This report presents the results of our engagement with DeFiner to review DeFiner’s SavingAccount protocol. The review was conducted over two weeks, from Feb 8, 2021 to Feb 19, 2021 by Shayan Eskandari and Alex Wade. A total of 15 person-days were spent.

The security audit uncovered 1 critical, 3 major, 5 medium issues. DeFiner has updated the code according to the reported findings and managed to fix all raised security findings. For the following one major 4.2 and one medium issues. DeFiner decided not to fix as it's common practice in the industry and risk is mitigated.

4.2 Users can borrow funds, deposit them, then borrow more

4.6 Price volatility may compromise system integrity

The detailed report can be found here