# 02 - Trail of Bits, Sep 2020

Trail of Bits performed an assessment of the DeFiner protocol. We sought to answer various questions about the security and correctness of the DeFiner protocol, specifically:

&#x20;● Could an attacker make the protocol calculate balances incorrectly?

● Can an attacker withdraw tokens that do not belong to them?&#x20;

● Can a malicious user break any features intended to incentivize certain behaviors?&#x20;

● Could an administrator seriously impact protocol functionality?&#x20;

● Do features function as intended? Of the findings reported, one would allow a malicious user to prevent a liquidator from claiming any collateral. Another would allow a user to borrow tokens exceeding the LTV of their locked collateral. Several issues would have caused corruption of the protocol’s internal accounting and permitted users to withdraw more tokens than the protocol actually possesses.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.definer.org/copy-of-definer.org/security/audits/02-trail-of-bits-sep-2020.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.