DeFiner.org
DeFiner.org
Markets
Pools
Swap
Portfolio
Introduction
Protocol Overview
Interest Model
Risks Control Model
Smart Contract Modules
DeFiner SDK
Security
Audits
01 - Taka Security, Aug 2020
02 - Trail of Bits, Sep 2020
03 - Consensys Diligence, Feb 2021
Bug Bounty Program
Deployed contracts
Addresses
Powered by GitBook

02 - Trail of Bits, Sep 2020

Audited by SamzSun who is a reputable white hat hacker and auditor at Trail of Bits

Trail of Bits performed an assessment of the DeFiner protocol. We sought to answer various questions about the security and correctness of the DeFiner protocol, specifically:

● Could an attacker make the protocol calculate balances incorrectly?

● Can an attacker withdraw tokens that do not belong to them?

● Can a malicious user break any features intended to incentivize certain behaviors?

● Could an administrator seriously impact protocol functionality?

● Do features function as intended? Of the findings reported, one would allow a malicious user to prevent a liquidator from claiming any collateral. Another would allow a user to borrow tokens exceeding the LTV of their locked collateral. Several issues would have caused corruption of the protocol’s internal accounting and permitted users to withdraw more tokens than the protocol actually possesses.

Previous
01 - Taka Security, Aug 2020
Next
03 - Consensys Diligence, Feb 2021
Last updated 12 months ago