Results of the Least Authority review of the youves smart contracts
IT security reviews are a key component of the quality control over youves and the ubinetic oracles. Today, Least Authority issued its smart contract review report covering the smart contracts of youves and those of the ubinetic oracle service. Least Authority reports no critical issues.
On 21 September 2021 ubinetic received the final smart contract review report of Least Authority (LA) covering the deployed smart contracts of youves, and the deployed smart contracts of the ubinetic oracle.
Findings
LA raised one non-critical issue and noted eight suggestions, three of which were addressed before the issuance of the final report. The non-critical issue reflected on the YOU governance model, that is based on a multisig setup.
Issue A: The Governance Mechanism is Underspecified
LA mentions that the current governance model with a multisig setup could be improved by moving to a method where governance decisions are done via the YOU token. ubinetic recognises the potential to improve the youves governance model and, together with other teams in the ecosystem, actively works on a solution that is expected to be presented to the community in December 2021. The current four out of seven multisig setup assigns one key to ubinetic, one to the Papers team and all other keys are held by independent reputable Tezos ecosystem members. The mechanism is documented and the keyholders are disclosed on youves.
Suggestions
LA noted four as of yet unresolved suggestions, one suggestion is partially resolved.
Suggestion 1: Suggest Greater Transparency in the SmartPy Compiler
LA questioned the safety of SmartPy as a programming language for smart contracts. ubinetic forwarded these concerns to the SmartPy developers. As a mitigating factor, the compiled youves michelson code was reviewed by several experts from the Tezos ecosystem. In addition, youves facilitates an ongoing bug bounty program.
Status: unresolved
Suggestion 3: Improve Test Coverage
The reviewer suggested improving automated test coverage. The value of extensive automated tests is undisputed and a number of additional and value-adding tests have been introduced since the start of the LA review. Ongoing activities in the youves ecosystem further improve the testing setup.
Status: partially resolved
Suggestion 5: Reject Inbound Tez Where Necessary
LA suggested that entry points that are not intended to receive inbound Tez should explicitly reject them. The youves developers agree with the usefulness of such checks but decided to compromise them to manage the overall size of the youves smart contracts. Ecosystem members will continue to improve the code and leverage the (new) capabilities of Tezos after protocol amendments.
Status: unresolved
Suggestion 6: Document Method and Internal_Method Code Pattern
LA suggested separate entry points that retrieve external data and entry points that act upon that data. The current code design with its internal methods is a result of the Tezos blockchain not supporting any return values in functions. However, technical teams note that the Tezos Hangzhou update will add return values and, as a consequence, the current code design may be simplified once Hangzhou is activated.
Status: unresolved
Suggestion 8: Optimize Gas Cost for Fetching Price Information
LA suggested that gas costs could be optimized by reducing the number of price fetches in situations where multiple function calls are executed in a short timeframe. ubinetic agrees with the usefulness of these optimizations. However, as discussed in “Suggestion 5” above, the size of the smart contract and its computational load currently limits the possibility for such improvements.
Status: unresolved
Conclusion
The outcome of the smart contract review report of Least Authority underpins the high quality of the youves code base and allows the community to focus on new developments.
IT security reviews and, more generally, the management of smart contract risks remain a focus area for the youves ecosystem and will be addressed by internal- and external reviews as well as the youves bug bounty program.
