Project Information
CATEGORY
Smart Contracts
NETWORK
Ethereum
WEBSITE
https://www.hel.io/
DESCRIPTION
From May 23 to June 13, Helio engaged Veridise to review the security of their Helio Protocol. The review covered the Helio DAO code, the Ceros code, and the reused parts of the MakerDAO smart contract code. Veridise conducted this assessment over 9 person-weeks. The auditing strategy involved tool-assisted analysis of the source code performed by Veridise engineers. The tools that were used in the audit included a combination of static analyzers and bounded model checkers.
Audit Report
SCOPE
To understand the scope of the audit, we first reviewed the Maker Protocol documentation (because the Helio Protocol is based on a fork of Maker) and focused our efforts on understanding the Maker Protocol components used by Helio. In this phase, our main goal was to understand how the Helio Protocol interacts with the Multi-Collateral Dao contracts. Afterwards, we assessed the other Helio Protocol contracts for bugs and security issues.
In terms of the scope of the audit, the key components we considered include the following:
- The Multi-Collateral Dao components used by Helio
- The Helio DAO deposit, borrow, payback, and withdraw methods
- The Ceros deposit and withdraw mechanisms
- The high level business logic