Swaap Finance Safeguard Pool

Summary

**Update**: We find that all issues have been addressed being either fixed or acknowledged. However, regarding SWP-2, a medium-severity issue, we found that it would benefit from a direct resolution that would further minimize risks to the protocol inherent to depegging events. Moreover, we are concerned that the test suite does not yet have full coverage, as code of this complexity would benefit strongly from a robust test suite. **Initial audit**: Quantstamp performed an audit on Swaap Finance's Safeguard Pool mechanism based on the code in the linked repository. Swaap Finance is an exchange protocol that allows users to swap tokens as well as provide liquidity in "pools". Safeguard Pool represents on-chain logic that aims to implement features including: * using on-chain oracles in order to ensure accurate swap prices; * implementing "safeguards" and "penalties" in order to protect liquidity providers and traders from undesired effects. The safeguards and penalties can be roughly summarized as follows: * quotes must be signed by an authorized signer; * the "performance" of the pool (relative to a basic holding strategy) must not deviate too quickly; * the price of a quote must be sufficiently close to an oracle's price (save for the case of stablecoins, where this check may be conditionally foregone); * traders may be penalized for waiting too late to execute a swap; * traders may be penalized for if their swap induces more volatility than was expected at the time of a quote's signing; * traders may be penalized for using a quote that was expected to be executed by someone else (as determined by account address). Key concerns for the audit were * determining whether the safeguards and penalty systems were implemented correctly; * determining whether any loopholes were present that may allow the safeguards to be somehow circumvented; * assessing whether the safeguards and penalties sufficiently fulfil the stated objectives of the developer. Ultimately, the most concerning issues centered around the unusually high power given to the quote signer (a single address for a given pool) and the potential for depegging events to be exploited to some degree. We recommend the client address all the issues discussed in this report.