Coming Soon!

Aave v3 is a liquidity protocol running on multiple EVM-compatible networks, where user can supply and borrow liquidity.

The v3.1 version target of this competition is an upgrade of the implementation smart contracts of Aave v3, focusing on improving its security and different operational aspects. More extensive information about Aave v3.1 can be found on the Aave governance forum HERE.

aave.com

Prize distribution and scoring

Total Prize Pool $150,000

• The prize distribution has 3 possible triggers:
  • If one or more valid low/informational severity findings are found, the total pot size is $20,000
  • If one or more valid medium severity findings are found, the total pot size is $50,000
  • If one or more valid high severity findings are found, the total pot size is $150,000
• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted for Primary Prize Pool.
• $20,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st $10,000
  • 2nd $5,000
  • 3rd $2,000
  • 4th $1,500
  • 5th $1,500

Documentation

• High-level context/motivation of Aave v3.1.
• Repository containing the Aave v3.1 code.
  • Features of Aave v3.1 with context.
  • Certora security review.
  • Mixbytes security review.
• Repository containing the payload to upgrade Aave v3 to v3.1.
  • Description of what is done on the upgrade.
  • Codebase diff between production v3 and v3.1

Scope

Contracts

Repository: github.com/aave-dao/aave-v3-origin Commit: 38e7cfb49069837fae99750d8db37f19735fedd7

Repository: github.com/bgd-labs/protocol-v3.1-upgrade Commit: a80a0fb843e4aef524bad5acd8185a470d5d712f

• Only the logic affected by the 3.1 code changes is in-scope. However, unintended consequences of these changes on other logic of Aave v3 core contracts eligible for prizes on the contest.

  For a more clear overview of the exact changes between Aave v3 and Aave v3.1, we recommend to check the diff files on the codebase included HERE.

Code Overview

Recording TBD

Transcript TBD

Build Instructions

The 2 repositories in scope contain instructions to setup the project and run tests:

• v3.1. codebase
• Upgrade proposal

Both are standard Foundry-based repositories.

Proof of Concept Instructions

For tests/PoC on a local test environment with a clean deployment of Aave v3.1, a basic template can be found on https://github.com/aave-dao/aave-v3-origin/blob/main/tests/template/BaseTest.t.sol

To do any tests/PoC based on 3.1 being applied in production, a basic template can be found on https://github.com/bgd-labs/protocol-v3.1-upgrade/blob/main/tests/template/EthereumBaseTest.t.sol

Out of scope

• Problems arisen from misusage of permissioned entry-points are out of scope. E.g. an address with POOL_ADMIN role passing wrong parameters.
• Only problems caused directly or indirectly by the 3.1 changes are in scope, not those applicable on v3 already.
  • Example of In-Scope: a new attack vector caused by the introduction of virtual accounting, more severe than the same vector on v3.
  • Example of Out-of-Scope: a flash loan attack vector applicable on v3 production, with no relation with any of the new features on v3.1.
• All assets listed on Aave v3.1. are expected to have minimum liquidity at all times.
• Virtual accounting can create situations where due to imprecision of other circumstances (e.g. bad debt), some balance of underlying in the aToken contract is temporarily not withdrawable. This is intended and unless opening to some vector causing major loss of funds, out-of-scope.

Out of scope automated findings generated by LightChaser

• aave-v3-origin
• protocol-v3.1-upgrade

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.

Curvance Competition

Competition at a glance

• Monday, February 26th 20:00 UTC to Thursday, April 15th 20:00 UTC
• Total Prize Pool: $375,000

What is Curvance

Curvance at a glance

Curvance is a cross-chain money market for yield bearing assets. Maximize yield while leveraging the full value of your assets. Curvance simplifies DeFi, with a modular system capable of creating complex strategies for users in a single click.

Curvance operates as a hybrid model between a yield optimizer and a cross-margin money market. This model has various characteristics atypical for incumbent money markets such as:

• Collateral deposits and debt deposits receive two different types of tokens, collateral tokens (cTokens) and debt tokens (dTokens).
• Rehypothecation has been removed. This allows for the support of long-tail assets which, if borrowable, could introduce systemic risk to DeFi.
• "Collateral Posting", by introducing a hybrid model, users can yield farm an unlimited amount of assets, but, to leverage the corresponding money market, the collateral must be "posted", like a perpetual exchange. Collateral posting has restrictions on the total amount of exogenous risk allowed to be introduced into the system.
• Dynamic Interest Rates with interest rate decay, vertex slope can be adjusted upward or downward based on utilization similar to kashi, however, a new continuous negative decay rate is applied every cycle when interest rates slope is elevated.
• Dynamic liquidation engine allows for more nuanced position management inside the system. Introduces a sliding scale of liquidation between light soft liquidations and aggressive hard liquidations.
• Bad debt socialization, when a user's debt is greater than their collateral assets, the entire user's account can be liquidated with lenders paying any collateral shortfall.
• Crosschain gauge system, introducing of gauge system allowing reward streaming to collateral depositors and lenders. With the ability to configure by token and no limit on the number of different token rewards streamed.
• Delegated actions, ability to delegate user actions to any address, allowing for support for things like limit orders, DCA, take profit, crosschain borrowing, crosschain lending. Some of these are built already in this repo, others are not.

Prize distribution and scoring

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted.

Documentation

• CANTINA_README.md
• Documentation Link

Scope

The "contracts" folder contains all the smart contracts you will be auditing, excluding:

• mocks
• libraries/external
• interfaces/external

Two solady contracts developed by Vectorized have been included in the audit as we are huge advocates for highly optimized versions of common contract formats and would like to see these fully audited. This means the partial FixedPointMathLib contract, and ERC4626 contracts inside the library folder are intentionally included, and are considered in scope.

• Repository: github.com/curvance/Curvance-CantinaCompetition
• Commit: c01e6bda82a60ac4842bf0d3363d63e89c870758
• Total LOC: 15558 (excluding interfaces)

Out of scope

• Out of scope detailed in CANTINA_README.md#areas-considered-out-of-scope

Out of scope automated findings generated by LightChaserV3

• Curvance bot findings

Build Instructions

The project readme details the build instructions.

Basic Proof Of Concept test

From the CANTINA_README:

### Tests
Attached in this repo you will find just over 1,000 tests in categories such as unit tests/integration tests/stateless fuzzing tests. Additionally, you will also find a substantial stateful fuzzing testing harness with just over 200 invariants tests. This was built in collaboration with Trail of Bits and covers VeCVE and most of the Curvance Money Markets. You can also find an attached readme in the fuzzing suite folder covering running the harness locally or in the cloud. Other tests can be ran simply via forge tests. Additional information on running the test suite can be found in the repo readme.

### Proof of Concepts
As part of the test suite inside Curvance, you will find many testing base contracts that set up Curvance and test various functionality. These are perfect to utilize when you want to work on a proof on concept for a bug. Feel free to mess around with test suite and to modify the testing deployments for whichever scenarios you would like to explore.

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

Optimism Safe Extensions Competition

Overview

OP Labs has developed Safe Modules and a Safe Guard for use on the Security Council safe which is involved in upgrades to OP Mainnet and other chains in the Superchain.

These modules and guard provide additional security guarantees and add functionality to the Safe contract used by the Security Council, but are absolutely safety critical to ensure the ability to continue upgrading the system.

Prize distribution and scoring

Total Prize Pool $75,000

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted for the Primary Prize Pool.
• $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st $2,500
  • 2nd $1,250
  • 3rd $500
  • 4th $375
  • 5th $375

Documentation

The modules and guard of the Security Council Safe are outlined in the specs: security-council-safe.md.

Scope

This contest is focused on extensions to the Safe contracts, which control upgrades to OP Mainnet and other OP Chains.

We are particularly interested in identifying any attacks which could either:

1. Allow a bypass of authorization.
2. Introduce the possibility of ‘bricking’ the safe so that it can no longer execute transactions.

A more thorough list of security properties is outlined in the specs linked to above.

Any inaccuracies in the Specs would be considered as a low finding.

Contracts

• Repository: ethereum-optimism/optimism.
• Commit: a6d4eeda11477adfcd106e03131625a40334e3a6
  • LivenessModule (on Sepolia)
  • LivenessGuard (on Sepolia)
  • DeputyGuardianModule (on Sepolia)
  • SafeSigners (Library)

Configurations

Two possible configurations are being considered. Issues in either configuration are welcome.

The first configuration is as currently deployed to Sepolia.

• Configuration 1 diagram

The second configuration adds a Guardian safe which is a 1 of 1 controlled by the Security Council Safe. This configuration reduces the impact of a flaw in the DeputyGuardianModule which might somehow brick, or allow privilege escalation of, the Security Council Safe. In that event, an upgrade could be used to update the Guardian role.

• Configuration 2 diagram

Build Instructions

The full suite of contracts can be built and tested with the following:

cd packages/contracts-bedrock
pnpm install
pnpm build
pnpm test

Proof Of Concept

The ideal PoC would be based on a minimal modification of one of the existing relevant test files located in packages/contracts-bedrock/test/Safe.

Out of Scope

• Scripts and test files.
• Any ethereum-optimism/optimism files not outlined above.
• Any safe-global/safe-smart-account files not directly interacting with the scope outlines above.

Note that any attacks which require a threshold of signers are out of scope.

Automated findings generated by LightChaserV3

• Optimism Safe Extensions bot findings

Blast Competition

Welcome security researchers to the largest competition in history with Blast! Blast is an L2 for the Ethereum ecosystem introducing native yield for ETH and stablecoins.

Say goodbye to flipping tabs, using Discord, copying Github links, and the nuisances of the competition experience of the past and hello to...

Cantina Code. The ultimate code review experience built by security researchers for security researchers. It is our pleasure to have you - we hope you choose to stick around 🪐

What is Blast

How Blast works

AUTO REBASING

Users transact in ETH. Dapps are built around ETH. Blast was designed from the ground up so that ETH itself is natively rebasing on the L2.

L1 STAKING

Blast only became possible this year following Ethereum's Shanghai upgrade. ETH yield from L1 staking, initially Lido, is automatically transferred to users via rebasing ETH on the L2.

T-BILL YIELD

Users who bridge stablecoins receive USDB, Blast's auto-rebasing stablecoin. The yield for USDB comes from MakerDAO's on-chain T-Bill protocol. USDB can be redeemed for USDC when bridging back to Ethereum.

Visit the blast.io for a complete project overview.

Prize distribution and scoring

• The prize distribution has 3 possible triggers:
  • If one or more valid low/informational severity findings are found, the total pot size is $20,000
  • If one or more valid medium severity findings are found, the total pot size is $200,000
  • If one or more valid high severity findings are found, the total pot size is $1,200,000
• Scoring described in the competition scoring page.
• $20,000 of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
  • 1st: 10,000
  • 2nd: 5,000
  • 3rd: 2,500
  • 4th: 1,250
  • 5th: 1,250
• Note that for Low / Info findings, we want to encourage high-quality non-trivial submissions. Given that the codebase has gone through multiple reviews before, and due to the large number of participants, we’ll be marking any trivial low / info findings as invalid (these are typically findings generated from a static-analyzer). To reiterate, the above pot is judged on quality alone and not quantity.
• Findings Severities described in detail on our docs page.

Scope

Check out the previously recorded code read through for the competition:

Blast Competition Live Code Walkthrough LINK TBD.

Combined Repo

• Repository: https://github.com/blast-io/blast/
• Commit hash: d0a4eda94a57622cee35e4afb15379d8025ead00

See the diff against ea28fd1a46e71f207954d60524bd82ee1df61235 which represents upstream to see our unique changes on the OP stack here.

Blast-Geth

• Repository: https://github.com/blast-io/blast/tree/master/blast-geth
• Commit hash: d0a4eda94a57622cee35e4afb15379d8025ead00

Blast-Optimism

• Repository: https://github.com/blast-io/blast/tree/master/blast-optimism
• Commit hash: d0a4eda94a57622cee35e4afb15379d8025ead00

Files and Folders in Scope

Additional Out of Scope files

Out of Scope issues

Any acknowledged / won't fix findings on the previously published reviews will be considered out of scope.

Findings noted as fixed, that in fact are not fixed, or introduce new issues, are considered in scope:

Spearbit: Blast Node Review

All Informational findings are acknowledged. The remaining are noted below:

• acknowledge / won't fix:
  • 5.3.13 Share remainder becomes increasingly inefficient over time
  • 5.3.12 SubClaimableAmount() can claim more than the maximum claimable balance
  • 5.3.11 Configuring a YieldClaimable account to YieldClaimable resets the claimable balance
  • 5.3.9 To implement TODOs found in the code risking node ops
  • 5.3.3 op-geth/core/vm/contracts.go change makes multiple methods less efficient
• fixed:
  • 5.1.1 Gas tracking introduces resource consumption related DOS
  • 5.3.10 SelfDestruct permanently deletes all unclaimed yield
  • 5.3.8 No nil check on ZeroClaimRate
  • 5.2.1 MemoryStateDB contains data race in DeleteState()
  • 5.3.7 AllocateDevGas() divide-by-zero can cause denial of service
  • 5.3.6 (b *blast) Run() caller authorization conditionals should be placed before input deserialization
  • 5.3.5 AllocateDevGas() contains redundant hashing
  • (partially addressed -> 1 panic removed, remaining acknowledged) 5.3.4 Invariant panics risk node operation
  • 5.3.2 USDB predeployment is skipped
  • 5.3.1 (i ImmutableConfig) Check() is missing validation checks for new Blast fields

Spearbit: Blast Contracts Review

• acknowledge / won't fix:
  • 5.2.2 commitYieldReport() will revert when withdrawing insurance to cover negative yield
  • 5.3.6 Fraud recovery logic is missing
  • 5.4.7 WETHRebasing virtual share earns yield
  • 5.4.8 Gas claim rate is non-continuous
  • 5.4.11 claimGasAtMinClaimRate uses all etherSeconds when minClaimRateBips <= zeroClaimRate
  • 5.4.12 etherSeconds can be saved up to be used on vesting subsequent gas claims
  • 5.4.13 USDC to DAI conversion can fail once debt limits are exceeded
• fixed:
  • 5.2.3 WETHRebasing share price precision issue breaks ERC20 invariants
  • 5.1.4 Changing yield from Claimable cause fund loss
  • 5.1.5 Calling findCheckpointHints() with _firstIndex as 0 will always revert
  • 5.1.6 Withdrawing discounted ETH from L2 always fails
  • 5.1.7 Fund duplication via ERC20 self-transfer
  • 5.1.8 Message can be passed through OptimismPortal to maliciously call ethYieldManager
  • 5.1.3 _delegatecall_uint256_arr_arg_returns_uint256 wrong calldata encoding
  • 5.1.2 L1BlastBridge uses wrong token order when bridging USD yield tokens
  • 5.1.1 msg.sender has to be un-aliased in L2BlastBridge.finalizeBridgeETHDirect()
  • 5.2.1 Inflated _sharePrice() from inclusion of lockedAmount funds
  • 5.2.4 Unset governor allows to steal both yield and gas refund
  • 5.2.5 Unsafe ERC-20 transfer breaks USDT bridging in L1BlastBridge
  • 5.2.6 ETH yield token bridge transactions use fixed gas and are not replayable
  • (resolved by another fix) 5.3.7 Initial depositor can inflate share to siphon yield of smaller deposits
  • 5.3.8 Reinitialization causes metering parameter to be reset
  • 5.3.9 admin in the Insurance contract can never be set
  • 5.3.10 donateETH funds are stuck in OptimismPortal
  • 5.3.11 Actual claim rate may be below minClaimRateBips
  • 5.3.1 YieldManager.finalize can underflow for accumulatedNegativeYields
  • 5.3.3 YieldManager can claim fewer unstaked tokens than expected resulting in insolvency
  • 5.3.4 USDConversions can swap locked funds
  • 5.3.5 YieldManager can stake locked funds
  • 5.4.6 Missing onlyEOA modifier
  • 5.4.9 Standard ERC20Permit allows different name initialisation in constructor and initialiser
  • 5.4.10 Claiming gas can run out of gas in transfer
  • 5.4.14 Unsafe type casts
  • 5.4.5 LidoYieldProvider.isStakingEnabled is incorrect
  • 5.4.4 Non-zero Maker's PSM buyGem() fee will cause DAI to USDC swaps to fail
  • 5.4.3 DSRYieldProvider.sol.isStakingEnabled() does not check liveness of Maker's protocol
  • 5.4.2 Blast.claimYield() should revert when claiming more than the available amount
  • 5.4.1 Admin should not be allowed to revoke its role

3rd external review: TBA

Blast team notes there is sufficient overlap with other already noted fixed or out of scope items.

Other Out of Scope

Automated findings from 4naly3er.

Errors Tests, Mocks, Documentation files are considered out of scope. The exception being where implementation code does not adhere to spec (i.e. implementation errors in scope vs docs typos out of scope).

The following categories of issues are out of scope for this competition.

• Issues that posit a malicious sequencer operator
• Issues related to centralization concerns
• Concerns about the incentives for smart contracts to optimize their gas given that they can claim the sequencer fees caused by their contracts
• Concerns about regulating Blast's block space since smart contracts can claim their sequencer fees
• Frontrunning yield updates
• Increasingly inefficient balance representations caused by Blast's limited precision, constantly increasing share prices
• Locked funds caused by the sequencer operator finalizing withdrawal requests that turned out to be faulty (i.e. the output root changed)
• Inability to replay stETH deposits that failed on the L2

Documentation

• Blast docs
• Blast geth docs
• Blast contracts docs

MiloTruck has put together a fantastic compilation of intro resources for understanding Blast at a base-level here.

Build Instructions

Running Blast locally (against a local L1)

Contact Us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

Goat.Tech Competition

What is Goat.Tech

Goat.Tech is a social-financial game, where users play by mainly staking ETH in each other’s “Trust Pool” to earn 10 types of rewards, increase reputation (Trust Score), and find out who’s the GOAT (highest Trust Score). Trust Score is fully on-chain; can be used to attract, assess, and target Web3 prospects. Who needs? KOLs, founders, investors, and more.

The contracts will be deployed on Arbitrum One. While we make sure that even devteam cannot touch users’ locked funds in the Locker contracts, we maintain a certain level of centralization in order to intervene when there are bugs or exploits or urgent needs to upgrade contracts. The Controller contract contains core logic and can be upgraded. Despite a certain level of centralization, it’s impossible for the development team to access users’ locked funds in Locker contracts.

There are 2 roles - owner and admin. All contracts have the same owner address. Owner can change admin addresses. In our case, admin addresses are internal contract addresses, not EOAs, so that only internal contracts can call each other. The natural process of software stability takes time and iteration. We’re committed to removing upgradability from our smart contracts, but this process must first run its course.

Prize distribution and scoring

Total Prize Pool $ 80,000

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted for Primary Prize Pool.
• $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st $2,500
  • 2nd $1,250
  • 3rd $500
  • 4th $375
  • 5th $375

Documentation

• docsend.com/v/4zg85/goatxtechxarb
• academy.goat.tech
• github.com/cantina-forks/goattechlabs-smart-contracts/blob/main/README.md
• Walkthrough recording (password = spearbit)

Contracts

• Repository: github.com/cantina-forks/goattechlabs-smart-contracts
• Commit ab6e96370ea6cf823ec1ac268521722b0e1f2d35
  • forked from original repository on commit:fb43992f33066f264ad12cc86c954f7f6f9c710a

Build Goat.Tech with Solidity 0.8.8

There are 8 contract files in the "Contracts" folder

• Controller.sol (important): contains most of the core logic; allows admin to set/modify protocol parameters; is approved by users to withdraw unlocked funds from Locker contracts.
• DCT.sol: the $GOAT token contract.
• GlobalAccessControl.sol: when called by an address, other contracts will call this contract to check whether the calling address has access (is admin) or not.
• PoolFactory.sol: creates a "Trust Pool" for each user, so that other users can stake ETH in that pool.
• PrivateVester.sol: allows setting/modifying vesting schedule for $GOAT token.
• Profile.sol: stores on-chain information and parameters of users.
• Voting.sol: allows users to create reputation Challenges and allows them to Vote on these Challenges; much like voting on proposals.
• EthSharing.sol: allow users to edit their pool's configuration, such as pool reward rate and staker reward rate.

There are 10 contract files in the "Modules" folder, which are repeatedly used code (to prevent code duplication)

• AccessControl.sol: a module used by GlobalAccessControl.sol.
• Cashier.sol (important): facilitates users' depositing & withdrawing funds to/from other contracts.
• DToken.sol: dividend token that stands for a share in reward distribution.
• Distribution.sol (important): distributes rewards to dividend token holders.
• Earning.sol: stores user earning and calculates different kinds of earnings.
• Initializable.sol
• Locker.sol (important): stores locked ETH and $GOAT; only Controller contract is approved (once by each user) to with unlocked funds from Locker contracts.
• PERC20.sol: private, non-transferrable ERC20.
• UserAccessControl.sol
• Vester.sol: stores and unlocks token according to vesting schedule set by PrivateVester contract.

Build Instructions

In order to deploy all contracts —> please use scripts prepared here:

• cantina-forks/goattechlabs-smart-contracts/tree/main/scripts

Proof Of Concept Instructions

From 18 contract files above, 21 contracts have been successfully deployed on Sepolia Arbitrum testnet. The Dapp is live on Arb.Goat.Tech

Some of these contracts use the same code, for example DCT_earning and ETH_earning use earning.sol, the xxx_dtoken contracts use dtoken.sol, and the xxx_distributor contracts use distributor.sol.

POOL_FACTORY: '0x8e0caee3d94d5497744e2db30eec2d222739df6d': When a pool is created, a P2U_dtoken for that pool will also be deployed; when a user stake in this pool, it will receive this P2U dtoken which represents its Staking Power in this pool (its share of all rewards received through this pool).
CONTROLLER: '0xb4e5f0b2885f09fd5a078d86e94e5d2e4b8530a7'
PROFILE: '0x7c25c3edd4576b78b4f8aa1128320ae3d7204bec'
DCT_EARNING: '0xecc07bf95d53268d9204ec58788c4df067ce075c': stores and calculate user earning in $GOAT.
ETH_EARNING: '0xf7a08a0728c583075852be8b67e47dceb5c71d48': stores and calculate user earning in ETH.
ETH_LOCKER: '0x0265850fe8a0615260a1008e1c1df01db394e74a': stores locked ETH.
DCT_LOCKER: '0x1033d5f886aef22ffadebf5f8c34088030bb80f3': stores locked $GOAT.
E_P2P_DTOKEN: '0x8b64439a617bb1e85f83b97ea779edef49b9dcb2': a pool owner earns Ep2p dtoken when ETH is staked in its pool; this dtoken balance is called the Trust Score.
D_P2P_DTOKEN: '0x72835409b8b49d83d8a710e67c906ae313d22860': a user earns Dp2p dtoken when staking $GOAT in its own pool; this dtoken balance is called Boost-Vote Power (because it's used to Boost one's Trust Score, and Vote on Challenges); this dtoken represents all $GOAT stakers.
DCT: '0x5bfe38c9f309aed44daa035abf69c80786355136': $GOAT token.
VOTING: '0x896604b21c6e9cbce82e096266dcb5798cdda67b'
E_DP2P_DISTRIBUTOR: '0x6df03a30c6f428b88c2bc9cb150d752935d971d0': airdrop/distribute ETH rewards to all Dp2p dtoken holders ($GOAT stakers) pro-rata.
D_DP2P_DISTRIBUTOR: '0xb087427ba44ed71a40ac80b86e41420b7fb595ec': airdrop/distribute $GOAT rewards to all Dp2p dtoken holders ($GOAT stakers) pro-rata.
MULTICALL: '0xea4172c0033e6e90db9d2ee6e56cd27889ff09c3'
D_P2P_DISTRIBUTOR: '0x88185cd296fd85169ee6152728daaef5fcca9c0a': distribute $GOAT (Mining Reward) in 2 steps - to all pools based pool owners' Trust Score (Ep2p dtoken balance) pro-rata, and then to all stakers in each pool based on each staker's Staking Power (P2U dtoken) in that particular pool pro-rata. 
GLOBAL_ACCESS: '0x588cf1494c5ac93796134e5e1827f58d2a8a9cdb'
DEV_TEAM_DTOKEN: '0x03340c677ae7d887e8c4bd57e2fac10c75c479df': dtoken for Protocol Revenue.
DEV_TEAM_DISTRIBUTOR: '0xa42901fc3a89cd2f3ac97b43cf5069b4ef51f40a': distribute ETH Protocol Revenue pro-rata.
PRIVATE_VESTER: '0x484a42a88eb7f673ec3f688ebb17bfa2341ab562'
DCT_VESTER: '0xcbc65770b01bf12f7ccf8ce25adce9c807510976'
ETH_SHARING: '0xe8330ece50934eac7457a712f9079d7775b04c9a'

How to feed Goat.Tech Trust Score On-Chain:

• Step 1: retrieve the pool address of a user address by calling the getPool(address) function of contract PoolFactory, which is 0x854626ec1e654ecdce94b39e5896587881f844d4 (on Blast Sepolia).

const pool = await ContractPoolFactory.methods.getPool("0x1c60244959213ba28610dd0702bb50cc98328e75").call()
const dctDistributor = pool.dctDistributor;

• Step 2: Call balanceOf(pool.dctDistributor) function of contract EP2PDToken, which is 0xda73d0e531fce6ddb355ba7d324e7955ebbe15f0 (on Blast Sepolia).

const trustScore = await ContractEP2PDToken.methods.balanceOf(dctDistributor).call()

• ABI Interface of contract PoolFactory: PoolFactoryABI.json
• ABI Interface of contract EP2PDToken: EP2PDTokenABI.json

Out of scope

• Scripts and test files

Automated findings generated by LightChaserV3

• GOAT.TECH Smar Contracts bot findings

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

Morpho Blue Competition

Morpho Labs has teamed up with Cantina for the inaugural public security review competition hosted on their new platform by security researchers for security researchers. The competition will run two codebases in parallel: Metamorpho & Morpho Blue.

Competition at a Glance

• November 13th 10:00 UTC to December 4th 10:00 UTC
• Metamorpho: $100,000
• Morpho Blue: $100,000
• Total Prize Pool: $200,000

What is Morpho Blue and MetaMorpho

Morpho Blue and MetaMorpho form part of the vision to rebuild decentralized lending in layers, with MetaMorpho enabling any lending experience to be rebuilt on a shared and immutable base layer: Morpho Blue.

Morpho Blue is a trustless lending primitive that offers unparalleled efficiency and flexibility. It enables the creation of isolated lending markets by specifying any loan asset, any collateral asset, a liquidation LTV (LLTV), an oracle, and an interest rate model.

Visit the docs for a complete project overview.

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the # of duplicates.
• 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $5,000
  • 2nd: $2,500
  • 3rd: $1,250
  • 4th: $625
  • 5th: $625

Scope

Check out the previously recorded read through of the repos for both competitions:

Morpho Competition Live Code Walkthrough on twitter.

Morpho Blue

• Repository: morpho-org/morpho-blue
• Total LOC: 847
• Files: all files in src except the mocks folder

Out of Scope issues

Any findings on the previous review from OpenZeppelin / Cantina Managed review will be considered out of scope.

Automated findings from 4naly3er.

Contact Us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

Metamorpho and Periphery Competition

Morpho Labs has teamed up with Cantina for the inaugural public security review competition hosted on their new platform by security researchers for security researchers.

The competition at a glance:

• November 16th 10:00 UTC to December 7th 10:00 UTC
• $100k total prize pool.

What is Morpho Blue and MetaMorpho

Morpho Blue and MetaMorpho form part of the vision to rebuild decentralized lending in layers, with MetaMorpho enabling any lending experience to be rebuilt on a shared and immutable base layer: Morpho Blue.

Morpho Blue is a trustless lending primitive that offers unparalleled efficiency and flexibility. It enables the creation of isolated lending markets by specifying any loan asset, any collateral asset, a liquidation LTV (LLTV), an oracle, and an interest rate model.

MetaMorpho is a protocol for lending vaults built on Morpho Blue. Anyone can create a vault that allocates to multiple Morpho Blue markets. Each vault is curated to provide suppliers with tailored risk exposures, better yields, and greater transparency.

Visit the docs for a complete project overview.

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the # of duplicates.
• 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $5k
  • 2nd: $2.5k
  • 3rd: $1.25k
  • 4th: $625
  • 5th: $625

Scope

Check out the previously recorded read through of the repos for both competitions on cantina twitter.

Morpho Blue IRM

• Repository: morpho-org/morpho-blue-irm
• Commit: c2b1732fc332d20a001ca505aea76bd475e95ef1
• Total LOC: 134
• Files: all files in src

Morpho Blue Oracles

• Repository: morpho-org/morpho-blue-oracles
• Commit: d351d3e59b207729d785ec568ed0d2ee24498189
• Total LOC: 92
• Files: all files in src

MetaMorpho

• Repository: morpho-org/metamorpho
• Commit: f4e2574029743088a8800149593fa997ab66f0f8
• Total LOC: 642
• Files: all files in src except the mocks folder

Morpho Blue Bundlers

• Repository: morpho-org/morpho-blue-bundlers
• Commit: 5099e5fef9a82a500b875eb81b90c2deca1de243
• Total LOC: 983
• Files: all files in src except the mocks and goerli folders

Universal Rewards Distributor

• Repository: morpho-org/universal-rewards-distributor
• Commit: 94a604c926a4878661f38a8f3b05cd61c95c7b84
• Total LOC: 181
• Files: all files in src

ERC20Permissioned

• Repository: morpho-org/erc20-permissioned
• Commit: 5176577690da4611a2c4de7a2591d431458ffb27
• Total LOC: 55
• Files: all files in src

Out of Scope issues

Any findings on the previous review from OpenZeppelin / Cantina Managed review will be considered out of scope.

On top of that, automated findings from 4nalyzer will also be considered out of scope.

Superform Competition

The competition at a glance:

• November 27th 20:00 UTC to December 18th 20:00 UTC
• $140,000 total prize pool.

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the number of duplicates.
• 10K USDC of the prize pot is reserved for Low Severity or Informational findings. These reports are judged based on quality and researchers are ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $5,000
  • 2nd: $2,500
  • 3rd: $1,250
  • 4th: $625
  • 5th: $625

Scope

Check out the previously recorded read through of the repos for both competitions on cantina twitter and here.

ERC1155A

• Repository: superform-xyz/ERC1155A
• Commit: e7d53f306989ba205c779973d1b5e86755a1b9c0
• Total LOC: 388
• Files: all files in src

Superform Core

• Repository: superform-xyz/superform-core
• Commit: 29aa0519f4e65aa2f8477b76fc9cc924a6bdec8b
• Total LOC: 6470
• Files: all files in src

Out of Scope issues

Any findings on the previous review will be out of scope.

On top of that, automated findings from 4nalyzer will also be considered out of scope.

Superform CTF

Hack Superform, keep the money.

• Add your wallet address to your profile (Profile -> Edit Profile -> CTF Addresses).
• The contracts are live, you can (legally) hack it onchain.
• Use cantina code interface to submit a writeup about the exploit, with a link to etherscan / equivalent.
• There is no judging. No severity disputes. No PoC. Just hacking!

Planting The Flags

Starting December 28th, the Superform Protocol will be deployed on Avalanche, BNB Chain, and Polygon. Deposits will be made into 3 vaults on each chain for a total of 9 vaults. Deposits will be made into 3 vaults daily in tranches of $2.5k at 15:00 UTC until all deposits have been made.

The goal is to steal the ERC4626 shares held in Superform Protocol’s Superform contracts and tokens in transit from chain to chain. If stolen, the security researcher can keep the bounty in the vault. Users may do this via any protocol action — creating new Superforms, depositing/withdrawing from the protocol into vaults themselves via our contracts, etc.

Resources:

• Superform V1 Deployment
• Superform Addresses with Deposits

See the full announcement here

Zerolend Competition

ZeroLend is the leading lending market on zkSync!

What are ZeroLend governance contracts

A walkthrough of the governance contracts will be done on 9th of January.

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the # of duplicates.
• 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $4k
  • 2nd: $2k
  • 3rd: $1k
  • 4th: $500
  • 5th: $500

Scope

Basic POC test

• zerolend/incentive-contracts/blob/master/test/Basic.ts

import { loadFixture } from "@nomicfoundation/hardhat-toolbox/network-helpers";
import { expect } from "chai";
import { deployFixture } from "./fixtures/core";

describe("Basic", function () {
  it("Should deploy token properly", async function () {
    const { token, owner } = await loadFixture(deployFixture);
    expect(await token.owner()).to.equal(owner.address);
    expect(await token.owner()).to.equal(owner.address);
  });
});

Zerolend incentive-contracts

• Repository: zerolend/incentive-contracts
• Commit: 3fbcd817c310d1682d2301d23233f0fc7e7d1f00
• Total LOC: 2,401
• Files: all files in src

Out of Scope issues

• Previous security reviews.
• Automated findings from 4naly3er.

Olas Competition

Olas is a unified network for off-chain services like automation, oracles, co-owned AI. It offers a stack for building services and a protocol for incentivizing their creation and their operation in a co-owned and decentralized way.

The competition at a glance:

• Monday, January 15th 20:00 UTC until Friday, January 26th 20:00 UTC
• $50,000 total prize pool.

Documentation

• Bonding_mechanism_with_liquidity_on_Solana_v1_v2.pdf
• Vulnerabilities_list_solana_lockbox_v1.pdf

Further documentation on OLAS tokenomics and OLAS protocol can be found in what follows:

• Autonolas_tokenomics_audit.pdf
• Whitepaper.pdf
• Autonolas_Tokenomics_Core_Technical_Document.pdf

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the # of duplicates.
• 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $2.5k
  • 2nd: $1.25k
  • 3rd: $600
  • 4th: $400
  • 5th: $250

Scope

Build Instructions

• Pre-requisites and development steps for lockbox can be found here: valory-xyz/lockbox-solana/tree/main/lockbox#readme
• Pre-requisites and development steps for lockbox2 can be found here: valory-xyz/lockbox-solana/tree/main/lockbox2#readme

Basic POC test

• Basic POC for lockbox can be found here: lockbox/tests/lockbox_init.ts
• Basic POC for lockbox 2 can be found here: lockbox2/tests/lockbox_init.ts

Olas Contracts

• Repository: github.com/valory-xyz/lockbox-solana
• Commit: 1736f39671c263311b0cedee290aef7eb9a81ef8
• Total LOC: 1,162
• Files: all files in src

Out of Scope issues

Known issues Vulnerabilities_list_solana_lockbox_v1.pdf and any issues documented in the doc folders valory-xyz/lockbox-solana/tree/main/lockbox/doc and valory-xyz/lockbox-solana/tree/main/lockbox2/doc or in the audits folders valory-xyz/lockbox-solana/tree/main/lockbox/audits and valory-xyz/lockbox-solana/tree/main/lockbox2/audits.

Contact us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

Opal Competition

Visit the docs for an overview of the protocol.

Prize distribution and scoring

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• The prize pool would be $30k in USDC and ~10K USD worth of Balancer Token (10,831 BAL).

Scope

The scope is the following. You can also see the out-of-scope items greyed out in the navigation bar in Cantina Code. And selecting In Scope will also directly list them.

OpalProtocol/opal-contracts

Out of Scope issues

Automated findings from 4naly3er.

Contact Us

For any issues or concerns regarding this competition, please reach out to cbym on discord.

Arcade.xyz V4 competition

Competition at a glance

• Thursday, February 22nd 20:00 UTC to Thursday, March 7th 20:00 UTC
• Total Prize Pool: $60,000

What is Arcade

Arcade.xyz is the first of its kind Web3 platform to enable liquid lending markets for NFTs. At Arcade.xyz, we think all assets will eventually become digitized and that NFTs represent a 0 to 1 innovation in storing value and ownership attribution for unique digital assets.

Arcade.xyz's focus is on building primitives, infrastructure, and applications enabling the growth of NFTs as an asset class. As such, the first product we released is an innovative peer to peer lending marketplace that allows NFT owners to unlock liquidity on baskets of NFTs on Ethereum. Lenders that hold stablecoins or ERC20 tokens can participate in a new source of DeFi yield by underwriting term loans collateralized by borrowers' NFTs.

Arcade.xyz is our end user application that strives to become the premier liquidity venue for NFTs, via a protocol for NFT collateralized loans with flexible terms. Today NFTs are largely digital representations of artwork and media content, however, our belief is that in the not so distant future NFTs will encompass digital rights, metaverse assets, and digital identity.

For more information about Arcade.xyz, please visit docs.arcadedao.xyz/docs.

Prize distribution and scoring

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted.

Documentation

• Protocol and DAO
• Frontend, Lending Mechanics, FAQs
• Repo README

Scope

• Repository: github.com/arcadexyz/arcade-protocol
• Commit: d5744c758f198df4c62a8eb6d9b07ef08eeb00f6
• Total LOC: 1694
• Chains to be deployed: Ethereum, Base

Out of scope

• Out of scope detailed in AuditScope.md
• Any Known gotchas are considered out of scope
• Automated findings from 4naly3er.

Build Instructions

The project builds as follows

// clone the repo

git clone https://github.com/arcadexyz/arcade-protocol.git

cd arcade-protocol

// install dependancies

yarn install

// compile contracts

yarn compile

// run test suite

yarn test

Basic Proof Of Concept test

Reference the test/Integration.ts test suite. The test fixture provides all necessary lending protocol contracts. You can also utilize the mock contracts in contracts/test/ folder if you need to deploy mocks. Additionally, you can utilize the migration scripts in scripts/v3-migration/ for POC’s related to the V3 migration flows.

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

Eigenlayer Competition

What is Eigenlayer

EigenLayer is a protocol built on Ethereum that introduces restaking, a new primitive in cryptoeconomic security. This primitive enables the reuse of ETH on the consensus layer. Users that stake ETH natively or with a liquid staking token (LST) can opt-in to EigenLayer smart contracts to restake their ETH or LST and extend cryptoeconomic security to additional applications on the network to earn additional rewards.

Prize distribution and scoring

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted.

Documentation

• EigenLayer Contracts - Audit Handbook

Scope

This review concerns the upcoming M2 mainnet upgrade for EigenLayer and EigenDA. The upgrade is scheduled for end Q1/early Q2, and consists of:

• A contract upgrade of our current core contracts from the currently-deployed M1 version to their M2 versions.
• Deployment of EigenDA contracts (and offchain infrastructure), which will integrate with the M2 core contracts.

We are asking for reviewers to dig through the smart contracts for the m2 mainnet upgrade, as well as analyze the upgrade path from the current mainnet deployment to the target contracts.

Eigenlayer Contracts

What is this? Our core contract repo, primarily responsible for:

• restaking LSTs and beacon chain ETH
• deposits/withdrawals of all assets
• allowing stakers to delegate to operators (operators run nodes/infra for AVSs)

Repository: github.com/Layr-Labs/eigenlayer-contracts Commit: 6e588701c5f543ae4cd34fe9c6567cc46c7eb722

Eigenlayer Middleware

What is this? Our AVS contract repo, which AVSs will deploy to allow operators to register and begin providing services.

Repository: github.com/Layr-Labs/eigenlayer-middleware Commit: 61d554403279826fcbc38d421580811e57d29270

Eigenda

What is this? Our AVS offchain repository - mostly offchain components, but also contains the EigenDAServiceManager.sol contract, which inherits from contracts in the middleware repository.

Repository: github.com/Layr-Labs/eigenda Commit: 91838ba58b8e2525c7fd1e4db5e9903551eed326

Out of scope

• Scripts and test files (though it may be a good idea to look through these to understand how things work!)
• Offchain components (most of the EigenDA repo is offchain components!)
• Paused functionality on mainnet: lots of current M1 code on mainnet has been paused since deployment, and will not be unpaused. Please check that any mainnet functions you're looking at are unpaused - if they're paused, chances are it's not worth your time!

Out of scope automated findings generated by LightChaserV3

• Eigenda bot findings
• EigenLayer Contracts bot findings
• Eigenlayer-Middleware bot findings

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

Venus Protocol - Multichain Governance Competition

What is Venus Protocol

Earn, Borrow & Lend on the #1 Decentralized Money Market.

The Venus Protocol is currently deployed on BNB Chain, Ethereum and opBNB, and it will be deployed to more networks soon. Governance proposals are currently managed (created, voted, executed, etc.) on BNB Chain, and with the Multichain governance project these proposals will support commands that will execute privileged functions in the remote networks (Ethereum, opBNB, etc.)

Prize distribution and scoring

Total Prize Pool $58,000

• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• Only High and Medium findings would be accepted for Primary Prize Pool.
• $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st $2,500
  • 2nd $1,250
  • 3rd $500
  • 4th $375
  • 5th $375

Documentation

• Documentation about the Multichain governance project

Scope

Code Overview

Recording

Contracts

• Repository: github.com/VenusProtocol/governance-contracts
• Commit: 2068398975982bab787168cfd58eca4921e3caad

contracts/Cross-chain

• contracts/Cross-chain/BaseOmnichainControllerDest.sol
• contracts/Cross-chain/BaseOmnichainControllerSrc.sol
• contracts/Cross-chain/OmnichainExecutorOwner.sol
• contracts/Cross-chain/OmnichainGovernanceExecutor.sol
• contracts/Cross-chain/OmnichainProposalSender.sol
• contracts/Cross-chain/interfaces/IGovernananceBravoDelegate.sol
• contracts/Cross-chain/interfaces/ITimelock.sol

contracts/Governance

• contracts/Governance/TimelockV8.sol

Build Instructions

$> yarn install
$> npx hardhat compile

Proof of Concept Instructions

The test suite at tests/Cross-chain/Omnichain.ts includes helper functions to make payloads, and a good set of tests covering the different flows. POC could be defined from that file.

Out of scope

• Scripts and test files
• Previous security reviews
  • OpenZeppelin audit (2024/01/19)
  • Certik audit (2024/02/26)

Automated findings generated by LightChaserV3

• Venus bot findings

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.