Project Information

CATEGORY

Smart Contracts

NETWORK

Ethereum

WEBSITE

https://native.org/

DESCRIPTION

From Feb. 20, 2024 to Feb. 28, 2024, Native-Org engaged Veridise to review the security of their Aqua smart contracts. The review covered the contracts for an additional way to provide liquidity for RFQ providers (traders). Traders can borrow swap tokens from Aqua against collateral and later settle the borrow positions. Veridise conducted the assessment over 18 person-days, with 2 engineers reviewing code over 9 days. The auditing strategy involved a tool-assisted analysis of the source code performed by Veridise engineers as well as extensive manual auditing.

Audit Report

DURATION

18 person-days

COMPLETED

March 7, 2024

View Audit Report

SCOPE

The scope of this audit is limited to the contracts/ folder of the source code provided by the Aqua developers, which contains the smart contract implementation of the Aqua. This audit covered the following files

  • contracts/libraries/*
  • contracts/Aqua/*
  • contracts/Compound/*

Aqua integrates in and interacts with with the rest of the Native-Org code base. Therefore, parts of following contracts that interact with Aqua are also included in the scope.

  • contracts/NativeRouter.sol
  • contracts/NativePool.sol
  • contracts/NativeRfqPool.sol
  • contracts/NativePoolFactory.sol

The protocol also has an off-chain component that calculates the parameters and a signature for those parameters to be provided to the external functions in contract. The off-chain component is out of scope of the audit and is considered as a black box implementation. We assume its implementation is correct unless explicitly stated.

Total Findings
0
Mitigated
0
Critical Severity
0
High Severity
0
Medium Severity
0
Low Severity
0

Considering an audit?
Contact us today!

Contact Us