Smart contract security audit report - NoahSwappdf
Smart contract security audit report - NoahSwappdf
Page 1 of 260
Admin CA shared this file. Want to do more with it?
  1. NoahSwapSmartContractSecurityAuditNo.202309081820Sep8th,2023SECURINGBLOCKCHAINECOSYSTEMWWW.BEOSIN.COM
  2. ```NoahSwapSecurityAuditPage2of26Contents1Overview...........................................................................................................................................................61.1ProjectOverview....................................................................................................................................61.2AuditOverview.......................................................................................................................................61.3AuditMethod..........................................................................................................................................62Findings............................................................................................................................................................8[NoahSwap-01]ThenewOrderNativefunctionlacksmsg.valuevalidation..........................................9[NoahSwap-02]Thecentralizationrisksofdeputyauthority..............................................................11[NoahSwap-03]TheliquiditywithdrawalofNoahswapTokenislimited............................................12[NoahSwap-04]Theecrecoverfunctiondoesnotcheckthe0address............................................13[NoahSwap-05]Thetokensenderinthedeposit_forfunctionisnotreasonable.............................14[NoahSwap-06]Modifykeyvariablesmissingtriggerevents..............................................................15[NoahSwap-07]Theredundantcoded...................................................................................................173Appendix........................................................................................................................................................193.1VulnerabilityAssessmentMetricsandStatusinSmartContracts.................................................193.2AuditCategories.................................................................................................................................223.3Disclaimer............................................................................................................................................243.4AboutBeosin.......................................................................................................................................25
  3. ```NoahSwapSecurityAuditPage3of26SummaryofAuditResultsAfterauditing,5Low-riskand2InfoitemswereidentifiedintheNoahSwapproject.SpecificauditdetailswillbepresentedintheFindingssection.Usersshouldpayattentiontothefollowingaspectswheninteractingwiththisproject:LowFixed:4Acknowledged:1InfoFixed:2RiskDescription:DuetotheNOAHtoken'srestrictions,whentherecipientisanuniswapPairwithabalancethatexceedsthemaxHoldingAmountlimit,userattemptstoremoveliquiditymayfail.
  4. ```NoahSwapSecurityAuditPage4of26ProjectDescription:BusinessoverviewWithinthescopeofthisaudit,sixmodulesoftheNoahSwapprojecthavebeenincluded,namely,assetsManage,claim,Noahtoken,stake,veNoah,andvote.Below,eachmodule'sbusinesslogicisdescribedindividually.1.IntheassetsManagemodule,contractshavebeendeployedonfourchains:Arbitrum,BNBChain,Ethereum,andPolygon.Whenusersparticipateinthismodule,theyneedtoobtainsignaturedatageneratedbytheprojectteaminadvanceandapprovetothecontract.Whencreatinganorder,userscanusetheTokenspecifiedinthesignatureornativetokentotransfertothe'to'addressintheorder(the'to'addressmusthavethe`_collectWallets`statussettotrue).Thedeputyhastheauthoritytowithdrawspecifiedtokensornativetokensfromthecontract.2.TheclaimmoduleisdeployedonEthereum.Userswhoparticipateinthismoduleneedtoobtainthesignaturedatageneratedbytheprojectteamontherespectivechaininadvance.Userscanclaimthreetypesofassets:ERC20tokensspecifiedinanOrder,ETH,andNFTs.Afterclaiming,thecorrespondingassetsaretransferredtothecaller'saccount.3.TheNOAHtokenisdeployedonEthereumwithatotalsupplyof500million.Thedeputyhastheauthoritytosetauser'sblackliststatus,whereifauser'sblackliststatusissettotrue,theywillbeunabletoperformNOAHtokentransfers.WhentheuniswapPairissettothezeroaddress,onlythecontract'sownerisallowedtoperformtransfers.Furthermore,thedeputyhastheauthoritytoenablethecontract'slimitedstatus.Withlimitedstatusenabled,users'removalofliquidityandmaximumpurchaseofNOAHtokenscannotexceedthemaxHoldingAmount.4.ThestakemoduleisdeployedonEthereum.Usersarerequiredtoobtaintheproject'ssignaturesinadvanceandtransferthespecifiedassetsandquantitiesfromtheOrdertothestakecontract.Whenwithdrawingtheprincipal,usersneedtoobtaintheproject'swithdrawalsignaturedata,fromwhichtheycanextract'stakedAndRewards'astheprincipalandrewardamount.5.TheveNoahmoduleisdeployedonEthereum.UsersarerequiredtoacquireNOAHtokensinadvancetoinvokethecreate_lockfunctionandcreatealockingrecordtoobtainveNoahtokens.Duringthelockingprocess,usersneedtospecifythelockingamountandtheunlocktime.Themaximumvotingpoweravailabletoauserisdeterminedbasedontheirchosen_unlock_time.Itiscalculatedasaproportionofthetimedurationfromthecurrenttimestamptothespecified
  5. ```NoahSwapSecurityAuditPage5of26_unlock_timeoveraperiodoffouryears.Thisproportionisthenmultipliedbythestakedamounttodeterminethemaximumvotingpower.Ifauserselectsasmaller_unlock_time,themaximumvotingpowertheycanuseisalsoreduced.Additionally,thismaximumvotingpowergraduallydecaystozeroovertime,basedonthedurationandtheuser'sslope.Afterthelockingperiodends,usershavetheoptiontofullywithdrawtheirstakedtokens6.ThevotemoduleisdeployedonEthereum.UserscanparticipateinvotingonthiscontractafterlockingNoahtokens.The_deputyisgrantedtheauthoritytocreateavoteId.UserscanvoteduringthedurationofavoteIdandallocateweightstodifferentoptionIds.ThetotalweightsspentforeachvoteIdcannotexceed10,000.The_deputyhastheabilitytoprematurelyconcludeavote
  6. ```NoahSwapSecurityAuditPage6of261Overview1.1ProjectOverviewProjectNameNoahSwapProjectlanguageSolidity,vyperPlatformEthereum,BNBchain,Arbitrum,PolygonContractAddressBNBchain:0xec1270D291c6C0448660bde2F74A674a5c303e3b0xF2996DbEF3ce2DFD550f8339113852D847E89beC0xddf17466083fD6CB4e34b2A14C6f900062B060920xD8fc7452FEe33BE394b2368CD5e23dD9061Db6880x9703077aAC74aED21Ee06bc94A71ecE826Efb8370x2a313AD2ab1EA230E8b5bB06C6E6100BFb75E1C80xBF2B6a27c30df904790a7cd3eAD35C06637e7014Arbitrum:0xec1270D291c6C0448660bde2F74A674a5c303e3bEthereum:0xec1270D291c6C0448660bde2F74A674a5c303e3bPolygon:0xec1270D291c6C0448660bde2F74A674a5c303e3b1.2AuditOverviewAuditworkduration:Sep6,2023–Sep8,2023Updatetime:Sep19,2023Auditteam:BeosinSecurityTeam1.3AuditMethodTheauditmethodsareasfollows:1.FormalVerificationFormalverificationisatechniquethatusesproperty-basedapproachesfortestingandverification.PropertyspecificationsdefineasetofrulesusingBeosin'slibraryofsecurityexpertrules.Theserulescallintothecontractsunderanalysisandmakevariousassertionsabouttheirbehavior.Therulesof
  7. ```NoahSwapSecurityAuditPage7of26thespecificationplayacrucialroleintheanalysis.Iftheruleisviolated,aconcretetestcaseisprovidedtodemonstratetheviolation.2.ManualReviewUsingmanualauditingmethods,thecodeisreadlinebylinetoidentifypotentialsecurityissues.Thisensuresthatthecontract'sexecutionlogicalignswiththeclient'sspecificationsandintentions,therebysafeguardingtheaccuracyofthecontract'sbusinesslogic.Themanualauditisdividedintothreegroupstocovertheentireauditingprocess:TheBasicTestingGroupisprimarilyresponsibleforinterpretingtheproject'scodeandconductingcomprehensivefunctionaltesting.TheSimulatedAttackGroupisresponsibleforanalyzingtheauditedprojectbasedonthecollectedhistoricalauditvulnerabilitydatabaseandsecurityincidentattackmodels.TheyidentifypotentialattackvectorsandcollaboratewiththeBasicTestingGrouptoconductsimulatedattacktests.TheExpertAnalysisGroupisresponsibleforanalyzingtheoverallprojectdesign,interactionswiththirdparties,andsecurityrisksintheon-chainoperationalenvironment.Theyalsoconductareviewoftheentireauditfindings.3.StaticAnalysisStaticanalysisisamethodofexaminingcodeduringcompilationorstaticanalysistodetectissues.Beosin-VaaScandetectmorethan100commonsmartcontractvulnerabilitiesthroughstaticanalysis,suchasreentrancyandblockparameterdependency.Itallowsearlyandefficientdiscoveryofproblemstoimprovecodequalityandsecurity.
  8. ```NoahSwapSecurityAuditPage8of262FindingsIndexRiskdescriptionSeveritylevelStatusNoahSwap-01ThenewOrderNativefunctionlacksmsg.valuevalidationLowFixedNoahSwap-02ThecentralizationrisksofdeputyauthorityLowFixedNoahSwap-03TheliquiditywithdrawalofNoahswapTokenislimitedLowAcknowledgedNoahSwap-04Theecrecoverfunctiondoesnotcheckthe0addressLowFixedNoahSwap-05Thetokensenderinthedeposit_forfunctionisnotreasonableLowFixedNoahSwap-06ModifykeyvariablesmissingtriggereventsInfoPartiallyFixedNoahSwap-07TheredundantcodedInfoPartiallyFixed
  9. ```NoahSwapSecurityAuditPage9of26FindingDetails:[NoahSwap-01]ThenewOrderNativefunctionlacksmsg.valuevalidationSeverityLevelLowTypeBusinessSecurityLinesNoahSwap-assetsManage-arbitrum.sol#L387-404NoahSwap-assetsManage-bsc.sol#L387-404NoahSwap-assetsManage-eth.sol#L387-404NoahSwap-assetsManage-polygon.sol#L387-404DescriptionThenewOrderNativefunctionintheassetsManagecontracttypelacksvalidationtocheckwhethermsg.valueisgreaterthanthetotalamountin"payable(order.tos[i]).transfer(order.amounts[i])"forthisspecificcall.Thiscouldpotentiallyresultinthetransferofplatformtokensstoredinthecontract,reducingthetransactioncostforusersbyspendingtheplatformtokensfromthecontract.functionnewOrderNative(uint256id,Ordermemoryorder,bytes32sigR,bytes32sigS,uint8sigV,stringmemorymemo)publicpayable{require(_orderLists[id].endTime==0,"orderexist.");require(_signer==ecrecover(hashOrder(id,order),sigV,sigR,sigS),"signaturecheckfailure.");require(block.timestamp<order.endTime,"wrongendTime.");for(uint256i=0;i<order.tokens.length;i++){require(_collectWallets[order.tos[i]],"wrongcollectaddress");if(order.tokens[i]==address(0)){payable(order.tos[i]).transfer(order.amounts[i]);}else{uint256balance=IERC20(order.tokens[i]).balanceOf(msg.sender);require(balance>=order.amounts[i],"Insufficientbalance.");IERC20(order.tokens[i]).safeTransferFrom(msg.sender,order.tos[i],order.amounts[i]);}}_orderLists[id]=order;emitNewOrder(id,msg.sender,order.tokens,order.amounts,order.tos,order.nusd,order.endTime,memo);
  10. ```NoahSwapSecurityAuditPage10of26}RecommendationItisrecommendedtoaddacheckinthenewOrderNativefunctionthatmsg.Valueisgreaterthanthetotalamountoforder.amountsthistime.StatusFixed.TheprojectpartyaddedsumNativetorecordthetotalamountoforder.amounts,andaddedthejudgmentofmsg.value>=sumNative.functionnewOrderNative(uint256id,Ordermemoryorder,bytes32sigR,bytes32sigS,uint8sigV,stringmemorymemo)publicpayable{uint256sumNative=0;require(_signer!=address(0),"wrong_signer.");require(_orderLists[id].endTime==0,"orderexist.");require(_signer==ecrecover(hashOrder(id,order),sigV,sigR,sigS),"signaturecheckfailure.");require(block.timestamp<order.endTime,"wrongendTime.");for(uint256i=0;i<order.tokens.length;i++){require(_collectWallets[order.tos[i]],"wrongcollectaddress");if(order.tokens[i]==address(0)){payable(order.tos[i]).transfer(order.amounts[i]);sumNative+=order.amounts[i];}else{uint256balance=IERC20(order.tokens[i]).balanceOf(msg.sender);require(balance>=order.amounts[i],"Insufficientbalance.");IERC20(order.tokens[i]).safeTransferFrom(msg.sender,order.tos[i],order.amounts[i]);}}require(msg.value>=sumNative,"wrongmsg.value");_orderLists[id]=order;emitNewOrder(id,msg.sender,order.tokens,order.amounts,order.tos,order.nusd,order.endTime,memo);}
  11. ```NoahSwapSecurityAuditPage11of26[NoahSwap-02]ThecentralizationrisksofdeputyauthoritySeverityLevelLowTypeBusinessSecurityLinesNoahSwap-vote-eth.sol#L173-179DescriptionThedeputyhastheauthoritytoprematurelyclosethevoteusingthecloseVotefunction,whichcouldresultinfewerparticipantsinthevotingprocessandintroduceacertainlevelofcentralizationrisktothevotingoutcome.functioncloseVote(uint256voteId,stringmemorymemo)public{require(msg.sender==_deputy,"onlydeputycandothis");require(_voteLists[voteId].snapshotBlock>0,"votenotexist");_voteLists[voteId].open=false;emitCloseVote(voteId,msg.sender,memo);}RecommendationItisrecommendedthatthecloseVotefunctioncanonlybecalledbythedeputyafteracertainperiodoftimehaselapsedsincethestartofthevote.StatusFixed.TheprojectpartyhasdeletedthecloseVotefunction.
  12. ```NoahSwapSecurityAuditPage12of26[NoahSwap-03]TheliquiditywithdrawalofNoahswapTokenislimitedSeverityLevelLowTypeBusinessSecurityLinesNoahSwap-noah-eth.sol#L238-254DescriptionDuetothepresenceofthe_beforeTokenTransferfunctionintheNoahSwap-noah-ethcontract,whenthesenderistheuniswapPairandthelimitedcheckisenabled,theuser'sbalancecannotexceedthemaxHoldingAmountvalue.Consequently,whenauserattemptstoremoveliquidityfromtheuniswapPair,theremovaloperationmayfailiftheirbalanceexceedsthemaxHoldingAmountlimit.function_beforeTokenTransfer(addressfrom,addressto,uint256amount)overrideinternalvirtual{require(!blacklists[to]&&!blacklists[from],"Blacklisted");if(uniswapPair==address(0)){require(from==_owner||to==_owner,"tradingisnotstarted");return;}if(limited&&from==uniswapPair){require(super.balanceOf(to)+amount<=maxHoldingAmount,"Forbid");}}RecommendationItisrecommendedtosetthemaxHoldingAmountvaluewithinareasonablerange.StatusAcknowledged.
We use cookies to provide, improve, protect and promote our services. Visit our Privacy Policy and Privacy Policy FAQs to learn more. You can manage your personal preferences, including your ‘Do not sell or share my personal data to third parties’ setting using the “Customize cookies” button below.