Bird.Money Farm V2 - Smart Contract Audit Report

Summary

Bird Farm Token Audit Report Bird.Money has built an off-chain Farm, analytics, and lending platform. We previously reviewed the project's token contract here, lending platform here, and Oracle here. For this audit, we analyzed the project team's Farm contract on GitHub at commit a1b4a68996e603786f297cf149c888cff223b43c.

Notes of the Contract:
  • Users can stake various LP tokens into the MasterChef contract into order to earn rewards.
  • There is a fee associated with making a deposit to the contract, set by the team.
  • 2% of the tokens deposited into the contract shall be sent to the project team.
  • 2% of BIRD token rewards earned for a user's rewards are burned upon unstaking.
  • The project team can add different types of tokens for staking, and can update the reward rates for each token at any time.

  • Some gas optimizations can be achieved through marking functions external instead of public and declaring some variables constant. As this contract is already deployed, this is informational.
  • The team must exercise caution when adding tokens to avoid fee-on-transfer and ERC777-compliant tokens.
  • Utilization of SafeMath (or similarily safe functions) across all contracts to prevent overflows.
Audit Findings:
  • No security vulnerabilities from external actors were identified.
  • Ensure trust in the team as they have the ability to migrate user's staked funds.
  • Date: April 17th, 2021

External Threat Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Economic IssuesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
SuicideN/APASS
State Change External CallsN/APass
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Function Graph

ERC20 Token Graph

Inheritence Chart

Multi-file Token

Functions Overview


 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 +  ERC20 (Context, IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _setupDecimals #
    - [Int] _beforeTokenTransfer #

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  MasterChef (Ownable)
    - [Pub]  #
    - [Pub] add #
       - modifiers: onlyOwner
    - [Pub] set #
       - modifiers: onlyOwner
    - [Int] getMultiplier
    - [Ext] pendingRewardToken
    - [Int] massUpdatePools #
    - [Int] updatePool #
    - [Pub] deposit #
    - [Pub] withdraw #
    - [Pub] emergencyWithdraw #
    - [Int] savePendingReward #
    - [Pub] harvestPendingReward #
    - [Pub] addRewardTokensToContract #
       - modifiers: onlyOwner
    - [Pub] getRewardTokensFromContract #
       - modifiers: onlyOwner
    - [Pub] getReward
    - [Ext] poolLength
    - [Pub] setAll #
       - modifiers: onlyOwner
    - [Pub] setRewardToken #
       - modifiers: onlyOwner
    - [Pub] setUnstakeFrozenTime #
       - modifiers: onlyOwner
    - [Pub] setRewardFrozenTime #
       - modifiers: onlyOwner
    - [Pub] setRewardTokenPerBlock #
       - modifiers: onlyOwner
    - [Pub] setStartRewardBlock #
       - modifiers: onlyOwner
    - [Pub] setEndRewardBlock #
       - modifiers: onlyOwner
    - [Pub] setMigrator #
       - modifiers: onlyOwner

 + [Int] IMigratorChef 
    - [Ext] migrate #