Alpha Finance Homora V2 Audit
Summary
The Alpha Finance Lab team asked us to review and audit their Homora V2 smart contracts. We looked at the code and now publish our results. Scope We audited commit 5efa332f2ecf8e9705c326cffda5305bc6f752f7 of the AlphaFinanceLab/homora-v2 repository. Only the following files inside the /contracts folder were in scope: ├── Governable.sol... for Homora V2 users. It also deposits user tokens to Uniswap, SushiSwap, Balancer, and Curve. We assumed that all of these external protocols work as intended. During this audit, we also assumed that the governor and oracle price feeds are available, honest, and not compromised. Findings Here we present our...
Issues (17)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 1 | - | - | - | 1 |
Fixed | 13 | 2 | 1 | - | 16 |
| Total | 14 | 2 | 1 | 0 | 17 |
Contracts (5)
| # | File Name |
|---|---|
| 1 | contracts/wrapper/WStakingRewards.sol |
| 2 | contracts/oracle/AggregatorOracle.sol |
| 3 | contracts/oracle/CoreOracle.sol |
| 4 | contracts/spell/CurveSpellV1.sol |
| 5 | contracts/oracle/ProxyOracle.sol |