Lien Protocol’s Smart Contract Audits: Provided By CertiK

CertiK | Aug 17, 2020

Article's Poster

What is Lien?

Lien is a simple and elegant protocol that allows anyone to create a unique derivative contract. Depending on your prediction of the ETH price in the future, the protocol provides users with the opportunity to take advantage of its price development more effectively than just hodling ETH itself.

iDOL is a stablecoin backed by Ethereum derivatives known as SBT, Solid Bond Tokens. Unlike other crypto-collateralized stablecoins, Lien requires no over collateralization or manual adjustments of parameters to maintain the exchange rate.

CertiK was proud to work with Lien to review issues and vulnerabilities in the source code of Lien Protocols Contracts.

Audit Scope and Details

The main goal of the audit was to review the Solidity implementation to uncover bugs that could compromise the software in production. The CertiK team audited the design and implementation of the following smart contracts:

  1. iDOL
  2. Fairswap
  3. Lien Token
  4. Oracle

Each module is utilized to form the iDOL stablecoin as well as provide a way to hold Vickrey auctions for Ether.

Procedural Steps During the Audit

The audit began with the CertiK Security Team inspecting the source code of the Lien Token, Oracle and Fairswap repositories before moving forward with the core iDOL audit. This was because the iDOL repository heavily depended on the aforementioned modules.

During the second phase of the two-week process, CertiK analyzed the source code of the core protocol within iDOL and delved into greater depth on the Fairswap repository to identify any potential vulnerabilities, misalignments with the specifications, and unaccounted for functionalities and/or behaviors.

All findings are split into four categories:

  1. Informational

  2. Minor:

  3. Medium

  4. Major

Results and Conclusions from the Audit

The CertiK team of security experts went through an interactive approach with the Lien team to remediate any findings and point out any mathematical discrepancies that were found within the codebases.

“We maintained a direct real-time communication channel with the Lien team to ease the process of evaluating the remediations as well as go through multiple revisions of a change when necessary. The Lien team was highly responsive and provided code changes for the remediations in a very timely manner,” stated by CertiK’s Engineers.

Overall, the Lien team demonstrated an in-depth understanding of the mathematical formulas involved in the solution they aspire to launch and showcased a healthy code ethics within each project’s codebase.

About CertiK

CertiK is a technology-led blockchain security company founded by Computer Science professors from Yale University and Columbia University built to prove the security and correctness of smart contracts and blockchain protocols.

CertiK’s mission of every audit is to apply different approaches and detection methods, ranging from manual, static, and dynamic analysis to ensure that the project is checked against known attacks and potential vulnerabilities. CertiK leverages a team of seasoned engineers and security auditors to apply testing methodologies and verifications on the project, in turn creating a more secure and robust software system.

CertiK has serviced more than 100 clients with high quality auditing and consulting services, ranging from stablecoins such as Binance’s BGBP and Paxos Gold to decentralized oracles such as Band Protocol and Tellor.