Audit with Zellic
Protocol security is a top priority for the Midas Capital team. Audits are one of the many tools that the Midas team utilizes to ensure the codebase is free from errors and potential exploits.
We are excited to share that our codebase has just been audited by Zellic with 0 critical or major findings identified.
Midas Team approached researchers at Zellic, to review our contracts, oracles, and the pools created for our future allies.
Zellic conducted the audit within the two weeks period, the article will take a quick look at their findings, you can see detailed report here.
Results
The Zellic team focused primarily on the following classes of security and reliability issues: basic coding mistakes, business logic errors, complex integration risks, and code maturity.
The focus of the audit was the modified Fuse contracts along with oracle implementations, liquidation strategies for wrapped/deposited tokens, and the custom ERC4626 strategies which wrap yield-bearing proto- cols as specified by the client. Fortunately, no critical issues were found. The audit uncovered 2 findings of medium impact, 2 of low impact, and 2 of informational.
All the findings and recommendations of the research team are being implemented and will be done by the end of the week.
Detailed Findings:
- Unexpected reverts where overflow may be desirable
- Improperly set parameter in constructor may lead to failed redemptions
- Lack of input validation in initialize
- Centralization risk over multiple contracts
- Remove renounceOwnership functionality
- Failing tests and missing coverage in test suite
The first issue was high priority and the most critical, and was fixed immediately. The rest of the findings are a low to medium impact and are being addressed before the official launch.
About Zellic
Zellic was founded in 2020 by a team of blockchain specialists with more than a decade of combined industry experience. They are leading experts in smart contracts and Web3 development, cryptography, web security, and reverse engineering. The team has won countless cybersecurity contests and blockchain security events.
About Midas Capital
Midas Capital is bringing isolated and customizable money markets to EVM-compatible blockchains. Enabling users, DAOs, and protocols to create customized and isolated pools for lending and borrowing any asset, Midas is building a cross-chain ecosystem that democratizes money markets. Pool creators have the flexibility to modify pool parameters (interest rate curves, oracles, collateral factors, pool fee, etc.) according to their risk appetite. With isolated pools, Midas offers stellar features for large-scale institutions, protocols, and traditional investors.
