital AG is authorized to bring real-world assets, such as sovereign and corporate bonds, onto the blockchain via a process called tokenization, allowing for more transparency as each token is linked to a specific set of underlying assets held in custody.”
Summary
The most critical subjects covered in our audit are functional correctness and access control. Security regarding all the aforementioned subjects is high.
The general subjects covered are upgradeability, gas efficiency, and trustworthiness. We found that security regarding those subjects is high.
In summary, we find that the codebase provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Polygon Token (POL)
Polygon implements the POL token, a fungible asset on Ethereum that supports the revised Polygon protocol architecture, and in particular its emission schedule and the migration from the previous MATIC token.
—
“Polygon is a decentralised Ethereum scaling platform that enables developers to build scalable user-friendly dApps with low transaction fees without ever sacrificing on security.”
.svg)
Summary
The most critical subjects covered in our audit are asset solvency and functional correctness. This includes the yield distribution for the rebasing token.
The general subjects covered are the documentation, integrability into the DeFi ecosystem and efficiency.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Kuma Protocol
The KUMA protocol is designed to tokenize KUMABond NFTs into KIB ERC-20 tokens. Interests are distributed through the rebasing mechanism of the token. ERC-20 ist the most common token standard and hence these KIB tokens are compatible with various decentralized finance protocols. The system has safeguards such as a Deprecation Mode to allow for a graceful shutdown and uses UUPS proxy pattern for upgradability.
—
The KUMA Protocol is a decentralized protocol issuing interest-bearing tokens backed by regulated NFTs, themselves backed by Real World Assets (RWA). At start the KUMA Protocol accepts regulated KUMA NFTs that are backed by sovereign bonds.
Summary
The most critical subjects covered in our review are asset solvency and functional correctness. Security regarding the aforementioned subjects is improvable. The most important issues uncovered are (1) asset solvency is low due to wrongly maintained internal accounting (see Wrong Accounting upon Margin Account Top up) and (2) functional correctness is low due to the value the tranches not including unrealized LP fees (see Accrued Interest Is Not Accounted in trancheValue).
The first issue has been fixed by a change of specification. Xena Finance has decided they only want to use a single tranche. The issue remains valid if Xena Finance decides to add more tranches. This leaves the codebase complex, while the functionality that will be used is simpler. The second issue related to accrued interest remains unfixed.
Additionally, there are a number of issues that Xena Finance decided not to fix, which could cause problems in the edge cases outlined in those issues.
The general subjects covered are documentation and specification. Security regarding all the aforementioned subjects is improvable. Documentation and specification are not sufficient due to the overall lack of documentation and unclear specification, see Missing Documentation.
In summary, we find that the codebase currently provides an improvable level of security.
Users of the system should check the Notes section for important information to consider before using the system.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.
About Xena smart contracts
Xena Finance implements a decentralized, non-custodial perpetual exchange. It aims to provide users with zero price-impact trades.
—
“Welcome to Xena Finance, where we’re making trading simple and exciting for everyone! We’ve created a place where you can easily trade and manage your risks, all while keeping the custody of your funds.”
.svg)
Summary
EIP-4788 uses a smart contract to temporarily store beacon chain roots on the execution layer in EVM storage. The contract is written directly in EVM assembly. Internally, the contract uses two ring buffers, one for timestamps and one for beacon roots. Hence, previously written beacon roots will be overwritten eventually. The most critical subjects covered in our audit are the security and the correctness of this smart contract storing and providing the beacon roots. The most important properties are:
(1) only the privileged SYSTEM_ADDRESS can store beacon roots
(2) only previously stored beacon roots can be retrieved
(3) the ring buffer correctly overwrites old beacon roots
(4) previously stored beacon roots can be queried by any smart contract by providing the timestamp of the following beacon block
Furthermore there was an important performance property:
(5) limit the storage consumption of the contract and use the storage efficiently
For the originally submitted contract, we found that property (2) can be violated by querying the Zero-Timestamp and that property (5) depends on block interval to stay constant at 12 seconds. To improve the storage efficiency and hence reach property (5) we proposed that the ring buffer should have a prime size. Furthermore, we investigated possible gas savings and made some recommendations which focused on reducing the execution cost of the contract’s usual execution path.
The smart contract and the EIP were consecutively updated as follows:
(1) an explicit check was added to prevent querying the Zero-Timestamp
(2) the ring buffer size became a prime number (specifically 8191), which provides more efficiency independent of block interval as described in the audit report, see “Implications of Ring Buffer Size”
We then further analyzed these updates. We found that during regular times the contract can return the 8191 most recent beacon roots. Given the current block interval that results in roughly 27 hours of historic data. However, before hard forks or with varying block intervals the contract might only return the beacon roots from the past 8191 seconds (roughly two hours), as described in “Changes in Block Interval”.
Last but not least, we wrote “Notes for smart contract developers”, planning to interact with this contract, so that they can avoid potential mistakes.
Overall, we found that after these fixes the smart contract code provides a high level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but do not replace other vital measures to secure a project. Specifically, in this review the way how clients interact with this special smart contract to set beacon roots was out of scope.
About EIP‑4788 Contract
EIP-4788 introduces a mechanism for the execution layer of Ethereum mainnet to access the beacon roots of the consensus layer. This access is provided through a regular smart contract which acts as a temporary database. This particular smart contract is the scope of this audit.
—
The Ethereum Foundation (EF) is a non-profit organization dedicated to supporting Ethereum and related technologies.