How it worksCompetitionsReviewsGuildsBountiesBlog
Sign in

High-signal. Comprehensive bug coverage.

Innovative and familiar platform for competitive code review. Reduces the friction from discovery to submission, from judging to payout.

Book a competition
Hero Image

See documentation →

Competition cover

Babylonchain / Bitcoin Staking Scripts

Live

Since its inception in 2009, Bitcoin the asset only has two major utilities: storage of value and payment. This is due to BTC protocol's preference of stability over programmability. With limited programmability, most Bitcoin utility protocols require Bitcoin HODLERs to trust a third-party, such as sending their Bitcoin to a custody for bridging. Therefore, such Bitcoin utility protocols have only received limited traction.

Babylon introduces the third major utility for Bitcoin: trustless and self-custodial staking. Babylon Bitcoin staking protocol turns Bitcoin into a stakable and slashable asset for any Proof-of-Stake systems. This allows Bitcoin HODLERs to hold their Bitcoins while earning staking rewards from the PoS systems for the slashable security they provide, in the same way as how native PoS token staking works.

This is a brand new significant protocol, and it is at its very early stage. Its success lies in its protection of the Bitcoin stakers. More specifically, as long as:

  1. a Bitcoin staker manages its secret key properly, and

  2. the Bitcoin staker or the delegatee of its PoS attestation power (called a finality provider) does not act maliciously, then

no one can steal or slash the staked Bitcoin, and the Bitcoin staker can safely unbond and/or withdraw the stake as per the protocol.

Achieving such protection requires comprehensive security of the Bitcoin staking protocol at both the algorithm and implementation level. To this end, we have open-sourced all our code, and have decided to launch, on 28th May 2024, a public Bitcoin staking testnet that focuses on the Bitcoin stakers' interaction with the Signet Bitcoin chain and the staking web DApp developed by the Babylon team. No PoS chain and staking reward is involved in this testnet.

In this competition, security researchers and engineers are invited to explore this testnet and our codebase to identify vulnerabilities of the Bitcoin staking protocol. Any findings of issues that could jeopardize the Bitcoin stakers will be highly valuable and will be rewarded.

Prize distribution and scoring

Total Prize Pool $150,000

  • The prize distribution has 2 possible triggers:
    • If one or more valid low/informational severity findings are found, the total pot size is $10,000
    • If one or more valid medium severity findings are found, the total pot size is $20,000
    • If one or more valid high severity findings are found, the total pot size is $150,000
  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • $10,000 of the prize pot is reserved for Low Severity/Informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
    • 1st: $5,000
    • 2nd: $2,500
    • 3rd: $1,250
    • 4th: $675
    • 5th: $675

Documentation

Below are general purpose documentations around the Bitcoin Staking protocol and the lock-only system operated by the current testnet.

Introductory Reading: Bitcoin Staking 101 Series

Technical Documentation

Staking Operator Architecture

Additional Resources

Scope

Repository NameLinkCommit/Tag
Covenant SignerCovenant Signer v0.1.1a06a6b6d41c651e1a61a30692c00beb1305e3a78
Unbonding PipelineCLI Tools v0.1.398ad1d66e91ca8e477090a44492e1c68532dfeb8
Btcstaking Golang LibraryBtcstakingadd420f074751cf53edea5b7a55cca3d34291f5b
Staking API ServiceStaking API Service v0.1.3219662164c1aabb64782582817bb9d782b7ec793
Staking IndexerStaking Indexer v0.1.4c7a3fbce12732856d66629d3bdc65fcd53246b6d
Staking Expiry CheckerStaking Expiry Checker v0.1.0894bb046963ae6bea0008ff3682fd989914fe5ce
Simple StakingSimple Staking4ce7e31915f2d1db98bfeb1d85c604c0a1a18449
btc-staking-tsbtc-staking-ts v0.2.02483c97f6156d507f74ef4dcc814c67c29d44460
staking-queue-clientstaking-queue-client38c87828544a09d4beee74992b2a936b11d944b5

Code Overview

Recording TBD

Transcript TBD

Build Instructions

Covenant Signer

Unbonding Pipeline

  • Description: A CLI job that consumes unbonding requests registered by the API service, contacts covenant emulation committee members to get their signatures on the unbonding transactions, and combines the received signatures to generate valid witness for the unbonding transactions.
  • Repository: CLI Tools v0.1.3
  • Documentation:
  • Build and Run Instructions: CLI Tools Installation

Btcstaking Golang Library

Staking API Service

  • Description: An API service responsible for providing information about the state of the staking system and receiving unbonding requests for further processing. The API can be utilized by user-facing applications such as staking dApps and can show real-time statistical data such as the TVL of the system, staking histories, and more.
  • Repository: Staking API Service v0.1.3
  • Docs: Staking API Service Docs
  • Swagger: Staking API Service Swagger

Staking Indexer

  • Description: The staking indexer is a tool that extracts BTC staking transactions from the Bitcoin blockchain, ensures that it follows the prerequisites for valid staking transactions, and determines whether the transactions should be active or not. All valid staking transactions are transformed into a structured form, stored in a database, and published as events in a RabbitMQ messaging queue for consumption by consumers. The staking indexer is the enforcer of the Bitcoin Staking protocol and serves as the ground truth for the Bitcoin Staking system.
  • Repository: Staking Indexer v0.1.4
  • Docs: Staking Indexer Docs

Staking Expiry Checker

  • Description: A simple service that checks if a staking transaction's timelock has expired.
  • Repository: Staking Expiry Checker v0.1.0
  • Docs: Refer to staking-api-service docs

Simple Staking

  • Description: A front-end dApp for creating Bitcoin staking transactions. It integrates with a set of extension wallets satisfying its expected interface. It is hosted by Babylon and serves as a reference implementation for entities that want to set up their own staking website.
  • Repository: Simple Staking
  • Docs on Wallets: Wallet Integration

btc-staking-ts

  • Description: A typescript library that contains core methods for creating staking, unbonding, and slashing transactions.
  • Repository and Docs: btc-staking-ts v0.2.0

staking-queue-client

  • Description: A Go library that defines the event-based messaging schema in the Babylon network. The current solution is based on RabbitMQ.
  • Repository and Docs: staking-queue-client v0.2.1

Proof of Concept Instructions

The btc-staking-demo repository contains code and instructions for launching all the components of the testnet system as inter-connected Docker containers orchestrated through a docker-compose. It contains a demo script that creates Bitcoin Staking transactions that get propagated across the system. Additionally, it includes documentation on the inter-connections and the expected behavior.

Conflict of Interest

Any employee, contractor, entity or previous auditor that's currently working or worked with Babylon may not participate in the competition

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.

$150,000 USDC

28 May 2024 - 24 Jun 2024

Competition cover

Succinct / SP1

Live

SP1 is a performant, 100% open-source, contributor-friendly zkVM with a novel precompile-centric architecture. It is the only zkVM that is fully open-source, supports the Rust standard library, has customizable precompiles for state of the art performance, and leverages the latest techniques in STARKs for performant recursion and onchain verification.

We’re excited to be hosting this audit competition with the community to continue our ongoing process of ensuring that SP1’s codebase is production-ready and safe to use for developers.

Prize distribution and scoring

Total Prize Pool $110,000

  • The prize distribution has 2 possible triggers:

    • If one or more valid medium severity findings are found, the total pot size is $20,000
    • If one or more valid high severity findings are found, the total pot size is $110,000
  • Scoring described in the competition scoring page.

  • Findings Severities described in detail on our docs page.

  • Only High and Medium findings would be accepted for Total Prize Pool.

Documentation

  • For a detailed description of SP1's architecture, read the technical whitepaper: drive

  • You can also read this document (written by KALOS/rkm0959), which explores many of the angles of attacks on SP1: hackmd

  • At a high-level:

    • core/src/alu

      • Implementation of tables for basic RISC-V opcodes, such as arithmetic instructions like ADD, SUB, MUL, and DIV and bitwise operations like XOR, AND, OR
    • core/src/bytes

      • Tables for byte operations and lookups
    • core/src/memory

      • Tables for initializing and finalizing memory with lookups
    • core/src/operations

      • Helper methods used in AIRs to describe computations over columns
    • core/src/syscall

      • Implementation of precompiles (accelerated computations) and special syscalls like HALT (terminate program) and COMMIT (write to public values)
    • core/src/stark

      • Implementation of core STARK prover
    • etc.

Scope

Repo: https://github.com/succinctlabs/sp1

Commit: 10495837c72f046aaccc81b81dc3c9055e3bf3a2

Contracts

CategoryFileLines
air
builder.rs582
extension.rs120
polynomial.rs271
public_values.rs100
sub_builder.rs85
word.rs100
alu
add_sub.rs41
bitwise.rs37
divrem.rs341
utils.rs26
lt.rs185
mul.rs162
sll.rs130
sr.rs190
bytes
air.rs56
cpu
branch.rs142
ecall.rs159
memory.rs276
mod.rs324
register.rs51
lookup
builder.rs182
memory
global.rs39
program.rs45
operations
field_den.rs47
field_den.rs13
field_inner_product.rs44
field_inner_product.rs8
field_op.rs54
field_op.rs13
field_sqrt.rs48
field_sqrt.rs10
range.rs78
util_air.rs25
add.rs47
add4.rs69
add5.rs73
and.rs19
fixed_rotate_right.rs51
fixed_shift_right.rs49
is_equal_word.rs20
is_zero.rs31
is_zero_word.rs37
not.rs26
or.rs19
xor.rs19
program
eval18
precompiles
ed_add.rs118
ed_decompress.rs103
ed_decompress.rs6
keccak256/air.rs100
sha256/compress/air.rs560
sha256/extend/air.rs197
uint256/air.rs85
weierstrass_add.rs155
weierstrass_decompress.rs103
weierstrass_double.rs165
verifierverify risc-v68
machine verify55
verify shard362
folder

Build Instructions

Proof of Concept Instructions

cd examples
cd fibonacci
RUST_LOG=debug cargo run \--release

Out of scope

  • Lookup multiplicities can wrap over 𝐹p which may allow soundness to break for large program's circuits.

    • SP1 uses the LogUp lookup argument to perform lookups. For large computations, we need to be concerned about scenarios where the multiplicity of a certain lookups may wrap over p, which may break soundness.

    • We currently have a constant called "NUM_BYTE_LOOKUP_CHANNELS" which can be used to increase the overflow to p * NUM_BYTE_LOOKUP_CHANNELS for byte lookups.

  • MemoryInit table can overwrite addresses/values in the MemoryProgram table.

    • Currently, we use the MemoryProgram table (which is preprocessed) to initialize memory values which are constants in the program. However, in the MemoryInit table we can reinitialize those address/values to be different values, which will break the assumption that those values are correctly initialized.
  • We are also aware that registers and memory addresses share the same address space, this means a user can overwrite a register by doing a standard memory access, which also does not currently adhere to the RISC-V specification.

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.

$110,000 USDC

3 Jun 2024 - 23 Jun 2024

Competition cover

Usual / Pegasus

Live

Usual is a Stablecoin DeFi protocol that redistributes control and redefines value sharing. It empowers users by aligning their interests with the platform's success. $USD0 is a USUAL native stablecoin with real-time transparency of reserves, fully collateralized by US Treasury Bills. This eliminates fractional reserve risks and protects against the bankruptcy risks of fiat-backed stablecoins. $USD0 can be locked into $USD0++, a liquid 4-year bond backed 1:1, offering users the alpha-yield distributed as points and ensuring at least the native yield of their collateral. This provides enhanced stability and attractive returns for holders.

Prize distribution and scoring

Total Prize Pool $80000

  • The prize distribution has 2 possible triggers:
    • If one or more valid medium severity findings are found, the total pot size is $15000
    • If one or more valid high severity findings are found, the total pot size is $80000
  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • Only High and Medium findings would be accepted for Primary Prize Pool.

Documentation

Scope

src
├── daoCollateral
├── interfaces
├── oracles
├── registry
├── swapperEngine
├── token
├── utils 
├── constants.sol
├── errors.sol
└── TokenMapping.sol

Code Overview

Diagram

Contracts

Each Contract has its own markdown file inside the repository with a more in-depth walkthrough. Below is a high level overview summary of the contracts:

Contracts Summary Overview:

Oracles:

AbstractOracle.sol The AbstractOracle contract is inherited by the ClassicalOracle contract, and as such it is not meant to be deployed on its own. It is designed to safely be inherited by upgradable contracts, and upgradable contracts only. The shared logic contained in AbstractOracle includes: Converting the price of the oracle of arbitrary decimals into wad (18 decimals). Computing a quote (USD value) for a given token and amount of tokens. Making sure stablecoins haven’t depegged. Allowing the admin to set the maximum allowed price variation for stablecoins (maxDepegThreshold).

ClassicalOracle.sol The ClassicalOracle contract is used by the DaoCollateral and the SwapperEngine to fetch the price of external tokens implementing chainlinks IAggregator Interface, i.e. RWAs and stablecoins. The price of tokens is used for minting and redeeming the right amount of USD0, and to ensure the proper SwapperEngine USDC -> USD0 swap amounts. It is an upgradable contract and most of the contract’s logic is inherited from AbstractOracle.

Tokens:

Usd0.sol The USD0 contract is designed to manage the USD0 ERC20 Token, implementing functionalities for minting, burning, and transfer operations while incorporating blocklist checks to restrict these operations from blocklisted addresses. USD0 is an ERC-20 compliant token that integrates additional security and access control features to enhance its governance and usability in a regulated environment. It inherits functionalities from Blacklist.sol, ERC20PausableUpgradable and ERC20PermitUpgradeable to manage a blocklist, support permit-based approvals and pausability.

Usd0pp.sol The USD0pp contract is designed to manage the USD0PP ERC20 Token, implementing functionalities for minting, burning, and transfer operations while incorporating blocklist checks to restrict these operations from blocklisted addresses. The USD0pp Token is minted by depositing an equivalent amount of USD0 tokens for a fixed timeframe, during which the USD0 amount is locked. The USD0 tokens can be redeemed back after the fixed timeframe has ended. During the timeframe, holders are eligible to offchain rewards (out of scope for the competition).

Main protocol contracts:

DaoCollateral.sol The DaoCollateral smart contract is designed to facilitate the swapping of Real World Assets (RWAs) to USD0 Stablecoins. This contract enables users to swap their Real World Assets (currently available with Hashnote’s USYC) either for Usual’s stablecoin (USD0) or for USDC (via the SwapperEngine indirectly). Additionally, it provides the functionality to redeem USD0 tokens back into Real World Assets (USYC).

SwapperEngine.sol The SwapperEngine contract is a smart contract designed to facilitate the swapping of USDC tokens for USD0 tokens using an order matching mechanism. The contract allows users to create orders specifying the amount of USDC they wish to swap, and other users can fill these orders by providing USD0 tokens in return. The contract aims to provide a direct token swapping solution without the need for intermediary liquidity pools. The main objective of the SwapperEngine contract is to enable efficient and low-slippage token swaps between users. The contract relies on oracle-based pricing to determine swap prices, which helps minimize slippage. However, liquidity within the contract depends on the availability of active orders, and users may need to wait for new orders to be created if no matching orders are available.

Repository: usual-dao/pegasus

Commit: 05da1a828af59deb401a48cd4b9e3792a2459f98

Build Instructions

forge build

Proof of Concept Instructions

forge test

Out of scope

  • Scripts and test files

Out of scope:

All findings in the audits before.

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.

$80,000 USDC

18 Jun 2024 - 28 Jun 2024

Competition cover

Euler / Euler-v2

Judging

Euler v2 is a modular lending platform with two main components at launch: 1) the Euler Vault Kit (EVK), which empowers builders to deploy and chain together their own customised lending vaults in a permissionless manner; and 2) the Ethereum Vault Connector (EVC), a powerful, immutable, primitive which give vaults superpowers by allowing their use as collateral for other vaults. Together, the EVK and EVC provide the flexibility to build or recreate any type of pre-existing or future-state lending product inside the Euler ecosystem.

Euler Vault Kit:

The Euler Vault Kit is a system for constructing credit vaults. Credit vaults are ERC-4626 vaults with added borrowing functionality. Unlike typical ERC-4626 vaults which earn yield by actively investing deposited funds, credit vaults are passive lending pools.

Users can borrow from a credit vault as long as they have sufficient collateral deposited in other credit vaults. The liability vault (the one that was borrowed from) decides which credit vaults are acceptable as collateral. Interest is charged to borrowers by continuously increasing the amount of their outstanding liability and this interest results in yield for the depositors.

Vaults are integrated with the Ethereum Vault Connector contract (EVC), which keeps track of the vaults used as collateral by each account. In the event a liquidation is necessary, the EVC allows a liability vault to withdraw collateral on a user's behalf.

The EVC is also an alternate entry-point for interacting with vaults. It provides multicall-like batching, simulations, gasless transactions, and flash liquidity for efficient refinancing of loans. External contracts can be invoked without needing special adaptors, and all functionality is accessible to both EOAs and contract wallets. Although each address is only allowed one outstanding liability at any given time, the EVC provides it with 256 virtual addresses, called sub-accounts (from here on, just accounts). Sub-account addresses are internal to the EVC and compatible vaults, and care should be taken to ensure that these addresses are not used by other contracts.

The EVC is responsible for authentication, and vaults are responsible for authorisation. For example, if a user attempts to redeem a certain amount, the EVC makes sure the request actually came from the user, and the vault makes sure the user actually has this amount.

Ethereum Vault Connector

The Ethereum Vault Connector (EVC) is a foundational layer designed to facilitate the core functionality required for a lending market. It serves as a base building block for various protocols, providing a robust and flexible framework for developers to build upon. The EVC primarily mediates between vaults, contracts that implement the ERC-4626 interface and contain additional logic for interfacing with other vaults. The EVC not only provides a common base ecosystem but also reduces complexity in the core lending/borrowing contracts, allowing them to focus on their differentiating factors.

Euler Price Oracles:

Euler Price Oracles is a library of modular oracle adapters and components that implement IPriceOracle, an opinionated quote-based interface. It supports Chainlink, Chronicle, RedStone Core and Pyth through minimal, immutable adapter contracts. The EulerRouter component is a dispatcher contract that maintains a configuration of resolver oracles with an optional fallback. The router can price ERC4626 shares to assets through convertToAsset, making it a convenient entry point contract for EVK pricing.

Reward Streams:

Reward Streams is a powerful and flexible implementation of the billion-dollar algorithm, a popular method for proportional reward distribution in the Ethereum developer community. This project extends the algorithm's functionality to support both staking and staking-free (based on balance changes tracking) reward distribution, multiple reward tokens, and permissionless registration of reward distribution schemes (reward streams). This makes Reward Streams a versatile tool for incentivizing token staking and holding in a variety of use cases.

Prize distribution and scoring

  • Primary Prize Pool: $1,150,000

  • Formal Verification Prize pool: $100,000

  • The Primary prize pool distribution has 3 possible triggers:

    • If one or more valid low severity findings are found, the total pot size is $20,000
    • If one or more valid medium severity findings are found, the total pot size is $200,000
    • If one or more valid high severity findings are found, the total pot size is $1,150,000
  • $20,000 of the prize pot is reserved for Low Severity findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.

    • 1st: $10,000
    • 2nd: $5,000
    • 3rd: $2,500
    • 4th: $1,250
    • 5th: $1,250

Note that for Low findings, we want to encourage high-quality non-trivial submissions. Given that the codebase has gone through multiple reviews before, and due to the large number of participants, we’ll be marking any trivial low / info findings as invalid (these are typically findings generated from a static-analyzer). To reiterate, the above pot is judged on quality alone and not quantity.

Documentation

Links

White Papers

Specs

Audit Reports/Security Reviews

EVC

EVK

Price Oracle

Reward Streams

Scope

Walkthrough

Contracts

  • EVC
    • Commit: f791f94e6e790dd82041908983b57412dc04fb84
    • Total LOC: 980
    • Files:
FileLinesnLinesnSLOCComments
ethereum-vault-connector/src/utils/EVCUtil.sol1091096334
ethereum-vault-connector/src/EthereumVaultConnector.sol12361126603305
ethereum-vault-connector/src/Set.sol31030717085
ethereum-vault-connector/src/ExecutionContext.sol90905419
ethereum-vault-connector/src/interfaces/IERC1271.sol151439
ethereum-vault-connector/src/interfaces/IEthereumVaultConnector.sol4344818297
ethereum-vault-connector/src/interfaces/IVault.sol3316323
ethereum-vault-connector/src/TransientStorage.sol51511923
ethereum-vault-connector/src/Events.sol80802246
ethereum-vault-connector/src/Errors.sol50502522
Totals24081891980863
  • Euler Vault Kit

    • Commit: f6fd0ee3b454630abd961d6471beb0c7eaf1216a
    • Total LOC: 3093
    • Files:
FileLinesnLinesnSLOCComments
euler-vault-kit/src/interfaces/IBalanceTracker.sol2019314
euler-vault-kit/src/interfaces/ISequenceRegistry.sol141338
euler-vault-kit/src/interfaces/IPermit2.sol1615310
euler-vault-kit/src/interfaces/IFlashLoan.sol131237
euler-vault-kit/src/interfaces/IHookTarget.sol141338
euler-vault-kit/src/interfaces/IPriceOracle.sol3212319
euler-vault-kit/src/Synths/EulerSavingsRate.sol26724012972
euler-vault-kit/src/Synths/ERC20Collateral.sol74682733
euler-vault-kit/src/Synths/PegStabilityModule.sol1561568546
euler-vault-kit/src/Synths/ESynth.sol1691699151
euler-vault-kit/src/Synths/IRMSynth.sol1091097416
euler-vault-kit/src/EVault/modules/Liquidation.sol23921711653
euler-vault-kit/src/EVault/modules/Initialize.sol1071076221
euler-vault-kit/src/EVault/modules/Borrowing.sol17117110222
euler-vault-kit/src/EVault/modules/RiskManager.sol1271095526
euler-vault-kit/src/EVault/modules/Vault.sol27526215839
euler-vault-kit/src/EVault/modules/Governance.sol406395216100
euler-vault-kit/src/EVault/modules/BalanceForwarder.sol59593310
euler-vault-kit/src/EVault/modules/Token.sol1031036018
euler-vault-kit/src/EVault/DToken.sol95954432
euler-vault-kit/src/EVault/Dispatch.sol17517512146
euler-vault-kit/src/EVault/IEVault.sol5585414319
euler-vault-kit/src/EVault/EVault.sol24324310030
euler-vault-kit/src/EVault/shared/LTVUtils.sol2020115
euler-vault-kit/src/EVault/shared/BalanceUtils.sol1271146914
euler-vault-kit/src/EVault/shared/Cache.sol1351358026
euler-vault-kit/src/EVault/shared/Events.sol1271273970
euler-vault-kit/src/GenericFactory/BeaconProxy.sol80805016
euler-vault-kit/src/EVault/shared/Errors.sol5959525
euler-vault-kit/src/GenericFactory/GenericFactory.sol2051938867
euler-vault-kit/src/GenericFactory/MetaProxyDeployer.sol29291310
euler-vault-kit/src/EVault/shared/EVCClient.sol1441419615
euler-vault-kit/src/InterestRateModels/IIRM.sol2517415
euler-vault-kit/src/ProtocolConfig/IProtocolConfig.sol3318323
euler-vault-kit/src/ProtocolConfig/ProtocolConfig.sol21821210361
euler-vault-kit/src/EVault/shared/LiquidityUtils.sol1251066318
euler-vault-kit/src/EVault/shared/BorrowUtils.sol19218812819
euler-vault-kit/src/EVault/shared/Constants.sol64643123
euler-vault-kit/src/EVault/shared/AssetTransfers.sol43432214
euler-vault-kit/src/EVault/shared/Base.sol1521489231
euler-vault-kit/src/EVault/shared/Storage.sol212179
euler-vault-kit/src/InterestRateModels/IRMLinearKink.sol74643913
euler-vault-kit/src/EVault/shared/types/AmountCap.sol33331413
euler-vault-kit/src/EVault/shared/types/Snapshot.sol38381913
euler-vault-kit/src/EVault/shared/types/LTVConfig.sol84804720
euler-vault-kit/src/EVault/shared/types/Owed.sol8383568
euler-vault-kit/src/EVault/shared/types/UserStorage.sol76764712
euler-vault-kit/src/EVault/shared/types/Shares.sol7070506
euler-vault-kit/src/EVault/shared/types/VaultCache.sol52522021
euler-vault-kit/src/EVault/shared/types/Assets.sol9191676
euler-vault-kit/src/EVault/shared/types/ConfigAmount.sol3939247
euler-vault-kit/src/EVault/shared/lib/ConversionHelpers.sol2622126
euler-vault-kit/src/EVault/shared/lib/AddressUtils.sol171785
euler-vault-kit/src/EVault/shared/types/VaultStorage.sol78783234
euler-vault-kit/src/EVault/shared/lib/RPow.sol1001005928
euler-vault-kit/src/EVault/shared/types/Flags.sol2525137
euler-vault-kit/src/EVault/shared/lib/SafeERC20Lib.sol53503110
euler-vault-kit/src/EVault/shared/types/Types.sol8282584
euler-vault-kit/src/EVault/shared/lib/RevertBytes.sol2121125
euler-vault-kit/src/EVault/shared/lib/ProxyUtils.sol3030187
euler-vault-kit/src/SequenceRegistry/SequenceRegistry.sol32321114
Totals6345561430931680
FileLinesnLinesnSLOCComments
euler-price-oracle/src/lib/Governable.sol44442215
euler-price-oracle/src/lib/ScaleUtils.sol78703132
euler-price-oracle/src/lib/Errors.sol2525915
euler-price-oracle/src/interfaces/IPriceOracle.sol3011318
euler-price-oracle/src/EulerRouter.sol1531496474
euler-price-oracle/src/adapter/chronicle/IChronicle.sol1612310
euler-price-oracle/src/adapter/chronicle/ChronicleOracle.sol71713429
euler-price-oracle/src/adapter/chainlink/ChainlinkOracle.sol74743630
euler-price-oracle/src/adapter/chainlink/AggregatorV3Interface.sol2310313
euler-price-oracle/src/adapter/pyth/PythOracle.sol1391397651
euler-price-oracle/src/adapter/CrossAdapter.sol63632929
euler-price-oracle/src/adapter/redstone/RedstoneCoreOracle.sol1311316653
euler-price-oracle/src/adapter/lido/IStEth.sol1611310
euler-price-oracle/src/adapter/lido/LidoOracle.sol35351616
euler-price-oracle/src/adapter/BaseAdapter.sol40391717
euler-price-oracle/src/adapter/uniswap/UniswapV3Oracle.sol78783834
Totals1016962450446
  • Reward Streams

    • Commit: 4f63aea41dae996b59d0ba453326b6e97f44f680

    • Total LOC: 392

    • Files:

FileLinesnLinesnSLOCComments
reward-streams/src/interfaces/IBalanceTracker.sol1918313
reward-streams/src/interfaces/IRewardStreams.sol4517610
reward-streams/src/StakingRewardStreams.sol1131086321
reward-streams/src/BaseRewardStreams.sol664617290225
reward-streams/src/TrackingRewardStreams.sol62583018
Totals903818392287

Build Instructions

Basic Proof Of Concept test

System Roles and Privileges

  • Euler DAO: This entity manages the upgrade admin role in GenericFactory (if not revoked), and the admin role in ProtocolConfig. For the purposes of this contest, this role is considered trusted.
  • Vault creators/governors: Anyone can create a vault and optionally retain governance control over it. Governors are responsible for securely configuring their own vaults, and for selecting suitable vaults to use as collateral. For this contest, a vault's governor should be considered trusted so far as users of this vault are concerned (including other vault governors who choose to use it as collateral).
  • EulerRouter price governors: These users are responsible for maintaining the pricing sources used for an oracle. For this contest they can be trusted to not select malicious oracles.
  • Synth owners/minters: These users should be considered trusted in the context of managing the synthetic asset and its distribution.
  • Regular users: Any other user is considered untrusted.

Out of Scope issues

Any previous issue marked as acknowledged/will not fix is not in scope to be reported again. If there has been a fix implemented, the fixed code can be treated as in scope.

  • Issues described in our documentation: in-code comments, in the README and in the whitepapers.
  • Issues found in previous security reviews
  • Issues related to deploy scripts or tests
  • Third party integrations not functioning as advertised
  • Issues related to potentially malicious actions taken by Euler DAO controlled entities are considered out of scope as they are assumed to be trusted
  • Issues related to non Euler DAO/untrusted entities or mistakes made by governors/admins/deployers when configuring vaults or price oracles:
    • The issue will be considered out of scope if it involves a user or vault actively opting to use something created or controlled by the untrusted actor
    • The issue will be considered in scope if there is impact on other disconnected vaults/parts of the system that are not associated with the untrusted actor
  • Issues related to chain re-orgs and network liveness
  • Issues related to non-EVM networks
  • Issues related to Arbitrum, Base, and Optimism networks are in scope. While issues specific to deployment on other EVM networks will be considered valid for low vulnerability payouts only
  • Incompatibilities with ERC-4626 and ERC-20 unless they pose a direct security risk
  • Issues related to non-standard tokens and their behaviors (i.e. weird-tokens)
  • Incorrect hardcoded addresses would be considered low, unless there is a direct loss of funds on deployment from using them.
  • Protocol must change relevant addresses(if any) prior to deploying across multiple chains. These issues are at best low.
  • Automated findings from Lightchaser

EVK-Specific

  • Omniscia EVK web report (see above), since we don't have PDF yet
  • External contracts chosen by the factory admin are assumed to not be malicious:
    • EVC, ProtocolConfig, SequenceRegistry, BalanceTracker, Permit2
  • External contracts chosen by governor are assumed to not be malicious:
    • Underlying tokens, Price Oracles, IRMs, hook targets

Euler Price Oracle-Specific

  • We are aware that some Price Oracles are not compatible with all networks. RedstoneCoreOracle and LidoOracle only work on Ethereum. ChronicleOracle does not (yet) work on Base and Optimism.
  • Issues related to misconfiguration in the constructors, including but not limited to zero addresses, wrong base/quote tokens and invalid decimals.
  • Issues related to a malicious/compromised governor in EulerRouter.
  • Issues related to misconfiguration in EulerRouter, including but not limited to resolving ERC4626 vaults with an insecure convertToAssets method.
  • Issues related to overflows and other math errors must have a demonstrable impact with a concrete scenario.
  • Issues related to reusing an adapter for integrations it was not intended for. For example, using ChainlinkOracle for an AggregatorV3-compatible oracle that is not Chainlink.
  • Issues related to censorship / frontrunning users that interact with Pyth and RedStone. We expect users to interact with the EVC or another multicall-like contract to update the price and retrieve it in a single call.
  • Issues related to using non-crypto price feeds in oracle adapters, including but not limited to Stocks feeds, ETF feeds, Forex feeds and any other feeds that have working hours.
  • Issues stemming from sequencer downtime on L2s, including but not limited to inexistent sequencer liveness checks.
  • Issues stemming from liveness and catastrophic bugs or malicious behaviour in the integrated oracles, including but not limited to Chainlink upgrades, Chronicle caller whitelist, RedStone signers rotating, Pyth downtime due to Wormhole. By using an oracle users choose to accept those trust assumptions.

Reward Stream-Specific

  • Issues related to an incorrect integration of the tracking reward streams (ie, a non-EVK installation)

Automated findings generated by LightChaserV3

$1,250,000 USDC

20 May 2024 - 17 Jun 2024

Competition cover

Blast / Blast

Completed

Blast Competition

Welcome security researchers to the largest competition in history with Blast! Blast is an L2 for the Ethereum ecosystem introducing native yield for ETH and stablecoins.

Say goodbye to flipping tabs, using Discord, copying Github links, and the nuisances of the competition experience of the past and hello to...

Cantina Code. The ultimate code review experience built by security researchers for security researchers. It is our pleasure to have you - we hope you choose to stick around 🪐

What is Blast

How Blast works

AUTO REBASING

Users transact in ETH. Dapps are built around ETH. Blast was designed from the ground up so that ETH itself is natively rebasing on the L2.

L1 STAKING

Blast only became possible this year following Ethereum's Shanghai upgrade. ETH yield from L1 staking, initially Lido, is automatically transferred to users via rebasing ETH on the L2.

T-BILL YIELD

Users who bridge stablecoins receive USDB, Blast's auto-rebasing stablecoin. The yield for USDB comes from MakerDAO's on-chain T-Bill protocol. USDB can be redeemed for USDC when bridging back to Ethereum.

Visit the blast.io for a complete project overview.

Prize distribution and scoring

  • The prize distribution has 3 possible triggers:
    • If one or more valid low/informational severity findings are found, the total pot size is $20,000
    • If one or more valid medium severity findings are found, the total pot size is $200,000
    • If one or more valid high severity findings are found, the total pot size is $1,200,000
  • Scoring described in the competition scoring page.
  • $20,000 of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
    • 1st: 10,000
    • 2nd: 5,000
    • 3rd: 2,500
    • 4th: 1,250
    • 5th: 1,250
  • Note that for Low / Info findings, we want to encourage high-quality non-trivial submissions. Given that the codebase has gone through multiple reviews before, and due to the large number of participants, we’ll be marking any trivial low / info findings as invalid (these are typically findings generated from a static-analyzer). To reiterate, the above pot is judged on quality alone and not quantity.
  • Findings Severities described in detail on our docs page.

Scope

Check out the previously recorded code read through for the competition:

Blast Competition Live Code Walkthrough LINK TBD.

Combined Repo

See the diff against ea28fd1a46e71f207954d60524bd82ee1df61235 which represents upstream to see our unique changes on the OP stack here.

Blast-Geth

Blast-Optimism

Files and Folders in Scope

FolderFile(s)
blast-optimismpackages/contracts-bedrock/src/L1/OptimismPortal.sol
blast-optimismpackages/contracts-bedrock/src/L1/L1StandardBridge.sol
blast-optimismpackages/contracts-bedrock/src/L1/L1CrossDomainMessenger.sol
blast-optimismpackages/contracts-bedrock/src/L1/ResourceMetering.sol
blast-optimismpackages/contracts-bedrock/src/L2/L2StandardBridge.sol
blast-optimismpackages/contracts-bedrock/src/L2/L2CrossDomainMessenger.sol
blast-optimismpackages/contracts-bedrock/src/L2/ERC20Rebasing.sol
blast-optimismpackages/contracts-bedrock/src/L2/WETHRebasing.sol
blast-optimismpackages/contracts-bedrock/src/L2/USDB.sol
blast-optimismpackages/contracts-bedrock/src/L2/Shares.sol
blast-optimismpackages/contracts-bedrock/src/L2/Gas.sol
blast-optimismpackages/contracts-bedrock/src/L2/Blast.sol
blast-optimismpackages/contracts-bedrock/src/mainnet-bridge/*
blast-optimismpackages/contracts-bedrock/scripts/Deploy.s.sol
blast-optimismpackages/contracts-bedrock/src/libraries/Predeploys.sol
blast-optimismop-chain-ops/*
blast-geth*, excluding *_test.go, ./tests/*, gen_*.go

Additional Out of Scope files

FolderFile(s)
blast-optimismpackages/contracts-bedrock/src/mainnet-bridge/yield-providers/TestnetYieldProvider.sol
blast-optimismpackages/contracts-bedrock/src/mainnet-bridge/yield-providers/ETHTestnetYieldProvider.sol
blast-optimismpackages/contracts-bedrock/src/mainnet-bridge/yield-providers/USDTestnetYieldProvider.sol

Out of Scope issues

Any acknowledged / won't fix findings on the previously published reviews will be considered out of scope.

Findings noted as fixed, that in fact are not fixed, or introduce new issues, are considered in scope:

Spearbit: Blast Node Review

All Informational findings are acknowledged. The remaining are noted below:

  • acknowledge / won't fix:
    • 5.3.13 Share remainder becomes increasingly inefficient over time
    • 5.3.12 SubClaimableAmount() can claim more than the maximum claimable balance
    • 5.3.11 Configuring a YieldClaimable account to YieldClaimable resets the claimable balance
    • 5.3.9 To implement TODOs found in the code risking node ops
    • 5.3.3 op-geth/core/vm/contracts.go change makes multiple methods less efficient
  • fixed:
    • 5.1.1 Gas tracking introduces resource consumption related DOS
    • 5.3.10 SelfDestruct permanently deletes all unclaimed yield
    • 5.3.8 No nil check on ZeroClaimRate
    • 5.2.1 MemoryStateDB contains data race in DeleteState()
    • 5.3.7 AllocateDevGas() divide-by-zero can cause denial of service
    • 5.3.6 (b *blast) Run() caller authorization conditionals should be placed before input deserialization
    • 5.3.5 AllocateDevGas() contains redundant hashing
    • (partially addressed -> 1 panic removed, remaining acknowledged) 5.3.4 Invariant panics risk node operation
    • 5.3.2 USDB predeployment is skipped
    • 5.3.1 (i ImmutableConfig) Check() is missing validation checks for new Blast fields

Spearbit: Blast Contracts Review

  • acknowledge / won't fix:
    • 5.2.2 commitYieldReport() will revert when withdrawing insurance to cover negative yield
    • 5.3.6 Fraud recovery logic is missing
    • 5.4.7 WETHRebasing virtual share earns yield
    • 5.4.8 Gas claim rate is non-continuous
    • 5.4.11 claimGasAtMinClaimRate uses all etherSeconds when minClaimRateBips <= zeroClaimRate
    • 5.4.12 etherSeconds can be saved up to be used on vesting subsequent gas claims
    • 5.4.13 USDC to DAI conversion can fail once debt limits are exceeded
  • fixed:
    • 5.2.3 WETHRebasing share price precision issue breaks ERC20 invariants
    • 5.1.4 Changing yield from Claimable cause fund loss
    • 5.1.5 Calling findCheckpointHints() with _firstIndex as 0 will always revert
    • 5.1.6 Withdrawing discounted ETH from L2 always fails
    • 5.1.7 Fund duplication via ERC20 self-transfer
    • 5.1.8 Message can be passed through OptimismPortal to maliciously call ethYieldManager
    • 5.1.3 _delegatecall_uint256_arr_arg_returns_uint256 wrong calldata encoding
    • 5.1.2 L1BlastBridge uses wrong token order when bridging USD yield tokens
    • 5.1.1 msg.sender has to be un-aliased in L2BlastBridge.finalizeBridgeETHDirect()
    • 5.2.1 Inflated _sharePrice() from inclusion of lockedAmount funds
    • 5.2.4 Unset governor allows to steal both yield and gas refund
    • 5.2.5 Unsafe ERC-20 transfer breaks USDT bridging in L1BlastBridge
    • 5.2.6 ETH yield token bridge transactions use fixed gas and are not replayable
    • (resolved by another fix) 5.3.7 Initial depositor can inflate share to siphon yield of smaller deposits
    • 5.3.8 Reinitialization causes metering parameter to be reset
    • 5.3.9 admin in the Insurance contract can never be set
    • 5.3.10 donateETH funds are stuck in OptimismPortal
    • 5.3.11 Actual claim rate may be below minClaimRateBips
    • 5.3.1 YieldManager.finalize can underflow for accumulatedNegativeYields
    • 5.3.3 YieldManager can claim fewer unstaked tokens than expected resulting in insolvency
    • 5.3.4 USDConversions can swap locked funds
    • 5.3.5 YieldManager can stake locked funds
    • 5.4.6 Missing onlyEOA modifier
    • 5.4.9 Standard ERC20Permit allows different name initialisation in constructor and initialiser
    • 5.4.10 Claiming gas can run out of gas in transfer
    • 5.4.14 Unsafe type casts
    • 5.4.5 LidoYieldProvider.isStakingEnabled is incorrect
    • 5.4.4 Non-zero Maker's PSM buyGem() fee will cause DAI to USDC swaps to fail
    • 5.4.3 DSRYieldProvider.sol.isStakingEnabled() does not check liveness of Maker's protocol
    • 5.4.2 Blast.claimYield() should revert when claiming more than the available amount
    • 5.4.1 Admin should not be allowed to revoke its role

3rd external review: TBA

Blast team notes there is sufficient overlap with other already noted fixed or out of scope items.

Other Out of Scope

Automated findings from 4naly3er.

Errors Tests, Mocks, Documentation files are considered out of scope. The exception being where implementation code does not adhere to spec (i.e. implementation errors in scope vs docs typos out of scope).

The following categories of issues are out of scope for this competition.

  • Issues that posit a malicious sequencer operator
  • Issues related to centralization concerns
  • Concerns about the incentives for smart contracts to optimize their gas given that they can claim the sequencer fees caused by their contracts
  • Concerns about regulating Blast's block space since smart contracts can claim their sequencer fees
  • Frontrunning yield updates
  • Increasingly inefficient balance representations caused by Blast's limited precision, constantly increasing share prices
  • Locked funds caused by the sequencer operator finalizing withdrawal requests that turned out to be faulty (i.e. the output root changed)
  • Inability to replay stETH deposits that failed on the L2

Documentation

MiloTruck has put together a fantastic compilation of intro resources for understanding Blast at a base-level here.

Build Instructions

Running Blast locally (against a local L1)

Contact Us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

$1,200,000 USDC

30 Jan 2024 - 20 Feb 2024

Competition cover

Curvance / curvance

Completed

Curvance Competition

Competition at a glance

  • Monday, February 26th 20:00 UTC to Thursday, April 15th 20:00 UTC
  • Total Prize Pool: $375,000

What is Curvance

Curvance at a glance

Curvance is a cross-chain money market for yield bearing assets. Maximize yield while leveraging the full value of your assets. Curvance simplifies DeFi, with a modular system capable of creating complex strategies for users in a single click.

Curvance operates as a hybrid model between a yield optimizer and a cross-margin money market. This model has various characteristics atypical for incumbent money markets such as:

  • Collateral deposits and debt deposits receive two different types of tokens, collateral tokens (cTokens) and debt tokens (dTokens).
  • Rehypothecation has been removed. This allows for the support of long-tail assets which, if borrowable, could introduce systemic risk to DeFi.
  • "Collateral Posting", by introducing a hybrid model, users can yield farm an unlimited amount of assets, but, to leverage the corresponding money market, the collateral must be "posted", like a perpetual exchange. Collateral posting has restrictions on the total amount of exogenous risk allowed to be introduced into the system.
  • Dynamic Interest Rates with interest rate decay, vertex slope can be adjusted upward or downward based on utilization similar to kashi, however, a new continuous negative decay rate is applied every cycle when interest rates slope is elevated.
  • Dynamic liquidation engine allows for more nuanced position management inside the system. Introduces a sliding scale of liquidation between light soft liquidations and aggressive hard liquidations.
  • Bad debt socialization, when a user's debt is greater than their collateral assets, the entire user's account can be liquidated with lenders paying any collateral shortfall.
  • Crosschain gauge system, introducing of gauge system allowing reward streaming to collateral depositors and lenders. With the ability to configure by token and no limit on the number of different token rewards streamed.
  • Delegated actions, ability to delegate user actions to any address, allowing for support for things like limit orders, DCA, take profit, crosschain borrowing, crosschain lending. Some of these are built already in this repo, others are not.

Prize distribution and scoring

Documentation

Scope

The "contracts" folder contains all the smart contracts you will be auditing, excluding:

  • mocks
  • libraries/external
  • interfaces/external

Two solady contracts developed by Vectorized have been included in the audit as we are huge advocates for highly optimized versions of common contract formats and would like to see these fully audited. This means the partial FixedPointMathLib contract, and ERC4626 contracts inside the library folder are intentionally included, and are considered in scope.

Fileblankcommentcode
Architecture
./architecture/CentralRegistry.sol226444607
./architecture/FeeAccumulator.sol122202536
./architecture/ProtocolMessagingHub.sol73142353
./architecture/blastNative/BlastNativeYieldManager.sol82132292
./architecture/utils/SimpleRewardZapper.sol86157240
./architecture/FeeTokenBridgingHub.sol3641166
./architecture/CVELocker.sol87225360
./architecture/OneBalanceFeeManager.sol3436103
./architecture/CurvanceDAOTimelock.sol141452
./architecture/blastNative/BlastCentralRegistry.sol284483
./architecture/blastNative/BlastFeeAccumulator.sol5212
./architecture/utils/blastNative/BlastSimpleRewardZapper.sol5212
./architecture/blastNative/BlastProtocolMessagingHub.sol5210
./architecture/blastNative/BlastCVELocker.sol529
Gauge
./gauge/GaugePool.sol102197425
./gauge/GaugeController.sol3249116
./gauge/GaugeErrors.sol1112
./gauge/blastNative/BlastGaugePool.sol5210
Interfaces
./interfaces/market/IMarketManager.sol2511690
./interfaces/ICentralRegistry.sol486378
./interfaces/market/IMToken.sol2510253
./interfaces/IVeCVE.sol113936
./interfaces/ICVELocker.sol146531
./interfaces/market/IInterestRateModel.sol13230
./interfaces/IProtocolMessagingHub.sol73426
./interfaces/IERC20.sol143225
./interfaces/IGaugePool.sol52725
./interfaces/IOracleRouter.sol74525
./interfaces/blast/IBlastNativeYieldManager.sol12722
./interfaces/market/IPositionFolding.sol22215
./interfaces/IOracleAdaptor.sol31714
./interfaces/IRewardStaking.sol11114
./interfaces/IFeeAccumulator.sol2412
./interfaces/ICVXLocker.sol3410
./interfaces/IGelatoOneBalance.sol219
./interfaces/ICVE.sol5218
./interfaces/IExternalCallDataChecker.sol278
./interfaces/IERC20Metadata.sol557
./interfaces/IDelegateRegistry.sol316
./interfaces/IWETH.sol215
./interfaces/blast/IBlastCentralRegistry.sol215
./interfaces/IERC165.sol1184
./interfaces/ITimelock.sol134
Libraries
./libraries/ERC4626.sol51260216
./libraries/VelodromeLib.sol3769199
./libraries/CurveLib.sol2235123
./libraries/BalancerLib.sol1530104
./libraries/SwapperLib.sol2749104
./libraries/Delegable.sol235566
./libraries/FixedPointMathLib.sol238393
./libraries/Bytes32Helper.sol131931
./libraries/ReentrancyGuard.sol72127
./libraries/BlastYieldDelegable.sol71223
./libraries/CommonLib.sol5815
./libraries/Constants.sol777
Market
./market/MarketManager.sol207587926
./market/collateral/DToken.sol192507731
./market/utils/ComplexZapper.sol73289478
./market/collateral/CTokenBase.sol103389459
./market/LiquidityManager.sol60268445
./market/DynamicInterestRateModel.sol85408444
./market/collateral/CTokenCompounding.sol96274398
./market/utils/PositionFolding.sol85203361
./market/collateral/AuraCToken.sol6180217
./market/collateral/GMCToken.sol6567205
./market/utils/SimpleZapper.sol5098202
./market/collateral/Convex2PoolCToken.sol6272189
./market/collateral/Convex3PoolCToken.sol6272189
./market/collateral/CTokenPrimitive.sol48130186
./market/collateral/PendleLPCToken.sol4862182
./market/checker/CallDataCheckerFor1Inch.sol2710164
./market/collateral/AerodromeStableCToken.sol4464156
./market/collateral/VelodromeStableCToken.sol4463156
./market/collateral/AerodromeVolatileCToken.sol4263153
./market/collateral/VelodromeVolatileCToken.sol4454153
./market/collateral/StakedGMXCToken.sol3738100
./market/checker/CallDataCheckerBase.sol203475
./market/collateral/CTokenCompoundingWithExitFee.sol235747
./market/collateral/blastNative/BlastCTokenCompounding.sol131541
./market/utils/BorrowZapper.sol151749
./market/collateral/blastNative/BlastDToken.sol5216
./market/utils/blastNative/BlastComplexZapper.sol5214
./market/utils/blastNative/BlastSimpleZapper.sol5214
./market/blastNative/BlastMarketManager.sol5212
./market/utils/blastNative/BlastPositionFolding.sol5212
./market/utils/blastNative/BlastBorrowZapper.sol5210
Misc
./misc/CVEInitialDistribution.sol4968196
./misc/CurvanceDAOLBP.sol5666189
Oracles
./oracles/OracleRouter.sol133374497
./oracles/adaptors/curve/Curve2PoolLPAdaptor.sol59124234
./oracles/adaptors/gmx/GMAdaptor.sol5673173
./oracles/adaptors/chainlink/ChainlinkAdaptor.sol50100165
./oracles/adaptors/uniswap/UniswapV3Adaptor.sol4870155
./oracles/adaptors/api3/Api3Adaptor.sol4787142
./oracles/adaptors/redstone/BaseRedstoneCoreAdaptor.sol4495132
./oracles/adaptors/uniV2Base/BaseStableLPAdaptor.sol3379127
./oracles/adaptors/balancer/BalancerStablePoolAdaptor.sol4260123
./oracles/adaptors/pendle/PendlePrincipalTokenAdaptor.sol4262119
./oracles/adaptors/pendle/PendleLPTokenAdaptor.sol4163118
./oracles/adaptors/uniV2Base/BaseVolatileLPAdaptor.sol327199
./oracles/adaptors/wrappedAggregators/BaseWrappedAggregator.sol223288
./oracles/adaptors/curve/CurveBaseAdaptor.sol242966
./oracles/adaptors/redstone/ArbitrumRedstoneCoreAdaptor.sol121120
./oracles/adaptors/redstone/EthereumRedstoneCoreAdaptor.sol121120
./oracles/adaptors/wrappedAggregators/SavingsDaiAggregator.sol6725
./oracles/adaptors/wrappedAggregators/StakedFraxAggregator.sol7724
./oracles/adaptors/wrappedAggregators/WstETHAggregator.sol7624
./oracles/adaptors/velodrome/VelodromeVolatileLPAdaptor.sol151540
./oracles/adaptors/camelot/CamelotStableLPAdaptor.sol151536
./oracles/adaptors/camelot/CamelotVolatileLPAdaptor.sol151536
./oracles/adaptors/velodrome/VelodromeStableLPAdaptor.sol151536
./oracles/adaptors/balancer/BalancerBaseAdaptor.sol154629
./oracles/adaptors/BaseOracleAdaptor.sol193040
Token
./token/VeCVE.sol191471784
./token/OCVE.sol5557184
./token/CVE.sol5381156
./token/ChildCVE.sol273986
./token/blastNative/BlastCVE.sol528
./token/blastNative/BlastVeCVE.sol528
SUM:4333936316120

Out of scope

Out of scope automated findings generated by LightChaserV3

Build Instructions

The project readme details the build instructions.

Basic Proof Of Concept test

From the CANTINA_README:

### Tests
Attached in this repo you will find just over 1,000 tests in categories such as unit tests/integration tests/stateless fuzzing tests. Additionally, you will also find a substantial stateful fuzzing testing harness with just over 200 invariants tests. This was built in collaboration with Trail of Bits and covers VeCVE and most of the Curvance Money Markets. You can also find an attached readme in the fuzzing suite folder covering running the harness locally or in the cloud. Other tests can be ran simply via forge tests. Additional information on running the test suite can be found in the repo readme.

### Proof of Concepts
As part of the test suite inside Curvance, you will find many testing base contracts that set up Curvance and test various functionality. These are perfect to utilize when you want to work on a proof on concept for a bug. Feel free to mess around with test suite and to modify the testing deployments for whichever scenarios you would like to explore.

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

$375,000 USDC

27 Feb 2024 - 15 Apr 2024

Competition cover

AAVE / Aave v3.1 Competition

Completed

Aave v3 is a liquidity protocol running on multiple EVM-compatible networks, where user can supply and borrow liquidity.

The v3.1 version target of this competition is an upgrade of the implementation smart contracts of Aave v3, focusing on improving its security and different operational aspects. More extensive information about Aave v3.1 can be found on the Aave governance forum HERE.

aave.com

Prize distribution and scoring

Total Prize Pool $150,000

  • The prize distribution has 3 possible triggers:
    • If one or more valid low/informational severity findings are found, the total pot size is $20,000
    • If one or more valid medium severity findings are found, the total pot size is $50,000
    • If one or more valid high severity findings are found, the total pot size is $150,000
  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • Only High and Medium findings would be accepted for Primary Prize Pool.
  • $20,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st $10,000
    • 2nd $5,000
    • 3rd $2,000
    • 4th $1,500
    • 5th $1,500

Documentation

Scope

Contracts

Repository: github.com/aave-dao/aave-v3-origin Commit: 38e7cfb49069837fae99750d8db37f19735fedd7

Repository: github.com/bgd-labs/protocol-v3.1-upgrade Commit: a80a0fb843e4aef524bad5acd8185a470d5d712f

  • Only the logic affected by the 3.1 code changes is in-scope. However, unintended consequences of these changes on other logic of Aave v3 core contracts eligible for prizes on the contest.

    For a more clear overview of the exact changes between Aave v3 and Aave v3.1, we recommend to check the diff files on the codebase included HERE.

Code Overview

AAVE Code Walkthrough Recording

Build Instructions

The 2 repositories in scope contain instructions to setup the project and run tests:

Both are standard Foundry-based repositories.

Proof of Concept Instructions

For tests/PoC on a local test environment with a clean deployment of Aave v3.1, a basic template can be found on https://github.com/aave-dao/aave-v3-origin/blob/main/tests/template/BaseTest.t.sol

To do any tests/PoC based on 3.1 being applied in production, a basic template can be found on https://github.com/bgd-labs/protocol-v3.1-upgrade/blob/main/tests/template/EthereumBaseTest.t.sol

Out of scope

  • Problems arisen from misusage of permissioned entry-points are out of scope. E.g. an address with POOL_ADMIN role passing wrong parameters.
  • Only problems caused directly or indirectly by the 3.1 changes are in scope, not those applicable on v3 already.
    • Example of In-Scope: a new attack vector caused by the introduction of virtual accounting, more severe than the same vector on v3.
    • Example of Out-of-Scope: a flash loan attack vector applicable on v3 production, with no relation with any of the new features on v3.1.
  • All assets listed on Aave v3.1. are expected to have minimum liquidity at all times.
  • Virtual accounting can create situations where due to imprecision of other circumstances (e.g. bad debt), some balance of underlying in the aToken contract is temporarily not withdrawable. This is intended and unless opening to some vector causing major loss of funds, out-of-scope.

Out of scope automated findings generated by LightChaser

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord. ",

150,000 GHO

10 May 2024 - 20 May 2024

Competition cover

Superform / core-and-erc1155a

Completed

Superform Competition

The competition at a glance:

  • November 27th 20:00 UTC to December 18th 20:00 UTC
  • $140,000 total prize pool.

Prize distribution and scoring

The prize distribution works as follows:

  • Security reviewers will score points for each finding.
  • Prizes are distributed proportionally to the number of points scored.
  • A High Severity is worth 10 points, and a Medium Severity 3 points.
  • Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
    • Each duplicate finding will be scaled down by 0.9n1/n0.9^{n - 1} / n, where nn is the number of duplicates.
  • 10K USDC of the prize pot is reserved for Low Severity or Informational findings. These reports are judged based on quality and researchers are ranked from 1st to 5th for the purpose of prize allocation:
    • 1st: $5,000
    • 2nd: $2,500
    • 3rd: $1,250
    • 4th: $625
    • 5th: $625

Scope

Check out the previously recorded read through of the repos for both competitions on cantina twitter and here.

ERC1155A

  • Repository: superform-xyz/ERC1155A
  • Commit: e7d53f306989ba205c779973d1b5e86755a1b9c0
  • Total LOC: 388
  • Files: all files in src
FileBlankCommentCode
src/ERC1155A.sol100132362
src/aERC20.sol10726
SUM:110139388

Superform Core

FileBlankCommentCode
src/BaseRouterImplementation.sol143136773
src/crosschain-data/extensions/CoreStateRegistry.sol140130740
src/payments/PaymentHelper.sol147134574
src/crosschain-data/utils/PayloadHelper.sol6028339
src/crosschain-liquidity/DstSwapper.sol7554324
src/forms/ERC4626FormImplementation.sol7765279
src/SuperPositions.sol8071249
src/crosschain-data/adapters/layerzero/LayerzeroImplementation.sol5960235
src/settings/SuperRegistry.sol5877215
src/BaseForm.sol5559204
src/crosschain-data/extensions/TimelockStateRegistry.sol4848195
src/SuperformFactory.sol5855191
src/crosschain-liquidity/lifi/LiFiValidator.sol2759171
src/SuperformRouter.sol3123155
src/forms/ERC4626TimelockForm.sol3347153
src/crosschain-data/adapters/wormhole/automatic-relayer/WormholeARImplementation.sol4450153
src/crosschain-data/adapters/wormhole/specialized-relayer/WormholeSRImplementation.sol4659151
src/types/DataTypes.sol2639149
src/crosschain-data/adapters/hyperlane/HyperlaneImplementation.sol4657145
src/settings/SuperRBAC.sol3570120
src/crosschain-data/BaseStateRegistry.sol4148115
src/crosschain-data/BroadcastRegistry.sol283297
src/payments/PayMaster.sol282982
src/forms/ERC4626KYCDaoForm.sol142376
src/EmergencyQueue.sol283174
src/libraries/DataLib.sol101773
src/crosschain-liquidity/socket/SocketValidator.sol173072
src/BaseRouter.sol212965
src/forms/ERC4626Form.sol121856
src/crosschain-liquidity/socket/SocketOneInchValidator.sol172654
src/libraries/PayloadUpdaterLib.sol10649
src/crosschain-liquidity/BridgeValidator.sol101846
src/libraries/ArrayCastLib.sol10337
src/crosschain-liquidity/LiquidityHandler.sol81930
src/libraries/ProofLib.sol5216
src/crosschain-data/utils/QuorumManager.sol71713
SUM:155416696470

Out of Scope issues

Any findings on the previous review will be out of scope.

On top of that, automated findings from 4nalyzer will also be considered out of scope.

$140,000 USDC

27 Nov 2023 - 18 Dec 2023

Competition cover

Morpho / morpho-blue

Completed

Morpho Blue Competition

Morpho Labs has teamed up with Cantina for the inaugural public security review competition hosted on their new platform by security researchers for security researchers. The competition will run two codebases in parallel: Metamorpho & Morpho Blue.

Competition at a Glance

  • November 13th 10:00 UTC to December 4th 10:00 UTC
  • Metamorpho: $100,000
  • Morpho Blue: $100,000
  • Total Prize Pool: $200,000

What is Morpho Blue and MetaMorpho

Morpho Blue and MetaMorpho form part of the vision to rebuild decentralized lending in layers, with MetaMorpho enabling any lending experience to be rebuilt on a shared and immutable base layer: Morpho Blue.

Morpho Blue is a trustless lending primitive that offers unparalleled efficiency and flexibility. It enables the creation of isolated lending markets by specifying any loan asset, any collateral asset, a liquidation LTV (LLTV), an oracle, and an interest rate model.

Visit the docs for a complete project overview.

Prize distribution and scoring

The prize distribution works as follows:

  • Security reviewers will score points for each finding.
  • Prizes are distributed proportionally to the number of points scored.
  • A High Severity is worth 10 points, and a Medium Severity 3 points.
  • Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
    • Each duplicate finding will be scaled down by 0.9n1/n0.9^{n - 1} / n, where nn is the # of duplicates.
  • 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st: $5,000
    • 2nd: $2,500
    • 3rd: $1,250
    • 4th: $625
    • 5th: $625
Severity levelImpact: HighImpact: MediumImpact: low
Likelihood:HighHighHighMedium
Likelihood:MediumHighMediumLow
Likelihood:LowMediumLowLow

Scope

Check out the previously recorded read through of the repos for both competitions:

Morpho Competition Live Code Walkthrough on twitter.

Morpho Blue

Fileblankcommentcode
src/Morpho.sol12972325
src/interfaces/IMorpho.sol33167111
src/libraries/periphery/MorphoBalancesLib.sol172182
src/libraries/periphery/MorphoStorageLib.sol24976
src/libraries/EventsLib.sol188247
src/libraries/periphery/MorphoLib.sol11646
src/libraries/ErrorsLib.sol232826
src/libraries/MathLib.sol81225
src/libraries/UtilsLib.sol51023
src/libraries/SafeTransferLib.sol5921
src/libraries/SharesMathLib.sol81519
src/interfaces/IMorphoCallbacks.sol53116
src/libraries/MarketParamsLib.sol3810
src/libraries/ConstantsLib.sol678
src/interfaces/IIrm.sol396
src/interfaces/IOracle.sol1104
src/interfaces/IERC20.sol162
SUM:300502847

Out of Scope issues

Any findings on the previous review from OpenZeppelin / Cantina Managed review will be considered out of scope.

Automated findings from 4naly3er.

Contact Us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

$100,000 USDC

13 Nov 2023 - 4 Dec 2023

Competition cover

Morpho / metamorpho-and-periphery

Completed

Metamorpho and Periphery Competition

Morpho Labs has teamed up with Cantina for the inaugural public security review competition hosted on their new platform by security researchers for security researchers.

The competition at a glance:

  • November 16th 10:00 UTC to December 7th 10:00 UTC
  • $100k total prize pool.

What is Morpho Blue and MetaMorpho

Morpho Blue and MetaMorpho form part of the vision to rebuild decentralized lending in layers, with MetaMorpho enabling any lending experience to be rebuilt on a shared and immutable base layer: Morpho Blue.

Morpho Blue is a trustless lending primitive that offers unparalleled efficiency and flexibility. It enables the creation of isolated lending markets by specifying any loan asset, any collateral asset, a liquidation LTV (LLTV), an oracle, and an interest rate model.

MetaMorpho is a protocol for lending vaults built on Morpho Blue. Anyone can create a vault that allocates to multiple Morpho Blue markets. Each vault is curated to provide suppliers with tailored risk exposures, better yields, and greater transparency.

Visit the docs for a complete project overview.

Prize distribution and scoring

The prize distribution works as follows:

  • Security reviewers will score points for each finding.
  • Prizes are distributed proportionally to the number of points scored.
  • A High Severity is worth 10 points, and a Medium Severity 3 points.
  • Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
  • Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
    • Each duplicate finding will be scaled down by 0.9n1/n0.9^{n - 1} / n, where nn is the # of duplicates.
  • 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st: $5k
    • 2nd: $2.5k
    • 3rd: $1.25k
    • 4th: $625
    • 5th: $625

Scope

Check out the previously recorded read through of the repos for both competitions on cantina twitter.

Morpho Blue IRM

Fileblankcommentcode
src/SpeedJumpIrm.sol274587
src/libraries/MathLib.sol101629
src/libraries/ErrorsLib.sol6119
src/libraries/UtilsLib.sol199
SUM:4481134

Morpho Blue Oracles

Fileblankcommentcode
src/ChainlinkOracle.sol94646
src/libraries/ChainlinkDataFeedLib.sol71315
src/interfaces/AggregatorV3Interface.sol5314
src/libraries/VaultLib.sol378
src/libraries/ErrorsLib.sol275
src/interfaces/IERC4626.sol144
SUM:277792

MetaMorpho

  • Repository: morpho-org/metamorpho
  • Commit: f4e2574029743088a8800149593fa997ab66f0f8
  • Total LOC: 642
  • Files: all files in src except the mocks folder
Fileblankcommentcode
src/MetaMorpho.sol202183477
src/interfaces/IMetaMorpho.sol171165
src/libraries/EventsLib.sol223437
src/MetaMorphoFactory.sol132026
src/libraries/ErrorsLib.sol212624
src/libraries/ConstantsLib.sol5108
src/interfaces/IMorphoMarketParams.sol215
SUM:282285642

Morpho Blue Bundlers

  • Repository: morpho-org/morpho-blue-bundlers
  • Commit: 5099e5fef9a82a500b875eb81b90c2deca1de243
  • Total LOC: 983
  • Files: all files in src except the mocks and goerli folders
Fileblankcommentcode
src/migration/interfaces/IAaveV3.sol41356126
src/MorphoBundler.sol3984112
src/migration/interfaces/IAaveV2.sol2415780
src/migration/interfaces/IAaveV30ptimizer.sol12372
src/ERC4626Bundler.sol274547
src/migration/CompoundV3MigrationBundler.sol163841
src/migration/interfaces/ICompoundV3.sol16136
src/migration/AaveV30ptimizerMigrationBundler.sol154235
src/migration/CompoundV2MigrationBundler.sol202834
src/StEthBundler.sol202633
src/BaseBundler.sol172632
src/TransferBundler.sol152628
src/WNativeBundler.sol172426
src/interfaces/IWstEth.sol2125
src/UrdBundler.sol51422
src/ethereum/EthereumBundler.sol4622
src/Permit2Bundler.sol81320
src/migration/AaveV2MigrationBundler.sol132520
src/migration/AaveV3MigrationBundler.sol132420
src/migration/MigrationBundler.sol7916
src/ethereum/EthereumPermitBundler.sol41515
src/PermitBundler.sol31614
src/ethereum/interfaces/IDaiPermit.sol21014
src/interfaces/IMorphoBundler.sol2513
src/libraries/ErrorsLib.sol121713
src/migration/interfaces/ICToken.sol8111
src/migration/interfaces/ICEth.sol7110
src/interfaces/IStEth.sol518
src/ethereum/libraries/MainnetLib.sol457
src/ethereum/migration/AaveV2EthereumMigrationBundler.sol467
src/interfaces/IWNative.sol117
src/ethereum/EthereumStEthBundler.sol466
src/interfaces/IMulticall.sol174
src/migration/interfaces/IComptroller.sol114
src/libraries/ConstantsLib.sol233
SUM:3911043983

Universal Rewards Distributor

Fileblankcommentcode
src/UniversalRewardsDistributor.sol4865100
src/interfaces/IUniversalRewardsDistributor.sol6928
src/UrdFactory.sol81424
src/libraries/EventsLib.sol83119
src/libraries/ErrorsLib.sol71210
SUM:77131181

ERC20Permissioned

Fileblankcommentcode
src/ERC20PermissionedBase.sol253355

Out of Scope issues

Any findings on the previous review from OpenZeppelin / Cantina Managed review will be considered out of scope.

On top of that, automated findings from 4nalyzer will also be considered out of scope.

$100,000 USDC

16 Nov 2023 - 7 Dec 2023

Competition cover

Superform / ctf

Completed

Superform CTF

Hack Superform, keep the money.

  • Add your wallet address to your profile (Profile -> Edit Profile -> CTF Addresses).
  • The contracts are live, you can (legally) hack it onchain.
  • Use cantina code interface to submit a writeup about the exploit, with a link to etherscan / equivalent.
  • There is no judging. No severity disputes. No PoC. Just hacking!

Planting The Flags

Starting December 28th, the Superform Protocol will be deployed on Avalanche, BNB Chain, and Polygon. Deposits will be made into 3 vaults on each chain for a total of 9 vaults. Deposits will be made into 3 vaults daily in tranches of $2.5k at 15:00 UTC until all deposits have been made.

The goal is to steal the ERC4626 shares held in Superform Protocol’s Superform contracts and tokens in transit from chain to chain. If stolen, the security researcher can keep the bounty in the vault. Users may do this via any protocol action — creating new Superforms, depositing/withdrawing from the protocol into vaults themselves via our contracts, etc.

Resources:

See the full announcement here

$100,000 USDC

28 Dec 2023 - 14 Jan 2024

Competition cover

Eigenlayer / eigenlayer-contracts

Completed

Eigenlayer Competition

What is Eigenlayer

EigenLayer is a protocol built on Ethereum that introduces restaking, a new primitive in cryptoeconomic security. This primitive enables the reuse of ETH on the consensus layer. Users that stake ETH natively or with a liquid staking token (LST) can opt-in to EigenLayer smart contracts to restake their ETH or LST and extend cryptoeconomic security to additional applications on the network to earn additional rewards.

Prize distribution and scoring

Documentation

Scope

This review concerns the upcoming M2 mainnet upgrade for EigenLayer and EigenDA. The upgrade is scheduled for end Q1/early Q2, and consists of:

  • A contract upgrade of our current core contracts from the currently-deployed M1 version to their M2 versions.
  • Deployment of EigenDA contracts (and offchain infrastructure), which will integrate with the M2 core contracts.

We are asking for reviewers to dig through the smart contracts for the m2 mainnet upgrade, as well as analyze the upgrade path from the current mainnet deployment to the target contracts.

Eigenlayer Contracts

What is this? Our core contract repo, primarily responsible for:

  • restaking LSTs and beacon chain ETH
  • deposits/withdrawals of all assets
  • allowing stakers to delegate to operators (operators run nodes/infra for AVSs)

Repository: github.com/Layr-Labs/eigenlayer-contracts Commit: 6e588701c5f543ae4cd34fe9c6567cc46c7eb722

Fileblankcommentcode
eigenlayer-contracts/src/contracts/core/DelegationManager.sol103328581
eigenlayer-contracts/src/contracts/core/StrategyManager.sol48171269
eigenlayer-contracts/src/contracts/core/AVSDirectory.sol2456103
eigenlayer-contracts/src/contracts/core/Slasher.sol271758
eigenlayer-contracts/src/contracts/core/DelegationManagerStorage.sol216134
eigenlayer-contracts/src/contracts/core/StrategyManagerStorage.sol74733
eigenlayer-contracts/src/contracts/core/AVSDirectoryStorage.sol91720
eigenlayer-contracts/src/contracts/pods/EigenPod.sol110214481
eigenlayer-contracts/src/contracts/pods/EigenPodManager.sol32101225
eigenlayer-contracts/src/contracts/pods/DelayedWithdrawalRouter.sol2447167
eigenlayer-contracts/src/contracts/pods/EigenPodManagerStorage.sol183239
eigenlayer-contracts/src/contracts/pods/EigenPodPausingConstants.sol2159
eigenlayer-contracts/src/contracts/strategies/StrategyBaseTVLLimits.sol133940
eigenlayer-contracts/src/contracts/strategies/StrategyBase.sol35151106
eigenlayer-contracts/src/contracts/permissions/Pausable.sol184969
eigenlayer-contracts/src/contracts/permissions/PauserRegistry.sol91232
eigenlayer-contracts/src/contracts/libraries/Merkle.sol67096
eigenlayer-contracts/src/contracts/libraries/EIP1271SignatureUtils.sol31820
eigenlayer-contracts/src/contracts/libraries/Endian.sol1915
eigenlayer-contracts/src/contracts/libraries/BytesLib.sol76125289
eigenlayer-contracts/src/contracts/libraries/BeaconChainProofs.sol51114244
eigenlayer-contracts/src/contracts/interfaces/IDelegationManager.sol54276136
eigenlayer-contracts/src/contracts/interfaces/IDelegationFaucet.sol9132
eigenlayer-contracts/src/contracts/interfaces/IEigenPod.sol389788
eigenlayer-contracts/src/contracts/interfaces/ISlasher.sol2810166
eigenlayer-contracts/src/contracts/interfaces/IStrategyManager.sol258551
eigenlayer-contracts/src/contracts/interfaces/IEigenPodManager.sol328647
eigenlayer-contracts/src/contracts/interfaces/IWhitelister.sol9131
eigenlayer-contracts/src/contracts/interfaces/IDelayedWithdrawalRouter.sol163025
eigenlayer-contracts/src/contracts/interfaces/IStrategy.sol136616
eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol103324
eigenlayer-contracts/src/contracts/interfaces/IPausable.sol123914
eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol21312
eigenlayer-contracts/src/contracts/interfaces/IETHPOSDeposit.sol62312
eigenlayer-contracts/src/contracts/interfaces/IPauserRegistry.sol487
eigenlayer-contracts/src/contracts/interfaces/ISocketUpdater.sol5115
eigenlayer-contracts/src/contracts/interfaces/IBeaconChainOracle.sol174
SUM:93727143631

Eigenlayer Middleware

What is this? Our AVS contract repo, which AVSs will deploy to allow operators to register and begin providing services.

Repository: github.com/Layr-Labs/eigenlayer-middleware Commit: 61d554403279826fcbc38d421580811e57d29270

Fileblankcommentcode
eigenlayer-middleware/src/RegistryCoordinator.sol100312507
eigenlayer-middleware/src/StakeRegistry.sol83218414
eigenlayer-middleware/src/IndexRegistry.sol47114182
eigenlayer-middleware/src/BLSSignatureChecker.sol3292166
eigenlayer-middleware/src/BLSApkRegistry.sol3983162
eigenlayer-middleware/src/OperatorStateRetriever.sol214695
eigenlayer-middleware/src/ServiceManagerBase.sol214093
eigenlayer-middleware/src/RegistryCoordinatorStorage.sol103042
eigenlayer-middleware/src/StakeRegistryStorage.sol132125
eigenlayer-middleware/src/BLSApkRegistryStorage.sol91219
eigenlayer-middleware/src/IndexRegistryStorage.sol81718
eigenlayer-middleware/src/libraries/BitmapUtils.sol258985
eigenlayer-middleware/src/libraries/BN254.sol47104199
eigenlayer-middleware/src/interfaces/IStakeRegistry.sol3313580
eigenlayer-middleware/src/interfaces/IRegistryCoordinator.sol316260
eigenlayer-middleware/src/interfaces/IBLSApkRegistry.sol207941
eigenlayer-middleware/src/interfaces/IBLSSignatureChecker.sol113338
eigenlayer-middleware/src/interfaces/IIndexRegistry.sol154926
eigenlayer-middleware/src/interfaces/IServiceManager.sol73214
eigenlayer-middleware/src/interfaces/ISocketUpdater.sol4115
eigenlayer-middleware/src/interfaces/IRegistry.sol184
SUM:57715872275

Eigenda

What is this? Our AVS offchain repository - mostly offchain components, but also contains the EigenDAServiceManager.sol contract, which inherits from contracts in the middleware repository.

Repository: github.com/Layr-Labs/eigenda Commit: 91838ba58b8e2525c7fd1e4db5e9903551eed326

Fileblankcommentcode
eigenda/contracts/src/Imports.sol113
eigenda/contracts/src/core/EigenDAServiceManager.sol223095
eigenda/contracts/src/core/EigenDAServiceManagerStorage.sol92413
eigenda/contracts/src/interfaces/IEigenDAServiceManager.sol182851
eigenda/contracts/src/libraries/EigenDAHasher.sol124648
SUM:92180323

Out of scope

  • Scripts and test files (though it may be a good idea to look through these to understand how things work!)
  • Offchain components (most of the EigenDA repo is offchain components!)
  • Paused functionality on mainnet: lots of current M1 code on mainnet has been paused since deployment, and will not be unpaused. Please check that any mainnet functions you're looking at are unpaused - if they're paused, chances are it's not worth your time!

Out of scope automated findings generated by LightChaserV3

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

$100,000 USDC

27 Feb 2024 - 18 Mar 2024

Competition cover

ZeroLend / incentive-contracts

Completed

Zerolend Competition

ZeroLend is the leading lending market on zkSync!

What are ZeroLend governance contracts

A walkthrough of the governance contracts will be done on 9th of January.

Prize distribution and scoring

The prize distribution works as follows:

  • Security reviewers will score points for each finding.
  • Prizes are distributed proportionally to the number of points scored.
  • A High Severity is worth 10 points, and a Medium Severity 3 points.
  • Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
  • Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
    • Each duplicate finding will be scaled down by 0.9n1/n0.9^{n - 1} / n, where nn is the # of duplicates.
  • 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st: $4k
    • 2nd: $2k
    • 3rd: $1k
    • 4th: $500
    • 5th: $500

Scope

Basic POC test

import { loadFixture } from "@nomicfoundation/hardhat-toolbox/network-helpers";
import { expect } from "chai";
import { deployFixture } from "./fixtures/core";

describe("Basic", function () {
  it("Should deploy token properly", async function () {
    const { token, owner } = await loadFixture(deployFixture);
    expect(await token.owner()).to.equal(owner.address);
    expect(await token.owner()).to.equal(owner.address);
  });
});

Zerolend incentive-contracts

Fileblankcommentcode
./ZeroLocker.sol123268732
./ZLRewardsController.sol89215512
./ZeroLockerTimelock.sol46179297
./FeeDistributor.sol6811228
./StreamedVesting.sol5022186
./interfaces/IZLRewardsController.sol39973
./interfaces/IZeroLocker.sol24463
./Epoch.sol201458
./interfaces/IStreamedVesting.sol9143
./StakingEmissions.sol111040
./VestedZeroLend.sol121039
./BonusPool.sol91035
./ZeroLend.sol81027
./interfaces/IZeroLend.sol31015
./interfaces/IFeeDistributor.sol61015
./utils/RecoverERC20.sol4811
./interfaces/IIncentivesController.sol219
./interfaces/IBonusPool.sol517
./interfaces/IERC20Burnable.sol316
./interfaces/IWETH.sol215
SUM:5337952401

Out of Scope issues

  • Previous security reviews.
  • Automated findings from 4naly3er.

$80,000 USDC

8 Jan 2024 - 25 Jan 2024

Competition cover

Goat Tech / Smart-contracts

Completed

Goat.Tech Competition

What is Goat.Tech

Goat.Tech is a social-financial game, where users play by mainly staking ETH in each other’s “Trust Pool” to earn 10 types of rewards, increase reputation (Trust Score), and find out who’s the GOAT (highest Trust Score). Trust Score is fully on-chain; can be used to attract, assess, and target Web3 prospects. Who needs? KOLs, founders, investors, and more.

The contracts will be deployed on Arbitrum One. While we make sure that even devteam cannot touch users’ locked funds in the Locker contracts, we maintain a certain level of centralization in order to intervene when there are bugs or exploits or urgent needs to upgrade contracts. The Controller contract contains core logic and can be upgraded. Despite a certain level of centralization, it’s impossible for the development team to access users’ locked funds in Locker contracts.

There are 2 roles - owner and admin. All contracts have the same owner address. Owner can change admin addresses. In our case, admin addresses are internal contract addresses, not EOAs, so that only internal contracts can call each other. The natural process of software stability takes time and iteration. We’re committed to removing upgradability from our smart contracts, but this process must first run its course.

Prize distribution and scoring

Total Prize Pool $ 80,000

  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • Only High and Medium findings would be accepted for Primary Prize Pool.
  • $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st $2,500
    • 2nd $1,250
    • 3rd $500
    • 4th $375
    • 5th $375

Documentation

Contracts

Build Goat.Tech with Solidity 0.8.8

There are 8 contract files in the "Contracts" folder

  • Controller.sol (important): contains most of the core logic; allows admin to set/modify protocol parameters; is approved by users to withdraw unlocked funds from Locker contracts.
  • DCT.sol: the $GOAT token contract.
  • GlobalAccessControl.sol: when called by an address, other contracts will call this contract to check whether the calling address has access (is admin) or not.
  • PoolFactory.sol: creates a "Trust Pool" for each user, so that other users can stake ETH in that pool.
  • PrivateVester.sol: allows setting/modifying vesting schedule for $GOAT token.
  • Profile.sol: stores on-chain information and parameters of users.
  • Voting.sol: allows users to create reputation Challenges and allows them to Vote on these Challenges; much like voting on proposals.
  • EthSharing.sol: allow users to edit their pool's configuration, such as pool reward rate and staker reward rate.

There are 10 contract files in the "Modules" folder, which are repeatedly used code (to prevent code duplication)

  • AccessControl.sol: a module used by GlobalAccessControl.sol.
  • Cashier.sol (important): facilitates users' depositing & withdrawing funds to/from other contracts.
  • DToken.sol: dividend token that stands for a share in reward distribution.
  • Distribution.sol (important): distributes rewards to dividend token holders.
  • Earning.sol: stores user earning and calculates different kinds of earnings.
  • Initializable.sol
  • Locker.sol (important): stores locked ETH and $GOAT; only Controller contract is approved (once by each user) to with unlocked funds from Locker contracts.
  • PERC20.sol: private, non-transferrable ERC20.
  • UserAccessControl.sol
  • Vester.sol: stores and unlocks token according to vesting schedule set by PrivateVester contract.

Build Instructions

In order to deploy all contracts —> please use scripts prepared here:

Proof Of Concept Instructions

From 18 contract files above, 21 contracts have been successfully deployed on Sepolia Arbitrum testnet. The Dapp is live on Arb.Goat.Tech

Some of these contracts use the same code, for example DCT_earning and ETH_earning use earning.sol, the xxx_dtoken contracts use dtoken.sol, and the xxx_distributor contracts use distributor.sol.

POOL_FACTORY: '0x8e0caee3d94d5497744e2db30eec2d222739df6d': When a pool is created, a P2U_dtoken for that pool will also be deployed; when a user stake in this pool, it will receive this P2U dtoken which represents its Staking Power in this pool (its share of all rewards received through this pool).
CONTROLLER: '0xb4e5f0b2885f09fd5a078d86e94e5d2e4b8530a7'
PROFILE: '0x7c25c3edd4576b78b4f8aa1128320ae3d7204bec'
DCT_EARNING: '0xecc07bf95d53268d9204ec58788c4df067ce075c': stores and calculate user earning in $GOAT.
ETH_EARNING: '0xf7a08a0728c583075852be8b67e47dceb5c71d48': stores and calculate user earning in ETH.
ETH_LOCKER: '0x0265850fe8a0615260a1008e1c1df01db394e74a': stores locked ETH.
DCT_LOCKER: '0x1033d5f886aef22ffadebf5f8c34088030bb80f3': stores locked $GOAT.
E_P2P_DTOKEN: '0x8b64439a617bb1e85f83b97ea779edef49b9dcb2': a pool owner earns Ep2p dtoken when ETH is staked in its pool; this dtoken balance is called the Trust Score.
D_P2P_DTOKEN: '0x72835409b8b49d83d8a710e67c906ae313d22860': a user earns Dp2p dtoken when staking $GOAT in its own pool; this dtoken balance is called Boost-Vote Power (because it's used to Boost one's Trust Score, and Vote on Challenges); this dtoken represents all $GOAT stakers.
DCT: '0x5bfe38c9f309aed44daa035abf69c80786355136': $GOAT token.
VOTING: '0x896604b21c6e9cbce82e096266dcb5798cdda67b'
E_DP2P_DISTRIBUTOR: '0x6df03a30c6f428b88c2bc9cb150d752935d971d0': airdrop/distribute ETH rewards to all Dp2p dtoken holders ($GOAT stakers) pro-rata.
D_DP2P_DISTRIBUTOR: '0xb087427ba44ed71a40ac80b86e41420b7fb595ec': airdrop/distribute $GOAT rewards to all Dp2p dtoken holders ($GOAT stakers) pro-rata.
MULTICALL: '0xea4172c0033e6e90db9d2ee6e56cd27889ff09c3'
D_P2P_DISTRIBUTOR: '0x88185cd296fd85169ee6152728daaef5fcca9c0a': distribute $GOAT (Mining Reward) in 2 steps - to all pools based pool owners' Trust Score (Ep2p dtoken balance) pro-rata, and then to all stakers in each pool based on each staker's Staking Power (P2U dtoken) in that particular pool pro-rata. 
GLOBAL_ACCESS: '0x588cf1494c5ac93796134e5e1827f58d2a8a9cdb'
DEV_TEAM_DTOKEN: '0x03340c677ae7d887e8c4bd57e2fac10c75c479df': dtoken for Protocol Revenue.
DEV_TEAM_DISTRIBUTOR: '0xa42901fc3a89cd2f3ac97b43cf5069b4ef51f40a': distribute ETH Protocol Revenue pro-rata.
PRIVATE_VESTER: '0x484a42a88eb7f673ec3f688ebb17bfa2341ab562'
DCT_VESTER: '0xcbc65770b01bf12f7ccf8ce25adce9c807510976'
ETH_SHARING: '0xe8330ece50934eac7457a712f9079d7775b04c9a'

How to feed Goat.Tech Trust Score On-Chain:

  • Step 1: retrieve the pool address of a user address by calling the getPool(address) function of contract PoolFactory, which is 0x854626ec1e654ecdce94b39e5896587881f844d4 (on Blast Sepolia).
const pool = await ContractPoolFactory.methods.getPool("0x1c60244959213ba28610dd0702bb50cc98328e75").call()
const dctDistributor = pool.dctDistributor;
  • Step 2: Call balanceOf(pool.dctDistributor) function of contract EP2PDToken, which is 0xda73d0e531fce6ddb355ba7d324e7955ebbe15f0 (on Blast Sepolia).
const trustScore = await ContractEP2PDToken.methods.balanceOf(dctDistributor).call()
  • ABI Interface of contract PoolFactory: PoolFactoryABI.json
  • ABI Interface of contract EP2PDToken: EP2PDTokenABI.json

Out of scope

  • Scripts and test files

Automated findings generated by LightChaserV3

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

$80,000 USDC

19 Mar 2024 - 8 Apr 2024

Competition cover

OP Labs / safe-extensions

Completed

Optimism Safe Extensions Competition

Overview

OP Labs has developed Safe Modules and a Safe Guard for use on the Security Council safe which is involved in upgrades to OP Mainnet and other chains in the Superchain.

These modules and guard provide additional security guarantees and add functionality to the Safe contract used by the Security Council, but are absolutely safety critical to ensure the ability to continue upgrading the system.

Prize distribution and scoring

Total Prize Pool $75,000

  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • Only High and Medium findings would be accepted for the Primary Prize Pool.
  • $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st $2,500
    • 2nd $1,250
    • 3rd $500
    • 4th $375
    • 5th $375

Documentation

The modules and guard of the Security Council Safe are outlined in the specs: security-council-safe.md.

Scope

This contest is focused on extensions to the Safe contracts, which control upgrades to OP Mainnet and other OP Chains.

We are particularly interested in identifying any attacks which could either:

  1. Allow a bypass of authorization.
  2. Introduce the possibility of ‘bricking’ the safe so that it can no longer execute transactions.

A more thorough list of security properties is outlined in the specs linked to above.

Any inaccuracies in the Specs would be considered as a low finding.

Contracts

Configurations

Two possible configurations are being considered. Issues in either configuration are welcome.

The first configuration is as currently deployed to Sepolia.

The second configuration adds a Guardian safe which is a 1 of 1 controlled by the Security Council Safe. This configuration reduces the impact of a flaw in the DeputyGuardianModule which might somehow brick, or allow privilege escalation of, the Security Council Safe. In that event, an upgrade could be used to update the Guardian role.

Build Instructions

The full suite of contracts can be built and tested with the following:

cd packages/contracts-bedrock
pnpm install
pnpm build
pnpm test

Proof Of Concept

The ideal PoC would be based on a minimal modification of one of the existing relevant test files located in packages/contracts-bedrock/test/Safe.

Out of Scope

  • Scripts and test files.
  • Any ethereum-optimism/optimism files not outlined above.
  • Any safe-global/safe-smart-account files not directly interacting with the scope outlines above.

Note that any attacks which require a threshold of signers are out of scope.

Automated findings generated by LightChaserV3

$75,000 USDC

6 May 2024 - 10 May 2024

Competition cover

Arcade.xyz / arcadexyz/arcade-protocol

Completed

Arcade.xyz V4 competition

Competition at a glance

  • Thursday, February 22nd 20:00 UTC to Thursday, March 7th 20:00 UTC
  • Total Prize Pool: $60,000

What is Arcade

Arcade.xyz is the first of its kind Web3 platform to enable liquid lending markets for NFTs. At Arcade.xyz, we think all assets will eventually become digitized and that NFTs represent a 0 to 1 innovation in storing value and ownership attribution for unique digital assets.

Arcade.xyz's focus is on building primitives, infrastructure, and applications enabling the growth of NFTs as an asset class. As such, the first product we released is an innovative peer to peer lending marketplace that allows NFT owners to unlock liquidity on baskets of NFTs on Ethereum. Lenders that hold stablecoins or ERC20 tokens can participate in a new source of DeFi yield by underwriting term loans collateralized by borrowers' NFTs.

Arcade.xyz is our end user application that strives to become the premier liquidity venue for NFTs, via a protocol for NFT collateralized loans with flexible terms. Today NFTs are largely digital representations of artwork and media content, however, our belief is that in the not so distant future NFTs will encompass digital rights, metaverse assets, and digital identity.

For more information about Arcade.xyz, please visit docs.arcadedao.xyz/docs.

Prize distribution and scoring

Documentation

Scope

Fileblankcommentcode
contracts/LoanCore.sol129361451
contracts/RepaymentController.sol3897106
contracts/origination/OriginationController.sol77230313
contracts/origination/OriginationControllerMigrate.sol71183246
contracts/origination/RefinanceController.sol3154125
contracts/origination/OriginationConfiguration.sol3977101
contracts/origination/OriginationCalculator.sol165489
contracts/libraries/OriginationLibrary.sol3091158
contracts/libraries/InterestCalculator.sol116058
contracts/libraries/LoanLibrary.sol77947
SUM:44912861694

Out of scope

Build Instructions

The project builds as follows

// clone the repo

git clone https://github.com/arcadexyz/arcade-protocol.git

cd arcade-protocol

// install dependancies

yarn install

// compile contracts

yarn compile

// run test suite

yarn test

Basic Proof Of Concept test

Reference the test/Integration.ts test suite. The test fixture provides all necessary lending protocol contracts. You can also utilize the mock contracts in contracts/test/ folder if you need to deploy mocks. Additionally, you can utilize the migration scripts in scripts/v3-migration/ for POC’s related to the V3 migration flows.

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

$60,000 USDC

22 Feb 2024 - 7 Mar 2024

Competition cover

Venus Protocol / VenusProtocol/governance-contracts

Completed

Venus Protocol - Multichain Governance Competition

What is Venus Protocol

Earn, Borrow & Lend on the #1 Decentralized Money Market.

The Venus Protocol is currently deployed on BNB Chain, Ethereum and opBNB, and it will be deployed to more networks soon. Governance proposals are currently managed (created, voted, executed, etc.) on BNB Chain, and with the Multichain governance project these proposals will support commands that will execute privileged functions in the remote networks (Ethereum, opBNB, etc.)

Prize distribution and scoring

Total Prize Pool $58,000

  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • Only High and Medium findings would be accepted for Primary Prize Pool.
  • $5,000 of the total prize pool is reserved for Low Severity or informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st $2,500
    • 2nd $1,250
    • 3rd $500
    • 4th $375
    • 5th $375

Documentation

Scope

Code Overview

Recording

Contracts

contracts/Cross-chain

contracts/Governance

Build Instructions

$> yarn install
$> npx hardhat compile

Proof of Concept Instructions

The test suite at tests/Cross-chain/Omnichain.ts includes helper functions to make payloads, and a good set of tests covering the different flows. POC could be defined from that file.

Out of scope

Automated findings generated by LightChaserV3

Contact Us

For any issues or concerns regarding this competition, please reach out to core-team on discord.

$58,000 USDC

22 Mar 2024 - 5 Apr 2024

Competition cover

Olas / lockbox-solana

Completed

Olas Competition

Olas is a unified network for off-chain services like automation, oracles, co-owned AI. It offers a stack for building services and a protocol for incentivizing their creation and their operation in a co-owned and decentralized way.

The competition at a glance:

  • Monday, January 15th 20:00 UTC until Friday, January 26th 20:00 UTC
  • $50,000 total prize pool.

Documentation

Further documentation on OLAS tokenomics and OLAS protocol can be found in what follows:

Prize distribution and scoring

The prize distribution works as follows:

  • Security reviewers will score points for each finding.
  • Prizes are distributed proportionally to the number of points scored.
  • A High Severity is worth 10 points, and a Medium Severity 3 points.
  • Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
  • Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
    • Each duplicate finding will be scaled down by 0.9n1/n0.9^{n - 1} / n, where nn is the # of duplicates.
  • 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
    • 1st: $2.5k
    • 2nd: $1.25k
    • 3rd: $600
    • 4th: $400
    • 5th: $250

Scope

Build Instructions

Basic POC test

Olas Contracts

Fileblankcommentcode
./lockbox/programs/liquidity_lockbox/src/lib.rs9277510
./lockbox/programs/liquidity_lockbox/src/state.rs101367
./lockbox2/programs/liquidity_lockbox/src/lib.rs10387547
./lockbox2/programs/liquidity_lockbox/src/state.rs5738
SUM:2101841162

Out of Scope issues

Known issues Vulnerabilities_list_solana_lockbox_v1.pdf and any issues documented in the doc folders valory-xyz/lockbox-solana/tree/main/lockbox/doc and valory-xyz/lockbox-solana/tree/main/lockbox2/doc or in the audits folders valory-xyz/lockbox-solana/tree/main/lockbox/audits and valory-xyz/lockbox-solana/tree/main/lockbox2/audits.

Contact us

For any issues or concerns regarding Cantina Competitions or Cantina Code - please reach out to us at Cantina.

$50,000 USDC

15 Jan 2024 - 29 Jan 2024

Competition cover

OpalProtocol / opal-contracts

Completed

Opal Competition

Visit the docs for an overview of the protocol.

Prize distribution and scoring

  • Scoring described in the competition scoring page.
  • Findings Severities described in detail on our docs page.
  • The prize pool would be $30k in USDC and ~10K USD worth of Balancer Token (10,831 BAL).

Scope

The scope is the following. You can also see the out-of-scope items greyed out in the navigation bar in Cantina Code. And selecting In Scope will also directly list them.

OpalProtocol/opal-contracts

Fileblankcommentcode
./tokenomics/GaugeFactory.sol261642
./tokenomics/GaugeController.sol119140387
./tokenomics/EscrowedToken.sol4970193
./pools/BPTOracle.sol5058166
./pools/OpalLpToken.sol111449
./pools/Omnipool.sol152222802
./pools/OmnipoolController.sol4158233
SUM:4485781872

Out of Scope issues

Automated findings from 4naly3er.

Contact Us

For any issues or concerns regarding this competition, please reach out to cbym on discord.

$40,000 USDC

12 Feb 2024 - 20 Feb 2024

Competition cover

YOLO Games / YOLO Games

Escalations

YOLO Games is the hub of degen gaming. Play and earn across a range of provably fair, on-chain games.

We have developed 4 new games where players play against the liquidity pool.

  1. Flipper - pick a side on a provably fair coin. If it lands on your predicted side, you win. If not, you lose.

  2. Quantum - pick a number between 0.1 (1000x multiplier) and 95.00285 (1.0526x multiplier). Then select whether you want to 'hit' over or under it.

  3. Laser Blast - you'll fire beams through an asteroid field to decimate the pesky invaders. Each one has a multiplier attached, representing the return you'll earn should you hit them. Adjust the number of rows of asteroids and risk level as you see fit!

  4. Don't Fall In - Ever played Minesweeper? You're presented with panels arranged in a 5x5 grid, which you'll need to jump on. In doing so, you'll reveal what lies beneath: firm ground, or a pool of molten lava. If it's the latter, it's game over. The former? Congrats, you live to flip another panel --- or, you can quit while you're ahead, and cash out.

Prize distribution and scoring

Total Prize Pool $27,500

Documentation

Please refer the competition repository README for the documention on the YOLO Games contract. Additional documentation:

Scope

Contracts

ContractnSLOCComments
DontFallIn.sol379171
ERC20LiquidityPool.sol5524
EthLiquidityPool.sol6024
Flipper.sol19177
Game.sol218122
GameConfigurationManager.sol199118
LaserBlast.sol279134
LiquidityPool.sol8452
LiquidityPoolRouter.sol372188
Quantum.sol220112

Code Overview

Recording

Transcript TBD

Build Instructions

*yarn install \--ignore-scripts*

*forge install foundry-rs/forge-std*

*forge install dapphub/ds-test*

*forge install gelatodigital/vrf-contracts*

*FOUNDRY_PROFILE=local forge test*

Proof of Concept Instructions

A basic POC can be found inside the repo: -test/foundry/AttackPoC.t.sol

Out of scope

  • Previous security review:

  • Standard tokens used:

    • ETH
    • Any non-rebasing and non-taxing ERC-20 tokens except USDB
  • Chains:

    • Blast
  • Admin/Permissioned roles

    • Claim WETH/USDB yield

    • Connect games to liquidity pools

    • Disconnect games from liquidity pools

    • Set elapsed time required for refund

    • Set maximum number of rounds

    • Set liquidity pool limit

    • Set Kelly Fraction basis points

    • Set VRF parameters

    • Set fee recipients

    • Set game fee split

    • Set LaserBlast multipliers

    • Pause/Unpause liquidity pools

Out of scope automated findings generated by LightChaser

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.

$27,500 USDC

27 May 2024 - 8 Jun 2024

The first marketplace for web3 security. We've aggregated the security talent and solutions so you don't have to.

Services

CompetitionsReviewsBountiesGuilds

© 2024 Cantina. All rights reserved.