Project Information
CATEGORY
De-Fi Protocols
NETWORK
Polygon
WEBSITE
https://davos.xyz/
DESCRIPTION
From October 21 to November 16, Davos engaged Veridise to review the security of their Stable Asset. The review covered the on-chain contracts that implement the protocol logic. Veridise conducted the assessment over 9 person-weeks, with 3 engineers reviewing code over 3 weeks. The auditing strategy involved tool-assisted analysis of the source code performed by Veridise engineers as well as extensive manual auditing.
Audit Report
SCOPE
This audit reviewed the on-chain behaviors of the Stable Asset, including user deposits and withdrawals, yield collection and distribution via. DeFi strategy primitives, as well as internal behaviors and liquidations. As such, Veridise auditors first reviewed the provided whitepaper and documentation to understand the desired behavior of the protocol as a whole. Then, the auditors inspected the provided tests to better understand the desired behavior of the provided contracts at a more granular level. Finally, auditors began a multi-week manual audit of the code assisted by both static analyzers and automated testing.
In terms of the audit, the key components include the following:
- The ERC4626 MasterVault and Waiting Pool
- MasterVault Yield Farming Strategies
- Davos Swap Pool
- Davos Colander Lossless Auction Purchasing Contract and Rewards
- Davos’s inherited components from Helio