Bacon Protocol Contract Audit
Contract security and accuracy are critically important to the Bacon Protocol. We intend to keep the funds and loans trusted to the protocol safe, secure, and precisely accurate. All of our contract architecture and code are built with care by focusing on simplicity, clarity, and audit-ability.
On October 18th, BlockHunters completed their security audit on the Bacon Protocol smart contracts for bHOMEs and Eggs developed by the BaconCoin team. After 5 weeks of intensive automated and manual auditing, the audit team has concluded that the Pans and Eggs we developed are free of any major vulnerabilities!
“LoanSnap developers have implemented really good practices in the code, including using Open-Zeppelin and SafeMath libraries that significantly lower the risk of possible miscalculations and errors. All of the contracts, methods and state variables were tested and none of them pose any threat to the contract safety.”
We started working with BlockHunters back in August, when they tested our code against their full TokenGuard suite of automated testing tools for major vulnerabilities such as: Reentrancy, Signature Malleability, Timestamp Dependence and more. That report can be found here.
In their full business-logic audit, the team tested every method and variable of our code and found no major vulnerabilities. The audit investigated the security and accuracy of the code in depth. They even reviewed the accuracy of our code comments. The audit team also meticulously compared the logic in the contracts against both the white paper and our written engineering specifications using multiple methods of calculation.
The two minor issues the audit found are being addressed quickly in our next contract revision. The only code-level issue found is a case where the logic could divide by zero and cause the transaction to fail harmlessly when given invalid inputs. There are also a few places where the code comments need to be updated to be more clear and precise.
Visit the Bacon Protocol homepage to download and read the full report.
With the full confidence of this report, we’ll be preparing to open-source the contract code soon. We are excited to have your eyes on our work and to receive contributions from the community. Please stay tuned for future announcements.
