If you notice some outdated information please let us know!
PASS
The final review score is indicated as a percentage. The percentage is calculated as Achieved Points due to MAX Possible Points. For each element the answer can be either Yes/No or a percentage. For a detailed breakdown of the individual weights of each question, please consult this document.
Very simply, the audit looks for the following declarations from the developer's site. With these declarations, it is reasonable to trust the smart contracts.
This report is for informational purposes only and does not constitute investment advice of any kind, nor does it constitute an offer to provide investment advisory or other services. Nothing in this report shall be considered a solicitation or offer to buy or sell any security, token, future, option or other financial instrument or to offer or provide any investment advice or service to any person in any jurisdiction. Nothing contained in this report constitutes investment advice or offers any opinion with respect to the suitability of any security, and the views expressed in this report should not be taken as advice to buy, sell or hold any security. The information in this report should not be relied upon for the purpose of investing. In preparing the information contained in this report, we have not taken into account the investment needs, objectives and financial circumstances of any particular investor. This information has no regard to the specific investment objectives, financial situation and particular needs of any specific recipient of this information and investments discussed may not be suitable for all investors.
Any views expressed in this report by us were prepared based upon the information available to us at the time such views were written. The views expressed within this report are limited to DeFiSafety and the author and do not reflect those of any additional or third party and are strictly based upon DeFiSafety, its authors, interpretations and evaluation of relevant data. Changed or additional information could cause such views to change. All information is subject to possible correction. Information may quickly become unreliable for various reasons, including changes in market conditions or economic circumstances.
This completed report is copyright (c) DeFiSafety 2023. Permission is given to copy in whole, retaining this copyright label.
This section looks at the code deployed on the Mainnet that gets reviewed and its corresponding software repository. The document explaining these questions is here.
1. Are the executing code addresses readily available? (%)
They are available at website https://docs.balancer.fi/developers/smart-contracts/deployment-addresses as indicated in the Appendix.
2. Is the code actively being used? (%)
3. Is there a public software repository? (Y/N)
GitHub: https://github.com/balancer-labs/.
Is there a public software repository with the code at a minimum, but also normally test and scripts. Even if the repository was created just to hold the files and has just 1 transaction, it gets a "Yes". For teams with private repositories, this answer is "No"
4. Is there a development history visible? (%)
With 606 commits and 18 branches, this is a healthy software repository.
This metric checks if the software repository demonstrates a strong steady history. This is normally demonstrated by commits, branches and releases in a software repository. A healthy history demonstrates a history of more than a month (at a minimum).
5. Is the team public (not anonymous)? (Y/N)
CEO is public here: Fernando Martinelli
For a "Yes" in this question, the real names of some team members must be public on the website or other documentation (LinkedIn, etc). If the team is anonymous, then this question is a "No".
This section looks at the software documentation. The document explaining these questions is here.
6. Is there a whitepaper? (Y/N)
7. Are the basic software functions documented? (Y/N)
8. Does the software function documentation fully (100%) cover the deployed contracts? (%)
9. Are there sufficiently detailed comments for all functions within the deployed contract code (%)
The Comments to Code (CtC) ratio is the primary metric for this score.
10. Is it possible to trace from software documentation to the implementation in code (%)
Robust software documentation to code traceability at https://docs.balancer.fi/developers/smart-contracts/apis.
11. Full test suite (Covers all the deployed code) (%)
This score is guided by the Test to Code ratio (TtC). Generally a good test to code ratio is over 100%. However the reviewers best judgement is the final deciding factor.
12. Code coverage (Covers all the deployed lines of code, or explains misses) (%)
The Coveralls report indicates a 96% code coverage. https://coveralls.io/github/balancer-labs/balancer-core
13. Scripts and instructions to run the tests? (Y/N)
Instructions to run the tests can be found at https://github.com/balancer-labs/balancer-core
14. Report of the results (%)
Their test report is at :https://github.com/balancer-labs/balancer-v2-monorepo/blob/master/audits/test-report.md
15. Formal Verification test done (%)
16. Stress Testing environment (%)
Kovan test-net smart contract addresses can be found at https://docs.balancer.fi/developers/smart-contracts/deployment-addresses.
This section looks at the 3rd party software audits done. It is explained in this document.
17. Did 3rd Party audits take place? (%)
All of the audits were performed before the Balancer v2 launch, and most fixes were implemented by the team. - Certora did a Balancer v2 audit on April 19th 2021 - OpenZeppelin did a Balancer v2 audit on March 15th 2021 - Trail of Bits did a Balancer v2 audit on April 5th 2021
18. Is the bug bounty acceptable high? (%)
This section covers the documentation of special access controls for a DeFi protocol. The admin access controls are the contracts that allow updating contracts or coefficients in the protocol. Since these contracts can allow the protocol admins to "change the rules", complete disclosure of capabilities is vital for user's transparency. It is explained in this document.
19. Can a user clearly and quickly find the status of the access controls (%)
20. Is the information clear and complete (%)
Everything is detailed perfectly at https://docs.balancer.fi/core-concepts/governance/multisig#context. The majority of contracts are immutable as indicated here: https://docs.balancer.fi/core-concepts/security/emergency-pause with some contracts being upgradable(which is also described in depth)
21. Is the information in non-technical terms that pertain to the investments (%)
Contracts are indicated as mostly immutable as stated in https://docs.balancer.fi/core-concepts/security/emergency-pause
22. Is there Pause Control documentation including records of tests (%)
1// SPDX-License-Identifier: GPL-3.0-or-later
2// This program is free software: you can redistribute it and/or modify
3// it under the terms of the GNU General Public License as published by
4// the Free Software Foundation, either version 3 of the License, or
5// (at your option) any later version.
6
7// This program is distributed in the hope that it will be useful,
8// but WITHOUT ANY WARRANTY; without even the implied warranty of
9// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10// GNU General Public License for more details.
11
12// You should have received a copy of the GNU General Public License
13// along with this program. If not, see <http://www.gnu.org/licenses/>.
14
15pragma solidity ^0.7.0;
16pragma experimental ABIEncoderV2;
17
18import "@balancer-labs/v2-solidity-utils/contracts/misc/IWETH.sol";
19
20import "./interfaces/IAuthorizer.sol";
21
22import "./VaultAuthorization.sol";
23import "./FlashLoans.sol";
24import "./Swaps.sol";
25
26/**
27 * @dev The `Vault` is Balancer V2's core contract. A single instance of it exists for the entire network, and it is the
28 * entity used to interact with Pools by Liquidity Providers who join and exit them, Traders who swap, and Asset
29 * Managers who withdraw and deposit tokens.
30 *
31 * The `Vault`'s source code is split among a number of sub-contracts, with the goal of improving readability and making
32 * understanding the system easier. Most sub-contracts have been marked as `abstract` to explicitly indicate that only
33 * the full `Vault` is meant to be deployed.
34 *
35 * Roughly speaking, these are the contents of each sub-contract:
36 *
37 * - `AssetManagers`: Pool token Asset Manager registry, and Asset Manager interactions.
38 * - `Fees`: set and compute protocol fees.
39 * - `FlashLoans`: flash loan transfers and fees.
40 * - `PoolBalances`: Pool joins and exits.
41 * - `PoolRegistry`: Pool registration, ID management, and basic queries.
42 * - `PoolTokens`: Pool token registration and registration, and balance queries.
43 * - `Swaps`: Pool swaps.
44 * - `UserBalance`: manage user balances (Internal Balance operations and external balance transfers)
45 * - `VaultAuthorization`: access control, relayers and signature validation.
46 *
47 * Additionally, the different Pool specializations are handled by the `GeneralPoolsBalance`,
48 * `MinimalSwapInfoPoolsBalance` and `TwoTokenPoolsBalance` sub-contracts, which in turn make use of the
49 * `BalanceAllocation` library.
50 *
51 * The most important goal of the `Vault` is to make token swaps use as little gas as possible. This is reflected in a
52 * multitude of design decisions, from minor things like the format used to store Pool IDs, to major features such as
53 * the different Pool specialization settings.
54 *
55 * Finally, the large number of tasks carried out by the Vault means its bytecode is very large, close to exceeding
56 * the contract size limit imposed by EIP 170 (https://eips.ethereum.org/EIPS/eip-170). Manual tuning of the source code
57 * was required to improve code generation and bring the bytecode size below this limit. This includes extensive
58 * utilization of `internal` functions (particularly inside modifiers), usage of named return arguments, dedicated
59 * storage access methods, dynamic revert reason generation, and usage of inline assembly, to name a few.
60 */
61contract Vault is VaultAuthorization, FlashLoans, Swaps {
62 constructor(
63 IAuthorizer authorizer,
64 IWETH weth,
65 uint256 pauseWindowDuration,
66 uint256 bufferPeriodDuration
67 ) VaultAuthorization(authorizer) AssetHelpers(weth) TemporarilyPausable(pauseWindowDuration, bufferPeriodDuration) {
68 / solhint-disable-previous-line no-empty-blocks
69 }
70
71 function setPaused(bool paused) external override nonReentrant authenticate {
72 _setPaused(paused);
73 }
74
75 / solhint-disable-next-line func-name-mixedcase
76 function WETH() external view override returns (IWETH) {
77 return _WETH();
78 }
79}
Comments to Code: 5898 / 7853 = 75 %
Tests to Code: 13366 / 7853 = 170 %