This report presents the results of our engagement with DeFiner to review DeFiner’s SavingAccount protocol. The review was conducted over two weeks, from Feb 8, 2021 to Feb 19, 2021 by Shayan Eskandari and Alex Wade. A total of 15 person-days were spent.
The security audit uncovered 1 critical, 3 major, 5 medium issues. DeFiner has updated the code according to the reported findings and managed to fix all raised security findings. For the following one major 4.2 and one medium issues. DeFiner decided not to fix as it's common practice in the industry and risk is mitigated.
The detailed report can be found here