FRAX Finance Audits Its Stablecoin Protocol With CertiK

CertiK | Nov 24, 2020

Article's Poster

NEW YORK, 13/11/2020 – We are excited to announce that Frax’s two-token, highly autonomous stablecoin protocol has been successfully audited with CertiK. Following up, a summary of the auditing process and findings as documented by CertiK Professional Services Division is elaborated.

Use-case Profile

Frax Protocol (FRAX) is an open-source, permissionless fractional-algorithmic stablecoin protocol currently implemented on the Ethereum blockchain.

Unlike most stablecoin protocol designs being either entirely collateralized or entirely algorithmic without backing, Frax’s attempt revolves around implementing both design principles to put forward a pioneering stablecoin protocol.

Frax’s undertaking is based upon the combination of several familiar key concepts:

  • community-run governance and highly autonomous algorithmic approach with no active management.
  • fully on-chain oracles, drawn from Uniswap and Chainlink.
  • two tokens; the stablecoin, FRAX, and a governance token, FXS.

Aiming to transition from a fully collateralized stablecoin to an algorithmic via a factional-collateral phase, the end goal is that Frax provides a decentralized, algorithmic currency of high stability and scalability in place of fixed-supply digital assets like BTC.

Code Review & Auditing Process

The timeline in between which the initial review was conducted was Oct. 11 – Oct. 30 2020. The audit was addressed by CertiK engineers Adrian Hetman and Alex Papageorgiou.

A comprehensive examination has been performed, utilizing Static Analysis and Manual review techniques. The auditing process pays special attention to the following considerations:

  • Testing smart contracts against both common and uncommon attack vectors.
  • Assessing the codebase to ensure compliance with current best practices and industry standards.
  • Ensuring contract logic meets the specifications and intentions of the client.
  • Cross-referencing contract structure and implementation against similar smart contracts produced by industry leaders.
  • Through a line-by-line manual review of the entire codebase.

A total of 39 issues were identified, 3 of which were critical, 8 were major, and 11 minor. In addition, 17 informational issues were found as well.

You can review the full audit here.

About FRAX Finance

The Frax Protocol is the first fractional-algorithmic stablecoin system. Frax is open-source, permissionless, and entirely on-chain – currently implemented on Ethereum (with possible cross-chain implementations in the future). The end goal of the Frax protocol is to provide a highly scalable, decentralized, algorithmic money in place of fixed-supply digital assets like BTC. The protocol incorporates the following concepts:

  • Fractional-Algorithmic – Frax is a unique stablecoin with parts of its supply backed by collateral and parts of the supply algorithmic. The ratio of collateralized and algorithmic depends on the market's pricing of the FRAX stablecoin. If FRAX is trading at above $1, the protocol decreases the collateral ratio. If FRAX is trading at under $1, the protocol increases the collateral ratio.
  • Decentralized & Governance-minimized – Community governed and emphasizing a highly autonomous, algorithmic approach with no active management.
  • Fully on-chain oracles – Frax v1 uses Uniswap (ETH, USDT, USDC time-weighted average prices) and Chainlink (USD price) oracles.

Before Frax, stablecoins were divided into three different categories: fiat collateralized, overcollateralized with cryptocurrency, and algorithmic with no collateral. Frax is the first kind of decentralized stablecoin to classify itself as fractional-algorithmic ushering in the 4th and most unique category.

The Frax Protocol was founded by American software developer Sam Kazemian who came up with the first idea of a fractional-algorithmic stablecoin in 2019.

Sam Kazemian originally devised the idea when he noticed that stablecoins were growing rapidly but none had any mixture of algorithmic monetary policy and collateralization. Projects that had purely algorithmic monetary policy had failed or shut down without any significant traction. Frax was designed as an answer to measure the market’s confidence in a partly algorithmic and partly collateralized stablecoin.

About CertiK

CertiK is an edge-standards cybersecurity firm founded by Computer Science professors hailing from Yale and Columbia University respectively, aiming to improve the security and correctness of smart contracts and blockchain protocols on a global scale.

Leveraging a seasoned team of multi-skilled engineers and security auditors, CertiK’s mission is to apply a plethora of high-level industry practices, covering the entire spectrum of static, manual, and dynamic analyses, in order to ensure each project subject to a formal audit is up-to-date with modern security standards while offering their services to the broader DLT community.

Over the past few years, CertiK has serviced more than 100 top-shelf blockchains, DeFi protocols, among other complex and/or custom smart contracts, including but not limited to Binance, Tera, Bancor, Shapeshift, and Blockstack.

Consult with one of our experts at

Stay connected!

Website| Twitter| Linkedin| GitHub| CertiK Shield