USDFI - The revolution will not be centralized.
  • USDFI Working Paper
    • Abstract
    • Introduction
      • Custodial Stablecoins
      • Non-custodial Stablecoins
    • USDFI Design
      • Introduction
      • The Decentralized Stablecoin Trilemma
      • Design Considerations
      • Financial stability: AMOs, BLR, AMMLR & The DeFi Trinity
    • USDFI Stability Mechanisms
  • Dual ve-tokenomics
    • Introduction
    • Liquidity Incentivization
      • Curve Finance
      • Olympus DAO
      • Zero-sum, ve and ve(3,3)
      • Dual-ve model
    • Analysis of dual-ve
  • USDFI: The protocol for protocols
    • How to get deep liquidity for your token
    • Problem: Bootstrapping your liquidity
    • Solution: USDFI P4P
  • USDFI explained in 120 seconds
    • Vision
    • Dual-ve tokenomics
    • STABLE/veSTABLE
    • USDFI/veUSDFI
  • USDFI AMM
    • Understanding Automated Market Makers
      • How-to execute a token swap
        • Token prices
        • Price Impact
        • Price Slippage
        • Price Impact vs Slippage
      • Understanding liquidity pools
      • vAMM vs sAMM
      • Understanding AMM users
    • Understanding USDFI's AFSA-Shield
    • Becoming a liquidity provider
      • Whitelisting
      • Dynamic pool fees for partner protocols
    • Understanding USDFI Pools
    • Understanding the USDFI Router
  • USDFI Money Markets
    • Peer-to-Pool Money Markets
    • Lending vs Liquidity
      • Lending
      • Borrowing
      • Liquidiations
      • Advanced Money Market Strategies
      • Contracts
    • Security
      • Token Report (BSC)
  • USDFI Stablecoin
    • Minting
    • Understanding the Minter
  • USDFI Money Legos
    • Introduction
    • Protocols
      • Thena
    • Risks
  • Security
    • About Chainsecurity
    • Audits
    • Contracts
  • More USDFI
    • The USDFI vision
    • Roadmap
    • Tokenomics
    • Pitch Deck
  • GETTING STARTED
    • Connecting a wallet to USDFI
    • Switching networks
    • What's a wallet address?
    • Getting a crypto wallet
    • Understanding Networks and Layers
    • Understanding Layer 2
    • Understanding transaction hashes
    • Understanding approval transactions
    • Network Fees
    • Buy Crypto
      • Credit Card
      • Bank transfer
  • AFFILIATES
    • How to become an USDFI affiliate
  • Brand assets
    • SVGs
  • FAQ
    • General questions about USDFI
    • How is USDFI different from...
    • Questions about the USDFI ecosystem
    • Terms of Use / Legal information
    • Where to find more information
    • Security and audit
    • The most important question
  • LINKS
    • Twitter
    • Discord
    • Telegram
    • Github
Powered by GitBook
On this page
  • ChainSecurity history and credentials
  • Selected smart contract audit reports
  • MAKER – Liquidations 2.0
  • MAKER – Optimism DAI-Bridge & Starknet-DAI bridge
  • CURVE FINANCE – Tricrypto
  • COMPOUND – Comet
  • 1INCH – Farming
  • KYBER – KyberSwap Elastic (based on UNISWAP V3)
  • POA (Gnosis) – Omnibridge
  • GEARBOX – Generalized leverage protocol

About Chainsecurity

USDFI is audited by Chainsecurity

ChainSecurity history and credentials

In 2017, at ETH Zurich, one of the leading universities for computer science in the world, academic researchers developed Securify [1]. Securify was the first static analyzer for Solidity smart contracts. As the tool gained in popularity, the team of researchers was approached multiple times for smart contract security services.

Hence, ChainSecurity was founded. The team quickly grew and audited over 70 projects for more than 50 clients. With the support of the Ethereum Foundation, Securify became open source [3] and publicly available. Furthermore, in collaboration with ETH Zurich, ChainSecurity developed formal verification tools such as VerX [4].

The team also received visibility during the Constantinople [5] and Berlin [6] hard forks, as it discovered two issues. Other multiple low-level issues in Ethereum client were reported and resulted in the 5th place on the global Ethereum bug-bounty leaderboard [7].

Beginning of 2020, ChainSecurity was acquired by PwC Switzerland [8]. The goal was to provide a joint business offering for smart contract code audits and financial audits, thus spearheading the tokenized securities industry.

However, in April 2021, as our DeFi clients became increasingly decentralized, it was challenging to serve them from such an established and regulated company. Hence, ChainSecurity amicably spun-off from PwC. ChainSecurity learned from the best practices of the financial audit sector and, with leading blockchain security engineers and PwC- alumni, we make up a world-class team bringing quality, reliability, and experience.

In 2021, after the spin-off from PwC, ChainSecurity performed approximately 50 audits, hired talent from leading universities, and identified a vulnerability in live Compound code [9] during an audit on a different scope [10]. In 2022, ChainSecurity continued performing audits with increased capacity, won Ethereum Foundation’s underhanded Solidity contest [11], identified a live vulnerability in the Fuse pools of Rari Capital [12], and another one in Balancer [13]. More live vulnerabilities will soon be disclosed publicly after being patched.

Selected smart contract audit reports

MAKER – Liquidations 2.0

Liquidations 2.0 for multi collateral DAI has been developed to mitigate uncovered shortcomings in the previous liquidation system. https://chainsecurity.com/security-audit/maker-protocol-liquidations-2-0/

MAKER – Optimism DAI-Bridge & Starknet-DAI bridge

https://chainsecurity.com/security-audit/makerdao-optimism-dai-bridge/ https://chainsecurity.com/security-audit/makerdao-starknet-dai-bridge/

CURVE FINANCE – Tricrypto

Curve Finance’s Tricrypto system extends their exchanges to swap 3 coins instantly, where the coins no longer need to be equivalent in value. https://chainsecurity.com/security-audit/curve-finance-tricrypto/

COMPOUND – Comet

Compound Comet is a gas-efficient lending platform allowing more efficient liquidity use due to a streamlined application of borrowing stablecoins against various collaterals. https://chainsecurity.com/security-audit/compound-comet/

1INCH – Farming

1inch implements two types of farming contracts. While the first one is a traditional farming contract where tokens need to be deposited for reward eligibility, the second one is as ERC-20 library contract which has farming capabilities built-in and, thus, allows for participating in multiple farms without requiring individual deposits in each one. https://chainsecurity.com/security-audit/1inch-farming/

KYBER – KyberSwap Elastic (based on UNISWAP V3)

KyberSwap Elastic is an automated market maker (AMM) implementation, that allows liquidity providers to concentrate the liquidity in a certain price range. https://chainsecurity.com/security-audit/kyberswap-elastic/

POA (Gnosis) – Omnibridge

OmniBridge is a system of smart contracts that allows cross-chain token transfers between Ethereum-compatible blockchains. https://chainsecurity.com/security-audit/poa-network-omnibridge/

GEARBOX – Generalized leverage protocol

This system allows users to take leverage in one place and then use it across various DeFi protocols and platforms in a composable way. https://chainsecurity.com/security-audit/gearbox/

[1] https://arxiv.org/abs/1806.01143 [2] https://chainsecurity.com/audits [3] https://github.com/eth-sri/securify2 [4] https://www.sri.inf.ethz.ch/publications/permenev20verx [5] https://medium.com/chainsecurity/constantinople-enables-new-reentrancy-attack-ace4088297d9 [6] Ethereum blog post and submission [7] https://bounty.ethereum.org/ [8] https://www.pwc.ch/ [9] https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2 [10] https://chainsecurity.com/security-audit/compound-ctoken [11] https://medium.com/chainsecurity/beware-of-undefined-behavior-underhanded-solidity-contest-winner-22-42c6a52e2a8 [12] https://medium.com/@JackLongarzo/rari-capital-fuse-security-upgrade-report-e5d154c16250 [13] https://forum.balancer.fi/t/medium-severity-bug-found/3161

PreviousRisksNextAudits

Last updated 5 months ago

Page cover image