Zerolend Competition

ZeroLend is the leading lending market on zkSync!

What are ZeroLend governance contracts

A walkthrough of the governance contracts will be done on 9th of January.

Prize distribution and scoring

The prize distribution works as follows:

• Security reviewers will score points for each finding.
• Prizes are distributed proportionally to the number of points scored.
• A High Severity is worth 10 points, and a Medium Severity 3 points.
• Duplicate findings will be resolved using a scoring formula that incentivizes unique findings.
• Duplicate findings will be resolved using the following scoring formula that incentivizes unique findings:
  • Each duplicate finding will be scaled down by $0.9^{n - 1} / n$, where $n$ is the # of duplicates.
• 10% of the prize pot is reserved for Low Severity or informational findings. These reports are judged based on quality and researchers are then ranked from 1st to 5th for the purpose of prize allocation:
  • 1st: $4k
  • 2nd: $2k
  • 3rd: $1k
  • 4th: $500
  • 5th: $500

Scope

Basic POC test

• zerolend/incentive-contracts/blob/master/test/Basic.ts

import { loadFixture } from "@nomicfoundation/hardhat-toolbox/network-helpers";import { expect } from "chai";import { deployFixture } from "./fixtures/core";
describe("Basic", function () {  it("Should deploy token properly", async function () {    const { token, owner } = await loadFixture(deployFixture);    expect(await token.owner()).to.equal(owner.address);    expect(await token.owner()).to.equal(owner.address);  });});

Zerolend incentive-contracts

• Repository: zerolend/incentive-contracts
• Commit: 3fbcd817c310d1682d2301d23233f0fc7e7d1f00
• Total LOC: 2,401
• Files: all files in src

Out of Scope issues

• Previous security reviews.
• Automated findings from 4naly3er.