Omniscia Kanpeki Finance Audit

Core Protocol Security Audit

We were tasked with auditing the codebase of Kanpeki Finance and in particular their fixed-rate lending and borrowing protocol built upon a first-come first-serve (FCFS) principle.

Over the course of the audit we identified certain misbehaviours that can be observed in terms of the actual functionality implemented by the protocol and the expected functionality as detailed by its documentation.

Additionally, we observed a significant level of centralization being applied across the protocol with all assets in custody of the protocol being completely susceptible to a compromisation of the owner role in the contract registry as all vaults perform an infinite approval to the dynamically retrieved addresses from the registry.

With regards to the novel first-come first-serve interest serving component of the system, we pinpointed the absence of a user-set "guard" variable that ensures the user will receive the interest reward they anticipate. Given the inherent FCFS nature of the protocol, the interest bearers will compete for the blockchain's block space to manage and be the first to claim a particular interest batch and as such should be able to specify the minimum interest they are willing to accept as "claimed" for a particular transaction.

We strongly advise the Kanpeki Finance team to apply remediations to all findings we have identified as well as consider our style and gas optimization findings to enhance the codebase's maintainability and legibility. We should note that we believe the system to be overly complex when it comes to the percentage calculations and we urge the Kanpeki Finance team to consider simplifying some of the proportionate calculations to reduce the gas cost of the system as well as render it more readable.

Files in ScopeRepositoryCommit(s)
BorrowManager.sol (BMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Coordinator.sol (COO)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
CloneFactory.sol (CFY)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
ContractRegistry.sol (CRY)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
ContractAddresses.sol (CAS)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
CollateralizationManager.sol (CMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
DepositManager.sol (DMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
FeeManager.sol (FMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Oracle.sol (ORA)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Ownable.sol (OWN)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Pausable.sol (PAU)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
RewardManager.sol (RMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
StakingManager.sol (SMR)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Token.sol (TOK)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
TokenRegistry.sol (TRY)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7
Vault.sol (VAU)kanpeki-omnisciae4307c5ef0,
5d65ce7cf7

During the audit, we filtered and validated a total of 1 findings utilizing static analysis tools as well as identified a total of 26 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.

The list below covers each segment of the audit in depth and links to the respective chapter of the report:

Next

Compilation