Project Information

CATEGORY

De-Fi Protocols

NETWORK

Ethereum

DESCRIPTION

From July 25 to August 15, 2022, Ribbon Finance engaged Veridise to review the security of their Earn Vault. The review covered the on-chain contracts that govern the logic of the vault. Veridise conducted the assessment over 6 person-weeks, with 3 engineers reviewing code over 2 weeks. The auditing strategy involved tool-assisted analysis of the source code performed by Veridise engineers. The tools that were used in the audit included a mix of static analyzers.

Audit Report

DURATION

6 person-weeks

COMPLETED

August 19, 2022

SCOPE

This audit is restricted to the Solidity smart contracts of the Earn Vault. As such, Veridise engineers first reviewed the provided documentation to understand the desired behavior of the protocol as a whole. They then inspected the provided tests to understand the desired behavior of the protocol’s contracts as well as how users are expected to interact with them. Afterward, the Earn Vault contracts were assessed for bugs and security issues.

In terms of the audit, the key components include the following:

  • The logic for depositing assets to the vault.
  • The logic for redeeming shares from current deposits.
  • Implementation of function rollToNextRound.
  • Implementation of RibbonVaultPauser.
  • Calculation of management fees and token price per round.
Total Findings
0
Mitigated
0
Critical Severity
0
High Severity
0
Medium Severity
0
Low Severity
0

Considering an audit?
Contact us today!