On this weblog, we have now outlined the idea of liquidity staking protocols and auditing pointers for staking protocols. The rules cowl a spread of susceptible spots equivalent to withdrawal mechanisms, rounding errors, exterior calls, payment logic, loops, structs, staking period, and many others. This weblog submit might be a helpful reference for auditing staking protocols and may help you establish potential bugs.
What’s Liquidity Staking?
Liquidity staking permits customers to stake their cryptocurrency holdings and earn rewards with out sacrificing liquidity. As an alternative of locking up their cash for a hard and fast interval, customers can obtain a liquid token that represents their staked property. This token will be traded or used like every other cryptocurrency, permitting customers to make use of their property as they please whereas nonetheless incomes staking rewards.
For instance, you may have 100 ETH you need to stake on the Ethereum community. As an alternative of locking up your ETH for a hard and fast interval, you should use a liquidity staking service like Lido to stake your ETH and obtain a liquid token referred to as stETH in return. With stETH, you possibly can nonetheless commerce or use your staked ETH whereas incomes staking rewards.
Let’s get began with auditing staking contracts:
Look at the entire audit specs out there earlier than starting with the contract code. It might be within the type of a white paper, README information, or one thing else. These will provide you with an concept of what the contract code will include.
When wanting on the audit specification doc for the staking contract, search for these factors:
- Varieties of Charges based mostly and their calculations.
- Rewards mechanism for staked tokens
- Powers of the proprietor
- Will the contract maintain ETH?
- What tokens the contract will maintain?
- Authentic contract from which it’s forked
Verify that the specs match the code. Start with charges and tokenomics, adopted by validation of the proprietor’s authority. Verify that each one rewards and payment values are in accordance with the documentation.
Weak spots to search for?
1. Reward Withdraw Mechanism:
Verify that the staked token rewards mechanism is appropriately carried out and that rewards are distributed pretty and proportionally to all stakers. Initiatives can distribute rewards in two methods: both routinely, on a periodic foundation, or upon request by the customers themselves. A withdrawal operate will be carried out and customised in response to the protocol’s enterprise logic.
Under are a number of checkpoints:
- Verify if any consumer is ready to withdraw greater than its reward + staked quantity.
- Verify for Overflow/underflow within the quantity calculation
- Verify if sure parameters can have a unfavourable influence on rewards throughout calculation.
- If block.timestamp or block.quantity is used on this operate. Verify if it may be exploited in any means.
2. Payment Logic:
If the deposit and withdrawal are topic to some payment, then confirm that no single consumer can bypass the payment. Moreover, be vigilant for any potential overflow or underflow points. Solely the administrator or proprietor must be licensed to change payment settings. Additionally confirm {that a} threshold for optimum charges has been established, stopping the administrator from setting it at an excessively excessive quantity.
3. LP Token’s Minting/Burning Mechanism:
Confirm if the minting and burning mechanisms have been appropriately carried out. A burn operate ought to reverse all state adjustments made by a mint operate. Moreover, it’s essential to confirm that customers obtain the suitable quantity of tokens in the course of the first stake, when the pool is empty.
The logic of minting and burning features will be mathematically verified to uncover any hidden vulnerability. Additionally, the entire provide of LP tokens minted shouldn’t exceed the staked property.
4. Rounding Errors:
Despite the fact that sure minor rounding errors are usually unavoidable and never a priority, they will develop considerably when it’s doable to multiply them. Search for edge circumstances the place one can revenue from rounding errors by repeatedly staking and unstaking.
To find out whether or not rounding errors can accrue to a considerable quantity over an prolonged time frame, we will mathematically calculate the vary of doable rounding errors.
5. Staking Period:
Be sure that the staking period calculations within the contract align with the required enterprise logic. Confirm that customers can’t redeem rewards earlier than the staking period has ended by bypassing the period checks. Additionally, Verify if the period of staking will be exploited by an attacker to get extra rewards.
6. Exterior Calls and Token Dealing with:
Many of the exterior calls might be to the token contracts. So, we should decide what sorts of tokens the staking contract will deal with. It’s important to test exterior requires any errors and reentrancy assaults. Deflationary tokens or tokens with switch charges, equivalent to Safemoon, can pose an issue if their logic will not be appropriately carried out.
7. Value Manipulations Checks:
Value Manipulation through a flash mortgage is One of the vital frequent hacks on DeFi tasks. There could also be conditions the place malicious actors can use flash loans to control costs throughout staking or unstaking great amount of tokens. Fastidiously evaluation staking and unstaking features to keep away from edge-case situations that would lead to flash loan-based worth manipulation assaults and lack of different customers’ funds.
8. Some Further Checks:
- Loops: If the contract logic entails looping over arrays, it’s vital to make sure that the block gasoline restrict will not be exceeded. This could happen when the array dimension may be very giant, so you need to examine what features might enhance the scale of the array and whether or not any consumer might exploit it to trigger a DoS assault. Take a look at this report.
- Structs: Staking contracts use the struct sort to retailer consumer or pool knowledge. When declaring or accessing a struct inside a operate, it’s vital to specify whether or not to make use of “reminiscence” or “storage.” It would assist us avoid wasting gasoline. For extra info, please refer to this article.
- Entrance-Working: Search for any situations the place malicious actors might front-run any transaction to their benefit.
- Operate Visibility/ Entry Management Checks: Any operate that’s declared as exterior or public will be accessed by anybody. Subsequently, it is very important be sure that no public operate can carry out any delicate actions. It’s essential to confirm that the staking protocol has carried out acceptable controls to stop unauthorized entry to each the staked cash and the system’s infrastructure.
- Centralization Dangers: It can be crucial to not give the proprietor extreme powers. If the admin deal with is compromised, it might trigger important harm to the protocol. Confirm that the proprietor or admin privileges are acceptable and be sure that the protocol has a plan in place for dealing with conditions the place an admin’s personal keys are leaked.
- ETH / WETH dealing with: Contracts typically embody particular logic for dealing with ETH. For instance, when msg.worth > 0, a contract might convert ETH to WETH whereas nonetheless permitting WETH to be acquired straight. When a consumer specifies WETH because the foreign money however sends ETH with the decision, this may break sure invariants and result in incorrect habits.
Thus far, we have now mentioned liquidity staking protocols and the auditing pointers for such protocols. In a nutshell, Liquidity staking permits customers to earn staking rewards with out sacrificing liquidity. We now have outlined the susceptible spots in staking contracts that auditors should take note of, equivalent to withdrawal mechanisms, payment logic, LP token minting/burning mechanism, rounding errors, staking period, exterior calls, and worth manipulation checks.
We advocate auditors to look at audit specs paperwork, match specs with code, and test charges and tokenomics validation. We additionally advocate extra checks equivalent to looping over arrays, specifying reminiscence or storage for struct sort knowledge, and front-running situations. These pointers might be helpful for auditing staking protocols and assist establish potential bugs.
11 Views
