Omniscia SaucerSwap Audit
Periphery Security Audit
Audit Report Revisions
| Commit Hash | Date | Audit Report Hash |
|---|---|---|
| dab89c19a6 | July 30th 2023 | a63c5489b7 |
| d8d187efd1 | August 29th 2023 | f94398e54e |
| 92f8d9f89f | September 9th 2023 | 73ce277d7b |
| ab9210c4a1 | September 25th 2023 | 9d386f8810 |
| ab9210c4a1 | September 27th 2023 | 9cc43cb27c |
Audit Overview
We were tasked with performing an audit of the SaucerSwap codebase and in particular their periphery implementation that derives from the original Uniswap V3 implementation.
Over the course of the audit, we identified multiple points whereby the Hedera Protocol has not been properly integrated with within the TransferHelper which lies at the core of the AMM's transfer flows and thus constitutes a significant vulnerability.
We advise the SaucerSwap team to closely evaluate all minor-and-above findings identified in the report and promptly remediate them as well as consider all optimizational exhibits identified in the report.
Post-Audit Conclusion
The SaucerSwap team iterated through all findings within the report and provided us with a revised commit hash to evaluate all exhibits on.
We evaluated all alleviations performed by SaucerSwap and have identified that a single exhibit has not been adequately dealt with. We advise the SaucerSwap team to revisit the following exhibit as it was partially alleviated: PIR-01M
Additionally, we identified a potential vulnerability in the new way the Hedera compatible NFT is initialized by the NonfungiblePositionManager.
Specifically, the newly introduced NonfungiblePositionManager::createNonFungible function does not apply any access control permitting on-chain race conditions to occur whereby the token's creation and thus renewal period and rent payer are specified by another party.
We advise access control to be applied at the function via a value configured during the NonfungiblePositionManager::constructor.
Post-Audit Conclusion (92f8d9f89f)
The SaucerSwap team proceeded to introduce annotations for the PIR-01M finding instructing users to use the Multicall contract when interacting with the PoolInitializer::createAndInitializePoolIfNecessary function to ensure that any additional native funds sent alongside the call are refunded.
We would like to note that our recommendation to introduce access control to the newly introduced NonfungiblePositionManager::createNonFungible function has not been heeded and as such we do not consider all outputs of the report properly consumed by the SaucerSwap team.
Post-Audit Conclusion (ab9210c4a1)
The NonfungiblePositionManager::createNonFungible function properly applies adequate access control by retaining a deployer entry within the contract's NonfungiblePositionManager::constructor that is validated as the caller of the said function in the latest iteration of the codebase.
As such, initialization of the manager is adequately guarded against on-chain race conditions. We consider all outputs of the audit report properly consumed by the SaucerSwap team based on the latest remediation round.
Audit Synopsis
| Severity | Identified | Alleviated | Partially Alleviated | Acknowledged |
|---|---|---|---|---|
 | 0 | 0 | 0 | 0 |
 | 5 | 3 | 0 | 2 |
 | 2 | 2 | 0 | 0 |
 | 2 | 2 | 0 | 0 |
 | 2 | 2 | 0 | 0 |
During the audit, we filtered and validated a total of 1 findings utilizing static analysis tools as well as identified a total of 10 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they can introduce potential misbehaviours of the system as well as exploits.
Total Alleviations
The list below covers each segment of the audit in depth and links to the respective chapter of the report: