Vera Staking - Smart Contract Audit Report


Veraswap Staking Veraswap is a decentralized framework for liquidity control and a liquidity bootstrapping protocol.

For this audit, we analyzed the project's staking contract. We reviewed the contract at 0xf2f1467b6ee5efd2fb8e9a828748ae34522dd9fa on the Binance Smart Chain mainnet.

We previously audited Veraswap's token contract here.

Notes on the Contract:
  • Users can stake any token into the staking contract into order to earn Vera tokens.
  • After staking users will not be able to add additional stake.
  • Users tokens will be locked in the contract
  • Users will accrue rewards over the length of their stake. Upon withdrawing from the contract, user's rewards will be claimed.
  • The team has the ability to update the reward rate for each token, alter the address & decimals of the Vera token contract, and update the locktime for the each token.
  • As any token can be used, the team must check each token being given a reward rate to ensure it does not contain malicious transfer logic that could lead to reentrancy.
  • Some public functions may be declared external to save a small amount of gas on each transaction. As this has been deployed already, this is merely informational.
  • Utilization of SafeMath to prevent overflow issues.

  • Audit Findings Summary:
    • No security issues from outside attackers were identified.
    • Ensure trust in the team as they have some control over the ecosystem.
    • Date: May 14th, 2021

    Combined External Threat Results

    Vulnerability CategoryNotesResult
    Arbitrary Storage WriteN/APASS
    Arbitrary JumpN/APASS
    Delegate Call to Untrusted ContractN/APASS
    Dependence on Predictable VariablesN/APASS
    Deprecated OpcodesN/APASS
    Ether ThiefN/APASS
    External CallsN/APASS
    Integer Over/UnderflowN/APASS
    Multiple SendsN/APASS
    State Change External CallsN/APASS
    Unchecked RetvalN/APASS
    User Supplied AssertionN/APASS
    Critical Solidity CompilerN/APASS
    Overall Contract Safety PASS

    Inheritence Chart

    Smart Contract Inheritance

    Function Graph

    Smart Contract Graph

    Functions Overview

     ($) = payable function
     # = non-constant function
     Int = Internal
     Ext = External
     Pub = Public
     + [Int] ERC 
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] transfer #
        - [Ext] transferFrom #
     +  Math 
        - [Int] mul
        - [Int] div
        - [Int] sub
        - [Int] add
     +  Staking (Math)
        - [Pub]  #
        - [Pub] stake #
        - [Pub] claim #
        - [Pub] fetchUnclaimed
        - [Pub] updateReward #
           - modifiers: isAdmin
        - [Pub] updateDecimals #
           - modifiers: isAdmin
        - [Pub] updateLockTime #
           - modifiers: isAdmin
        - [Pub] revokeOwnership #
           - modifiers: isAdmin
        - [Pub] updateVeraSwapContract #
           - modifiers: isAdmin
        - [Pub] fetchCurrentTime