LandX Finance
Summary
LandX is a protocol that offers tokenized commodities and perpetual vaults for agricultural products. Farmers raise capital by selling ownership shares of their crops sales to investors. Investors purchase the tokenized commodity in hopes of having an inflation hedged return. Farmers are held accountable through legal contracts secured on the underlying farmland. We found several high-severity issues, mostly surrounding incorrect accounting in the reward mechanism, lack of support of multiple crops, and vulnerability to sandwich attacks. We encourage the LandX team to address these issues before launch. The test suite showed high coverage for the contracts under test. However, for some contracts, no tests exist at all and the existing tests were not diverse enough to catch issues like the hardcoded crop type. We highly recommend adding tests for all contracts and improving the existing ones to catch the issues found in this report. Though the LandX protocol is built on a decentralized platform, the protocol does grant special privileges to the contract owners. While this is by design and may be necessary given the protocol's business requirements, we would like to note to users that the LandX protocol is not an entirely trustless system. Contract owners may be able to redirect user funds or manipulate trusted addresses. We encourage the LandX team to follow security best practices to keep any privileged addresses from being compromised. Additionally, parts of the protocol will need to be enforced offline and some risk management is also done off-chain. **Update:** The team has addressed all of the issues.
Issues (25)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 2 | 1 | - | - | 3 |
Fixed | 14 | 3 | 5 | - | 22 |
| Total | 16 | 4 | 5 | 0 | 25 |