The Certik Audit has been completed and is available for all to VIEW.
Summary of the report
No critical issues were found. The audit results indicate there were five ‘Major’ findings with two resolved issues and three partially resolved issues. Six ‘Medium’ findings with five issues resolved were also found. We recommend reading the full PDF for more details. As well, see our breakdown of certain contract owner privileges here.
Addressing some of the findings
It is important that we briefly address the partially resolved findings for your understanding and security.
ERCFund | Privileged ownership of recover function
The reasoning for having the recover function:
The Converter contract owns the ERCFund contract. It uses the recover function to transfer tokens to it, then performs various functions such as:
- Breaking up LP tokens.
- Converting tokens to WMATIC before sending it to the fee distribution contract.
- Executing ADDY buybacks.
Minter | Centralized Risk
Minter | Privileged ownership of addyPerProfitEth
These owner privilege issues are currently addressed by the minter contract being owned by a timelock contract.
The reasoning for having those functions:
- The developer will need to grant minting privileges to new vaults on a regular basis.
- The developer will eventually need to change the price calculator contract in order to implement other suggested changes in the audit.
- The developer will reduce the ADDY emission rate over time.
PriceCalculator | Price Oracle dependencies
A TWAP oracle in addition to the current Chainlink oracle will be used in the future.
The Adamant team is happy to have undergone this audit, mitigated these issues, and will continue to place security as a top priority. If you have any questions, comments or concerns please feel free to bring those up in our Discord or Telegram channels.
ADAMANT OFFICIAL LINKS