Epoch Island - LP Pool
Summary
The audited contract facilitates a platform where liquidity providers ("LPs") can offer their upside tokens in exchange for downside tokens. This exchange is open to takers (any user), who can accept these offers, providing the required downside tokens to receive the upside tokens. The protocol incorporates a fee structure that benefits both the liquidity providers and the protocol itself. Additionally, there are mechanisms for reversibility; takers have the option to revert their exchange within a specific timeframe, and liquidity providers can partially cancel their offers. While the code is generally well-written and structured, a significant risk has been identified concerning interactions with unknown ERC-20 tokens. The potential for re-entrancy attacks and compatibility issues with certain ERC-20 contracts presents a threat that could disrupt the protocol's operations. **Update:** Following the fix review, the auditing team confirmed that all issues have been either fixed, mitigated, or acknowledged by the developer team. Furthermore, the code and documentation quality were improved by the developer team. Most critically, ELP-1 was acknowledged, considering that the front-end will whitelist tokens to be used with the contract. Furthermore, the branch coverage was reduced to 85.71% in the fix review commit. **Update:** In the second fix review, the client resolved ELP-2 and fully resolved ELP-3. We identified the new issue ELP-14 in the code changes.
Issues (14)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 7 | 1 | - | - | 8 |
Fixed | 4 | 2 | - | - | 6 |
| Total | 11 | 3 | 0 | 0 | 14 |