Omniscia Bluejay Finance Audit
StabilizingBondDepository Manual Review Findings
StabilizingBondDepository Manual Review Findings
SBD-01M: Inexistent Enforcement of Security Note
Type | Severity | Location |
---|---|---|
Input Sanitization | StabilizingBondDepository.sol:L56, L81 |
Description:
The code contains a security note that remains unenforced by the contract.
Example:
56// Security note: vesting period should be much higher than the oracle period57// This allow oracle to be updated before more bonds are purchased leading to overcorection58constructor(59 address _blu,60 address _reserve,61 address _stablecoin,62 address _treasury,63 address _stablecoinEngine,64 address _bluTwapOracle,65 address _stablecoinTwapOracle,66 address _stablecoinOracle,67 address _pool,68 uint256 _vestingPeriod69) {70 BLU = IERC20(_blu);71 reserve = IERC20(_reserve);72 stablecoin = IMintableBurnableERC20(_stablecoin);73
74 treasury = ITreasury(_treasury);75 stablecoinEngine = IStablecoinEngine(_stablecoinEngine);76 bluTwapOracle = ITwapOracle(_bluTwapOracle);77 stablecoinTwapOracle = ITwapOracle(_stablecoinTwapOracle);78 stablecoinOracle = IPriceFeedOracle(_stablecoinOracle);79 pool = IUniswapV2Pair(_pool);80
81 vestingPeriod = _vestingPeriod;
Recommendation:
We advise the period
member of both TWAP oracles to be retrieved and mandated to be lower than the input _vestingPeriod
ensuring the contract is configured properly.
Alleviation:
The Bluejay Finance team has analysed the security note and deemed it to not be mandatory. As a result, they have omitted the note from their code thus nullifying this exhibit as the security note is no longer desirable.
SBD-02M: Inexplicable Capability of Oracle Adjustment
Type | Severity | Location |
---|---|---|
Centralization Concern | StabilizingBondDepository.sol:L238-L240, L242-L248, L258-L264 |
Description:
The linked functions permit the owner of the contract to adjust the oracles used by the system at will.
Example:
238function setBluTwapOracle(address _bluTwapOracle) public override onlyOwner {239 bluTwapOracle = ITwapOracle(_bluTwapOracle);240}241
242function setStablecoinTwapOracle(address _stablecoinTwapOracle)243 public244 override245 onlyOwner246{247 stablecoinTwapOracle = ITwapOracle(_stablecoinTwapOracle);248}249
250function setIsRedeemPaused(bool pause) public override onlyOwner {251 isRedeemPaused = pause;252}253
254function setIsPurchasePaused(bool pause) public override onlyOwner {255 isPurchasePaused = pause;256}257
258function setStablecoinOracle(address _stablecoinOracle)259 public260 override261 onlyOwner262{263 stablecoinOracle = IPriceFeedOracle(_stablecoinOracle);264}
Recommendation:
We advise this trait of the system to be re-evaluated and potentially omitted as it introduces a significant centralization attack vector to the system.
Alleviation:
The Bluejay Finance team stated that this is a desired degree of centralization based on their business use case as they wish to be able to adjust the TWAPs during the early stages of the protocol quickly to avoid arbitrage attacks from unfolding. As a result, we consider this exhibit nullified based on the premise that the Bluejay Finance team will act reasonably and will apply proper operational security principles for the referenced permissioned functions.