Audit
As a commitment towards the safety of our users and partners, we want to be transparent about the changes and the status of the security audits of our smart contracts.
Baso Finance was adapted from Velodrome Finance
Audit
Solidly went through a partial (only the AMM part was sent for audit) security audit in January 30, 2022. The audit was done by PeckShield and did reveal 5 low-severity and 1 informal findings.
The full audit is available for download from Solidly git repository.
Velodrome Finance went through a security audit and a peer review as part of the Code4rena bug bouncy contest. Finally, a full MythX deep scan on Velodrome contracts found just a handful of false-positive, low-severity issues reported.
The Code4rena contest results were released on August 8, 2022 and are available here. All high- or medium-risk issues were either resolved pre-deploy, except for one known issue (users can claim eligible rewards from ExternalBribe contracts more than once) that's currently being addressed (via a wrapped contract solution). No user funds are at risk from this vulnerability, and protocols who wish to deposit external bribes should get in contact with the core team to discuss alternative solutions. More information about our C4 contest can be found here. Reports from that audit are available here.
Bug Bounty Programs
Velodrome Finance ran a bug bounty contest on 23rd to 30th of May 2022 with awards up to $75,000 on Code4rena. The main scope of the contest was to cover all the new changes to the new and the original contracts.
Solidly's bug bounty program was launched in February 2022 on Immunefi.com. There were no claims for any of the $200,000 rewards (on their Github).
Last updated