Sooho's Audit Report on Bitbyte
Last updated
Last updated
1. summary
2. Audit method
3. Background of the project
3.1 Project Introduction
3.2 Project structure
3.3 Project structure
4. Code overview
4.1 Visibility analysis of main contract functions
4.2 Code audit details
4.2.1 Medium-Dangerous Vulnerability
4.2.2 Low-risk vulnerabilities
5. Audit results
5.1 Summarize
6. statement
On June 11, 2021, the Sooho security team received the application of Bitbyte team for safety audit of Bitbyte system. According to the characteristics of the project, the Sooho security team made the following audit plan.
Sooho security team will adopt the strategy of "white box first, supplemented by black and gray", and conduct security audit on the project in the way closest to real attack.
Test method of Sooho technology DeFi project:
Black box test
Security test from the attacker's point of view.
grey box testing
Test the security of the code module through script tools, observe the internal running state, and mine the weaknesses.
White box test
Based on the source code of the project, vulnerability analysis and vulnerability mining are carried out.
Sooho technology DeFi vulnerability risk level:
Serious loophole
Serious vulnerabilities will have a significant impact on the safety of the project, and it is strongly recommended to fix them.
High risk vulnerability
High-risk vulnerabilities will affect the normal operation of the project, so it is strongly recommended to fix them.
Medium-risk vulnerability
Medium-risk vulnerabilities will affect the operation of the project, so it is recommended to fix them.
Low-risk vulnerability
Low-risk vulnerabilities may affect the business operation of the project in specific scenarios. It is recommended that the project party evaluate and consider these questions by itself
Whether the question needs to be repaired.
Weaknesses
There are potential safety hazards in theory, but they are extremely difficult to reappear in engineering.
Enhancement suggestions
There are better practices in coding or architecture.
one
The Sooho security team's intelligent contract security audit process consists of two steps:
u Use open source or internal automated analysis tools to scan and test common security vulnerabilities in contract code.
u Manually audit the security of the code, and find out the potential security problems in the code by manually analyzing the contract code.
The following is a list of vulnerabilities that we will focus on during the contract code audit:
(Other unknown security vulnerabilities are not included in the scope of this audit)
u Reentry attack
u Replay attack
u Rearrangement attack
u Short url attack
u Denial of service attack
u Transaction order dependence
u Conditional competition attack
u Permission control attack
u Integer overflow/underflow attack
u Timestamp dependent attack
u Gas use, Gas restriction and circulation
u Redundant callback function
u Unsafe interface usage
u Explicit Visibility of Function State Variables
u logic flaw
u Undeclared storage pointer
u Arithmetic precision error
u Tx.origin authentication
u False recharge vulnerability
u Variable coverage
2
Bitbyte is the first decentralized exchange in the world to complete the invitation completely through the contract and return the commission for mining. It is a decentralized trading product based on the concept of fund pool. As a fully functional Bitbyte, it also proposes and implements a double-chain Bitbyte model based on the fire coin ecological chain and Ethereum public chain. It combines the advantages of low transaction cost of fire coin ecological chain and prosperity of Ethereum ecological circle, and supports the "double mining mechanism" of liquidity mining and transaction mining. Bitbyte is committed to building a DeFi platform integrating Bitbyte, IMO and DAO on Heco, which provides users with decentralized token exchange services that are safer and more reliable, with more diversified asset selection and configuration and higher expected return on investment. Bitbyte is the core hub of value exchange in Heco ecology and an important attempt to open up CeFi and DeFi markets.
contracts
├── Migrations.sol
├── assets
│ ├── Airdrop.sol
│ ├── AirdropZBC.sol
│ ├── BlackHole.sol
│ └── Repurchase.sol
├── governance
│ ├── GovernorAlpha.sol
│ └── Timelock.sol
├── heco
│ ├── Factory.sol
│ ├── HecoPool.sol
│ ├── ZBCTokenHeco.sol
│ ├── Router.sol
│ └── SwapMining.sol
├── interface
│ ├── IERC20.sol
│ ├── IBitbyteFactory.sol
│ ├── IBitbytePair.sol
│ └── IZBC.sol
├── library
│ └── SafeMath.sol
├── mainnet
│ ├── CoinChef.sol
│ └── ZBCToken.sol
├── oracle
│ └── Oracle.sol
└── timeLock
└── TeamTimeLock.sol
The BitbyteOOSWAP project is divided into two parts according to the chain, in which Ethereum chain mainly provides the function of double digging tokens, and users can deposit LP tokens into CoinChef contract to carry out double digging tokens in conjunction with Uniswap token pool. Heco chain provides token transaction pair creation, LP mortgage mining and transaction mining functions. The overall architecture diagram is as follows:
four
CoinChef
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
poolLength
Public
-
-
addSushiLP
Public
can modify state
onlyOwner
isSushiLP
Public
-
-
getSushiLPLength
Public
-
-
getSushiLPAddress
Public
-
-
five
add
Public
can modify state
-
set
Public
can modify state
onlyOwner
setPoolCorr
Public
can modify state
onlyOwner
massUpdatePools
Public
can modify state
-
updatePool
Public
can modify state
-
pending
External
-
-
pendingZBCAndSushi
Private
-
-
pendingZBC
Private
-
-
deposit
Public
can modify state
-
depositZBCAndSushi
Private
can modify state
-
depositZBC
Private
can modify state
-
withdraw
Public
can modify state
-
withdrawZBCAndSushi
Private
can modify state
-
withdrawZBC
Private
can modify state
-
emergencyWithdraw
Public
can modify state
-
emergencyWithdrawZBCAndSushi
Private
can modify state
-
emergencyWithdrawZBC
Private
can modify state
-
safeZBCTransfer
Internal
can modify state
-
BitbyteOracleLibrary
Function Name
Visibility
Mutability
Modifiers
currentBlockTimestamp
Internal
-
-
currentCumulativePrices
Internal
-
-
SwapMining
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
poolLength
Public
-
-
addPair
Public
can modify state
onlyOwner
setPair
Public
can modify state
onlyOwner
setZBCPerBlock
Public
can modify state
onlyOwner
addWhitelist
Public
can modify state
onlyOwner
delWhitelist
Public
can modify state
onlyOwner
getWhitelistLength
Public
-
-
isWhitelist
Public
-
-
getWhitelist
Public
-
-
setHalvingPeriod
Public
can modify state
onlyOwner
setRouter
Public
can modify state
onlyOwner
setOracle
Public
can modify state
onlyOwner
phase
Public
can modify state
-
phase
Public
-
-
reward
Public
-
-
reward
Public
-
-
getZBCReward
Public
-
-
massMintPools
Public
can modify state
-
mint
Public
can modify state
-
swap
Public
can modify state
onlyRouter
takerWithdraw
Public
can modify state
-
seven
getUserReward
Public
-
-
getPoolInfo
Public
-
-
getQuantity
Public
-
-
Oracle
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
update
External
can modify state
-
computeAmountOut
Private
-
-
consult
External
-
-
TransferHelper
Function Name
Visibility
Mutability
Modifiers
safeApprove
Internal
can modify state
-
safeTransfer
Internal
can modify state
-
safeTransferFrom
Internal
can modify state
-
Airdrop
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
poolLength
External
-
-
newAirdrop
Public
can modify state
onlyOwner
updatePoolLastRewardBlock
Private
can modify state
-
setCycle
Public
can modify state
onlyOwner
add
Public
can modify state
onlyOwner
set
Public
can modify state
onlyOwner
massUpdatePools
Public
can modify state
-
updatePool
Public
can modify state
-
pending
External
-
-
deposit
Public
can modify state
-
withdraw
Public
can modify state
-
emergencyWithdraw
Public
can modify state
-
safeWhtTransfer
Internal
can modify state
-
BitbyteER20
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
_mint
Internal
can modify state
-
_burn
Internal
can modify state
-
_approve
Private
can modify state
-
_transfer
Private
can modify state
-
approve
External
can modify state
-
transfer
External
can modify state
-
transferFrom
External
can modify state
-
permit
External
can modify state
-
BitbytePair
Function Name
Visibility
Mutability
Modifiers
getReserves
Public
-
-
_safeTransfer
Private
can modify state
-
constructor
Public
can modify state
-
initialize
External
can modify state
-
_update
Private
can modify state
-
_mintFee
Private
can modify state
-
mint
External
can modify state
burn
External
can modify state
lock
swap
External
can modify state
lock
skim
External
can modify state
lock
sync
External
can modify state
lock
price
Public
-
-
BitbyteFactory
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
allPairsLength
External
-
-
createPair
External
can modify state
-
setFeeTo
External
can modify state
-
setFeeToSetter
External
can modify state
-
setFeeToRate
External
can modify state
-
sortTokens
Public
-
-
pairFor
Public
-
-
getReserves
Public
-
-
quote
Public
-
-
getAmountOut
Public
-
-
getAmountIn
Public
-
-
getAmountsOut
Public
-
-
getAmountsIn
Public
-
-
UQ112x112
Function Name
Visibility
Mutability
Modifiers
encode
Internal
-
-
uqdiv
Internal
-
-
HecoPool
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
setHalvingPeriod
Public
can modify state
onlyOwner
setZBCPerBlock
Public
can modify state
onlyOwner
poolLength
Public
-
NO
addMultLP
Public
can modify state
onlyOwner
isMultLP
Public
-
NO
getMultLPLength
Public
-
-
getMultLPAddress
Public
-
-
setPause
Public
can modify state
onlyOwner
setMultLP
Public
can modify state
onlyOwner
replaceMultLP
Public
can modify state
onlyOwner
add
Public
can modify state
onlyOwner
set
Public
can modify state
onlyOwner
setPoolCorr
Public
can modify state
onlyOwner
phase
Public
-
-
reward
Public
-
-
getZBCBlockReward
Public
-
-
massUpdatePools
Public
can modify state
-
updatePool
Public
can modify state
-
pending
External
-
-
pendingZBCAndToken
Private
-
-
pendingZBC
Private
-
-
deposit
Public
can modify state
notPause
depositZBCAndToken
Private
can modify state
-
depositZBC
Private
can modify state
-
withdraw
Public
can modify state
notPause
withdrawZBCAndToken
Private
can modify state
-
withdrawZBC
Private
can modify state
-
emergencyWithdraw
Public
can modify state
notPause
emergencyWithdrawZBCAndToken
Private
can modify state
-
emergencyWithdrawZBC
Private
can modify state
-
safeZBCTransfer
Internal
can modify state
-
12
DelegateERC20
Function Name
Visibility
Mutability
Modifiers
_mint
Internal
can modify state
-
_transfer
Internal
can modify state
-
delegate
External
can modify state
-
delegateBySig
External
can modify state
-
getCurrentVotes
External
-
-
getPriorVotes
External
-
-
_delegate
Internal
-
-
_moveDelegates
Internal
can modify state
-
_writeCheckpoint
Internal
can modify state
-
safe32
Internal
-
-
getChainId
Internal
-
-
ZBCToken
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
ERC20
mint
Public
can modify state
onlyMinter
addMinter
Public
can modify state
onlyOwner
delMinter
Public
can modify state
onlyOwner
getMinterLength
Public
-
-
isMinter
Public
-
-
getMinter
Public
-
onlyOwner
BitbyteRouter
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
fallback
External
payable
-
pairFor
Public
-
-
setSwapMining
Public
can modify state
onlyOwner
_addLiquidity
Internal
can modify state
-
addLiquidity
External
can modify state
ensure
addLiquidityETH
External
payable
ensure
removeLiquidity
Public
can modify state
ensure
removeLiquidityETH
Public
can modify state
ensure
removeLiquidityWithPermit
External
can modify state
-
removeLiquidityETHWithPermit
External
can modify state
-
removeLiquidityETHSupportingFeeOn TransferTokens
Public
can modify state
-
removeLiquidityETHWithPermit SupportingFeeOnTransferTokens
External
can modify state
-
_swap
Internal
can modify state
-
swapExactTokensForTokens
External
can modify state
ensure
swapTokensForExactTokens
External
can modify state
ensure
swapExactETHForTokens
External
payable
ensure
swapTokensForExactETH
External
can modify state
ensure
swapExactTokensForETH
External
can modify state
ensure
swapETHForExactTokens
External
payable
ensure
_swapSupportingFeeOnTransferTokens
Internal
can modify state
-
swapExactTokensForTokensSupporting FeeOnTransferTokens
External
can modify state
ensure
swapExactETHForTokensSupportingFee OnTransferTokens
External
payable
ensure
swapExactTokensForETHSupportingFee OnTransferTokens
External
can modify state
ensure
quote
Public
-
-
getAmountOut
Public
-
-
getAmountIn
Public
-
-
getAmountsOut
Public
-
-
getAmountsIn
Public
-
-
TeamTimeLock
Function Name
Visibility
Mutability
Modifiers
constructor
Public
can modify state
-
getBalance
Public
-
-
getReward
Public
-
-
withDraw
External
can modify state
-
setBeneficiary
Public
can modify state
-
15
In SwapMining contract, the problem that users use lightning loan for exchange is not considered when calculating the mining amount of users' transactions. When the user uses the lightning loan to trade and mine, the user only needs to pay the handling fee lost in the transaction exchange and the cost of the lightning loan itself, and can forge the transaction of the amount of the lightning loan. Magnifying and falsifying the number of transactions.
Code location: SwapMining.sol swap function
16
Repair status: ignored. After confirmation with the project party, the project party confirms that the cost of such attacks is high. At present, more users are involved in trading and mining activities at the same time. It is difficult for attackers to profit from the enlarged trading volume of Lightning Loan.
Owner right of HecoPool contract can modify sensitive parameters, add new token pool and double dig pool, etc. There is a problem of excessive permissions. This function belongs to the needs of business design and can not directly affect the assets of users. It is recommended to add event records to facilitate community users to change parameter settings
function setMultLP(address _multLpToken, address _multLpChef) public onlyOwner { require(_multLpToken ! = address(0) && _multLpChef ! = address(0), "is the zero address");
multLpToken = _multLpToken; multLpChef = _multLpChef;
}
function replaceMultLP(address _multLpToken, address _multLpChef) public
onlyOwner {
require(_multLpToken ! = address(0) && _multLpChef ! = address(0), "is the zero address"); require(paused == true, "No mining suspension");
multLpToken = _multLpToken;
multLpChef = _multLpChef; uint256 length = getMultLPLength();
while (length > 0) {
address dAddress = EnumerableSet.at(_multLP, 0); uint256 pid = LpOfPid[dAddress];
IMasterChefHeco(multLpChef).emergencyWithdraw(poolCorrespond[pid]);
17
EnumerableSet.remove(_multLP, dAddress); length--;
}
}
/ Addanewlptothepool.Canonlybecalledbytheowner.
/ XXXDONOTaddthesameLPtokenmorethanonce.Rewardswillbemessedupifyoudo.
function add(uint256 _allocPoint, IERC20 _lpToken, bool _withUpdate) public
onlyOwner {
require(address(_lpToken) ! = address(0), "_lpToken is the zero address"); if (_withUpdate) {
massUpdatePools();
}
uint256 lastRewardBlock = block.number > startBlock ? block.number : startBlock; totalAllocPoint = totalAllocPoint.add(_allocPoint);
poolInfo.push(PoolInfo({ lpToken : _lpToken, allocPoint : _allocPoint,
lastRewardBlock : lastRewardBlock, accZBCPerShare : 0,
accMultLpPerShare : 0,
totalAmount : 0
}));
LpOfPid[address(_lpToken)] = poolLength() - 1;
}
/ Updatethegivenpool'sZBCallocationpoint.Canonlybecalledbytheowner.
function set(uint256 _pid, uint256 _allocPoint, bool _withUpdate) public
onlyOwner {
if (_withUpdate) { massUpdatePools();
}
totalAllocPoint = totalAllocPoint.sub(poolInfo[_pid].allocPoint).add(_allocPoint); poolInfo[_pid].allocPoint = _allocPoint;
}
/ ThecurrentpoolcorrespondstothepidofthemultLPpool
function setPoolCorr(uint256 _pid, uint256 _sid) public onlyOwner {
require(_pid <= poolLength() - 1, "not find this pool"); poolCorrespond[_pid] = _sid;
}
function phase(uint256 blockNumber) public view returns (uint256) {
18
Repair status: ignored. After communication and discussion with the project side, the parameters of multLpChef and multLpToken are both public at present. Community users can directly obtain the values of parameters and review the setting status of parameters.
Audit conclusion: passed
Audit number: 0X002106170003
Audit time: June 17, 2021
Audit team: Sooho security team
Audit summary: the Sooho security team used manual and internal tools to analyze the code. Two problems were found during the audit. It includes one medium-risk vulnerability and one low-risk vulnerability. After communication and feedback with the project side, it is confirmed that the transaction volume forgery risk in the medium-risk risks found in the audit process is ignored, and the problem of excessive authority in the low-risk risks is ignored. Comprehensive assessment is risk-free
Sooho only issues this report on the facts that occurred or existed before the issuance of this report, and bears corresponding responsibilities for this. Sooho cannot judge the security status of its smart contract and is not responsible for the fact that occurred or existed after it was issued. The safety audit analysis and other contents in this report are only based on the documents and materials provided by the information provider to Sooho as of the issuance of this report (referred to as "provided materials"). Sooho assumes that there is no missing, altered, deleted or concealed information provided. If the information provided is missing, tampered, deleted, concealed or reflected is inconsistent with the actual situation, Sooho shall not be liable for the losses and adverse effects caused thereby.
During the audit, the Sooho security team analyzed the visibility of the core contract, and the results are as follows:
six
eight
nine
lock
10
11
13
14
Dynamic review.
