If you notice some outdated information please let us know!
Process Quality Review (0.8)
Euler Finance
PASS
Security Incidents
Scoring Appendix
The final review score is indicated as a percentage. The percentage is calculated as Achieved Points due to MAX Possible Points. For each element the answer can be either Yes/No or a percentage. For a detailed breakdown of the individual weights of each question, please consult this document.
Very simply, the audit looks for the following declarations from the developer's site. With these declarations, it is reasonable to trust the smart contracts.
- Here is my smart contract on the blockchain
- You can see it matches a software repository used to develop the code
- Here is the documentation that explains what my smart contract does
- Here are the tests I ran to verify my smart contract
- Here are the audit(s) performed to review my code by third party experts
This report is for informational purposes only and does not constitute investment advice of any kind, nor does it constitute an offer to provide investment advisory or other services. Nothing in this report shall be considered a solicitation or offer to buy or sell any security, token, future, option or other financial instrument or to offer or provide any investment advice or service to any person in any jurisdiction. Nothing contained in this report constitutes investment advice or offers any opinion with respect to the suitability of any security, and the views expressed in this report should not be taken as advice to buy, sell or hold any security. The information in this report should not be relied upon for the purpose of investing. In preparing the information contained in this report, we have not taken into account the investment needs, objectives and financial circumstances of any particular investor. This information has no regard to the specific investment objectives, financial situation and particular needs of any specific recipient of this information and investments discussed may not be suitable for all investors.
Any views expressed in this report by us were prepared based upon the information available to us at the time such views were written. The views expressed within this report are limited to DeFiSafety and the author and do not reflect those of any additional or third party and are strictly based upon DeFiSafety, its authors, interpretations and evaluation of relevant data. Changed or additional information could cause such views to change. All information is subject to possible correction. Information may quickly become unreliable for various reasons, including changes in market conditions or economic circumstances.
This completed report is copyright (c) DeFiSafety 2023. Permission is given to copy in whole, retaining this copyright label.
Smart Contracts & Team
100%
This section looks at the code deployed on the relevant chain that gets reviewed and its corresponding software repository. The document explaining these questions is here.
1. Are the smart contract addresses easy to find? (%)
They can be found at https://docs.euler.finance/protocol/addresses#mainnet, and at https://github.com/euler-xyz/euler-contracts/tree/master/addresses as indicated in the Appendix.
2. How active is the primary contract? (%)
3. Does the protocol have a public software repository? (Y/N)
Locations: https://github.com/euler-xyz/euler-contracts
4. Is there a development history visible? (%)
With 110 branches and 539 commits, it is safe to say that Euler's contract repository is quite active.
5. Is the team public (not anonymous)?
We were able to find 3 non-anonymous developers alongside 2 pseudonymous developers. Please note that Anton does not seem to be a significant contributor, and Kasper and Doug seem to have a limited digital footprint. Kasper Pawlowski https://ca.linkedin.com/in/kasperpawlowski https://github.com/kasperpawlowski Doug Hoyte https://hoytech.com/ https://github.com/hoytech Anton Bukov https://twitter.com/k06a https://github.com/k06a
Documentation
84%
This section looks at the software documentation. The document explaining these questions is here.
6. Is there a whitepaper? (Y/N)
Location: https://docs.euler.finance/getting-started/white-paper
7. Is the protocol's software architecture documented? (Y/N)
This protocol's software architecture is documented here.
8. Does the software documentation fully cover the deployed contracts' source code? (%)
There is complete coverage of interface contracts by software function documentation.
9. Is it possible to trace the documented software to its implementation in the protocol's source code? (%)
There is implicit traceability between interface contracts' software documentation and implemented code. In addition to the coverage of interface contracts, there are some other contracts with some of their functions documented. Due to implicit traceability and limited number of contracts covered, we multiplied 60% (guidance) by 80% (coverage of contracts).
Testing
97%
10. Has the protocol tested their deployed code? (%)
Code examples are in the Appendix at the end of this report.. As per the SLOC, there is 10051/3049= ~330% testing to code (TtC). This score is guided by the Test to Code ratio (TtC).
11. How covered is the protocol's code? (%)
A coverage report can be found at this location, where they receive a 98% on their smart contracts' coverage.
12. Does the protocol provide scripts and instructions to run their tests? (Y/N)
Scripts/Instructions location: https://github.com/euler-xyz/euler-contracts#generate-coverage-report
13. Is there a detailed report of the protocol's test results?(%)
GitHub code coverage report visible here.
14. Has the protocol undergone Formal Verification? (Y/N)
This protocol has undergone formal verification by Certora.
15. Were the smart contracts deployed to a testnet? (Y/N)
This protocol has been deployed to Ropsten.
Security
100%
This section looks at the 3rd party software audits done. It is explained in this document.
16. Is the protocol sufficiently audited? (%)
A directory to all audits can be found here https://docs.euler.finance/security/smart-contract-audits Euler Finance was audited by Solidified on May 7th 2021, Halborn on June 4th 2021, Certora on October 31st 2021, Sherlock on December 9th 2021, and Omniscia in March 2022. Euler Finance was deployed on December 13th 2021, meaning all audits were performed before deployment onto mainnet. Solidified uncovered 4 minor issues, all of which were simply acknowledged. In addition, there was a warning indicating that their unorthodox architecture could lead to undetected security risks. Lastly, Solidified added 3 notes. Halborn found 2 low risk issues and 3 informational issues. All issues were remediated by accepting risk or acklowledging issue. Certora's formal verification found 3 high, 4 medium, and 2 low severity issues in addition to one recommendation for gas optimization. All high severity issues were fixed, all medium issues were acknowledged, with the exception of one which was fixed by a patch from a prior high priority issue. Both low severity issues were fixed, and Certora's gas optimization suggestion was implemented. Sherlock uncovered 1 high, 2 medium, 6 low, 4 minor, and 1 undetermined severity issue. The high severity issue was acknowledged, stating that risks related to Uniswap V3's TWAP is mitigated using their oracle risk assessment strategies. Both medium issues were fixed, all other issues were acknowledged. Omniscia audited 3 of Euler's contracts. All relevant contracts were audited once at the very least, while many core contracts were audited 3 or 4 times over. Smart Contract audit coverage is outlined in the Team Section of the appendices.
17. Is the bounty value acceptably high (%)
Euler Finance offers an active bug bounty of $1M. In addition, Euler has $10M of smart contract coverage from Sherlock.
Admin Controls
87%
This section covers the documentation of special access controls for a DeFi protocol. The admin access controls are the contracts that allow updating contracts or coefficients in the protocol. Since these contracts can allow the protocol admins to "change the rules", complete disclosure of capabilities is vital for user's transparency. It is explained in this document.
18. Is the protocol's admin control information easy to find?
Admin control information was documented at this location. Governance is then further discussed in this section of their docs. This was quick to find.
19. Are relevant contracts clearly labelled as upgradeable or immutable? (%)
20. Is the type of smart contract ownership clearly indicated? (%)
Contracts are clearly indicated as in the hands of EUL holders.
21. Are the protocol's smart contract change capabilities described? (%)
22. Is the protocol's admin control information easy to understand? (%)
This information is easy to understand in non-software specific language.
23. Is there sufficient Pause Control documentation? (%)
There is no evidence of Euler Finance contracts being pausable.
24. Is there sufficient Timelock documentation? (%)
There is a 48 hour timelock documented in the docs. Relevant explanations on decisions are identified.
25. Is the Timelock of an adequate length? (Y/N)
There is likely a 48 hour timelock, according to their documentation.
Oracles
100%
This section goes over the documentation that a protocol may or may not supply about their Oracle usage. Oracles are a fundamental part of DeFi as they are responsible for relaying tons of price data information to thousands of protocols using blockchain technology. Not only are they important for price feeds, but they are also an essential component of transaction verification and security. These questions are explained in this document.
26. Is the protocol's Oracle sufficiently documented? (%)
The protocol's oracle source is described when interacting with the frontend. Euler Finance's infrastructure for rating oracles is in fact quite interesting, we recommend the read.
27. Is front running mitigated by this protocol? (Y/N)
Front running is mitigated by respective oracles and oracle risk adjustment.
28. Can flashloan attacks be applied to the protocol, and if so, are those flashloan attack risks mitigated? (Y/N)
Although Uniswap V3's TWAP can be manipulated with varying amounts of cryptocurrency, we still consider the presence of a TWAP sufficient for flashloan protection. We must additionally take note that Uniswap V3's TWAP is not the only price feed used. Lastly, there is additional flashloan protection provided by .../contracts/adaptors/FlashLoan.sol contract.
Appendices
1pragma solidity ^0.8.0;
2
3import "./Base.sol";
4
5
6/// @notice Main storage contract for the Euler system
7contract Euler is Base {
8 constructor(address admin, address installerModule) {
9 emit Genesis();
10
11 reentrancyLock = REENTRANCYLOCK__UNLOCKED;
12 upgradeAdmin = admin;
13 governorAdmin = admin;
14
15 moduleLookup[MODULEID__INSTALLER] = installerModule;
16 address installerProxy = _createProxy(MODULEID__INSTALLER);
17 trustedSenders[installerProxy].moduleImpl = installerModule;
18 }
19
20 string public constant name = "Euler Protocol";
21
22 /// @notice Lookup the current implementation contract for a module
23 /// @param moduleId Fixed constant that refers to a module type (ie MODULEID__ETOKEN)
24 /// @return An internal address specifies the module's implementation code
25 function moduleIdToImplementation(uint moduleId) external view returns (address) {
26 return moduleLookup[moduleId];
27 }
28
29 /// @notice Lookup a proxy that can be used to interact with a module (only valid for single-proxy modules)
30 /// @param moduleId Fixed constant that refers to a module type (ie MODULEID__MARKETS)
31 /// @return An address that should be cast to the appropriate module interface, ie IEulerMarkets(moduleIdToProxy(2))
32 function moduleIdToProxy(uint moduleId) external view returns (address) {
33 return proxyLookup[moduleId];
34 }
35
36 function dispatch() external {
37 uint32 moduleId = trustedSenders[msg.sender].moduleId;
38 address moduleImpl = trustedSenders[msg.sender].moduleImpl;
39
40 require(moduleId != 0, "e/sender-not-trusted");
41
42 if (moduleImpl == address(0)) moduleImpl = moduleLookup[moduleId];
43
44 uint msgDataLength = msg.data.length;
45 require(msgDataLength >= (4 + 4 + 20), "e/input-too-short");
46
47 assembly {
48 let payloadSize := sub(calldatasize(), 4)
49 calldatacopy(0, 4, payloadSize)
50 mstore(payloadSize, shl(96, caller()))
51
52 let result := delegatecall(gas(), moduleImpl, 0, add(payloadSize, 20), 0, 0)
53
54 returndatacopy(0, 0, returndatasize())
55
56 switch result
57 case 0 { revert(0, returndatasize()) }
58 default { return(0, returndatasize()) }
59 }
60 }
61}
JavaScript Tests
Tests to Code: 11879 / 3049 = 390 %