Bridge Security Status, Audits & Auditors

Last Issues (9)

	Low	Medium	High	Critical	Total
Not fixed	3	-	-	-	3
Fixed	1	1	4	-	6
Total	4	1	4	0	9

Centralization Related Risks

not_fixed/high

In the contract `Ownable` the role `_owner` has authority over the functions shown in the diagram below.
Any compromise to the `_owner` account may allow the hacker to take advantage of this authority.
![](https://accelerator-tasks-prod.acc.corp.certik.com/8f69f7f45ed145838445bcd0366341fc/diagrams/centralization_BRGPool-Ownable-_owner.svg)

In the contract `SmartChefFactory` the role `_owner` has authority over the functions shown in the diagram below.
Any compromise to the `_owner` account may allow the hacker to take advantage of this authority.
![](https://accelerator-tasks-prod.acc.corp.certik.com/8f69f7f45ed145838445bcd0366341fc/diagrams/centralization_BRGPool-SmartChefFactory-_owner.svg)

In the contract `SmartChefInitializable` the role `SMART_CHEF_FACTORY` has authority over the functions shown in the diagram below.
Any compromise to the `SMART_CHEF_FACTORY` account may allow the hacker to take advantage of this authority.
![](https://accelerator-tasks-prod.acc.corp.certik.com/8f69f7f45ed145838445bcd0366341fc/diagrams/centralization_BRGPool-SmartChefInitializable-SMART_CHEF_FACTORY.svg)

In the contract `SmartChefInitializable` the role `_owner` has authority over the functions shown in the diagram below.
Any compromise to the `_owner` account may allow the hacker to take advantage of this authority.
![](https://accelerator-tasks-prod.acc.corp.certik.com/8f69f7f45ed145838445bcd0366341fc/diagrams/centralization_BRGPool-SmartChefInitializable-_owner.svg)

Third Party Dependency

not_fixed/low

The contract is serving as the underlying entity to interact with one or more third party protocols. The scope of the audit treats third party entities as black boxes and assume their functional correctness. However, in the real world, third parties can be compromised and this may lead to lost or stolen assets. In addition, upgrades of third parties can possibly create severe impacts, such as increasing fees of third parties, migrating to new LP pools, etc.

```solidity=870
    IBEP20 public rewardToken;
```
- The contract `SmartChefInitializable` interacts with third party contract with `IBEP20` interface via `rewardToken`.


---
```solidity=873
    IBEP20 public stakedToken;
```
- The contract `SmartChefInitializable` interacts with third party contract with `IBEP20` interface via `stakedToken`.


---
```solidity=1031
    function recoverWrongTokens(address _tokenAddress, uint256 _tokenAmount) external onlyOwner {
```
- The function `SmartChefInitializable.recoverWrongTokens` interacts with third party contract with `IBEP20` interface via `_tokenAddress`.

Audits (4)

#	Name	Auditor	Date	Chains	Issues
1	Bridge Oracle	CertiK	2022/09/13	Off-Chain (Private)	No active critical issues
2	Token Bridge - Audit	CertiK	2023/04/06	Off-Chain (Private)	No active critical issues
3	Bridge Staking Platform V2-...	CertiK	2023/03/09	Off-Chain (Private)	No active critical issues
4	Bridge Oracle (Hybrid Liqui...	CertiK	2023/04/18	Off-Chain (Private)	No active critical issues