Prepared by:
HALBORN
Last Updated 06/11/2024
Date of Engagement by: September 18th, 2022 - September 26th, 2022
88% of all REPORTED Findings have been addressed
All findings
8
Critical
0
High
0
Medium
0
Low
0
Informational
8
Moonwell Finance engaged Halborn to conduct a security audit on their Governance smart contracts beginning on September 18th, 2022 and ending on September 26th, 2022. The security assessment was scoped to the smart contracts provided to the Halborn Team.
The Team at Halborn was provided one week for the engagement and assigned a full-time security engineer to audit the security of the smart contract. The security engineer is a blockchain and smart-contract security expert with advanced penetration testing, smart-contract hacking, and deep knowledge of multiple blockchain protocols.
The purpose of this audit is to:
Ensure that smart contract functions operate as intended.
Identify potential security issues with the smart contracts.
In summary, Halborn identified some security risks that were addressed by the Moonwell team.
Halborn performed a combination of manual and automated security testing to balance efficiency, timeliness, practicality, and accuracy regarding the scope of the smart contract audit. While manual testing is recommended to uncover flaws in logic, process, and implementation; automated testing techniques help enhance coverage of smart contracts and can quickly identify items that do not follow security best practices. The following phases and associated tools were used throughout the term of the audit:
Research into architecture and purpose.
Smart Contract manual code review and walkthrough.
Graphing out functionality and contract logic/connectivity/functions(solgraph).
Manual Assessment of use and safety for the critical Solidity variables and functions in scope to identify any arithmetic related vulnerability classes.
Static Analysis of security for scoped contract, and imported functions.(Slither)
Dynamic Analysis (ganache-cli, brownie, hardhat).
\begin{enumerate} \item Moonwell Finance Smart Contracts \begin{enumerate} \item PR 80: \href{https://github.com/moonwell-fi/moonwell-contracts-private/pull/80}{Moonwell Finance - Moonwell Core} \end{enumerate} \end{enumerate}
INSCOPE COMMIT ID :
d248cc9a4fc08849f0a5f5d34560f7998b182d4b
FIX COMMIT ID :
TAG :
Critical
0
High
0
Medium
0
Low
0
Informational
8
Impact x Likelihood
HAL-01
HAL-02
HAL-03
HAL-04
HAL-05
HAL-06
HAL-07
HAL-08
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| MISSING QUORUM CAP COMPARISON CAN BREAK THE GOVERNANCE | Informational | - |
| ABIENCODERV2 IS ACTIVATED BY DEFAULT 0.8+ | Informational | Solved - 09/26/2022 |
| BUMP SOLIDITY VERSION | Informational | Solved - 09/26/2022 |
| NO NEED TO INITIALIZE QUORUMADJUSTED WITH FALSE | Informational | Solved - 09/26/2022 |
| CURRENT QUORUM CAN BE EMITTED DURING THE PROPOSAL CREATION | Informational | Solved - 09/26/2022 |
| USE PREFIX INCREMENT WITH THE UNCHECK CAN SAVE GAS | Informational | Solved - 09/26/2022 |
| SAFEMATH IS ACTIVATED BY DEFAULT AFTER 0.8.X | Informational | Solved - 09/26/2022 |
| MISSING NATSPEC DOCUMENTATION ON THE FUNCTIONS | Informational | Solved - 09/26/2022 |
// Informational
// Informational
ABIEncoderV2 is being stated in a solidity version 0.8+ which is not needed since ABIEncoderV2 is activated by default 0.8+.
pragma solidity 0.8.10;
pragma experimental ABIEncoderV2;
import "./IERC20.sol";
SOLVED: The Moonwell team solved this issue by removing ABIEncoderV2.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
During the review the newest version of solidity was released with the important bug fixes & Bug.
pragma solidity 0.8.10;
pragma experimental ABIEncoderV2;
import "./IERC20.sol";
SOLVED: The Moonwell team solved this issue by updating pragma to 0.8.17.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
boolean variable are initialized to a default value of false per Solidity docs. Setting a variable to the default value is unnecessary.
MoonwellApolloGovernor.sol#L278
Proposal storage newProposal = proposals[proposalCount];
newProposal.id = proposalCount;
newProposal.proposer = msg.sender;
newProposal.eta = 0;
newProposal.targets = targets;
newProposal.values = values;
newProposal.signatures = signatures;
newProposal.calldatas = calldatas;
newProposal.startTimestamp = startTimestamp;
newProposal.endTimestamp = endTimestamp;
newProposal.startBlock = 0;
newProposal.forVotes = 0;
newProposal.againstVotes = 0;
newProposal.abstainVotes = 0;
newProposal.totalVotes = 0;
newProposal.canceled = false;
newProposal.executed = false;
newProposal.quorum = currentQuorum;
newProposal.quorumAdjusted = false;
SOLVED: The Moonwell team solved this issue by removing explicit initialization.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
Events allow capturing the changed parameters so that off-chain tools/interfaces can register such changes with timelocks that allow users to evaluate them and consider if they would like to engage/exit based on how they perceive the changes as affecting the trustworthiness of the protocol or profitability of the implemented financial services. The alternative of directly querying on-chain contract state for such changes is not considered practical for most users/usages. In the implementation, current quorum is not emitted on the proposal generation.
MoonwellApolloGovernor.sol#L282
Proposal storage newProposal = proposals[proposalCount];
newProposal.id = proposalCount;
newProposal.proposer = msg.sender;
newProposal.eta = 0;
newProposal.targets = targets;
newProposal.values = values;
newProposal.signatures = signatures;
newProposal.calldatas = calldatas;
newProposal.startTimestamp = startTimestamp;
newProposal.endTimestamp = endTimestamp;
newProposal.startBlock = 0;
newProposal.forVotes = 0;
newProposal.againstVotes = 0;
newProposal.abstainVotes = 0;
newProposal.totalVotes = 0;
newProposal.canceled = false;
newProposal.executed = false;
newProposal.quorum = currentQuorum;
newProposal.quorumAdjusted = false;
latestProposalIds[newProposal.proposer] = proposalCount;
emit ProposalCreated(newProposal.id, msg.sender, targets, values, signatures, calldatas, startTimestamp, endTimestamp, description);
return newProposal.id;
SOLVED: The Moonwell team solved this issue by adding current quorum to the event.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
The code sections use i++ which costs more gas than ++i, especially in a loop. Finally, the initialization of i = 0 can be skipped, as 0 is the default value.
MoonwellApolloGovernor.sol#L255-L676
function getQuorum() public view returns (uint) {
uint newQuorum = currentQuorum;
// Start at the high water mark
for (uint i = lastQuorumAdjustment + 1; i < proposalCount; i++) {
// Pull state and ignore in flight proposals
ProposalState proposalState = state(i);
if (proposalState == ProposalState.Pending || proposalState == ProposalState.Active) {
continue;
}
// Get the proposal
Proposal storage proposal = proposals[i];
// Only proceed if quorum for this proposal is not yet taken into account.
if (!proposal.quorumAdjusted) {
// If a proposal is canceled, ignore it in quorum calculations.
if (proposalState == ProposalState.Canceled) {
continue;
}
// Adjust quorum in accordance with the proposal.
newQuorum = _calculateNewQuorum(newQuorum, proposal.totalVotes);
}
}
return newQuorum;
}
SOLVED: The Moonwell team solved this issue with using prefix increment.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
Solidity versions >= 0.8.x perform checked arithmetic by default, so the SafeMath library is unnecessary in most cases.
MoonwellApolloGovernor.sol#L704-L713
function add256(uint256 a, uint256 b) internal pure returns (uint) {
uint c = a + b;
require(c >= a, "addition overflow");
return c;
}
function sub256(uint256 a, uint256 b) internal pure returns (uint) {
require(b <= a, "subtraction underflow");
return a - b;
}
SOLVED: The Moonwell team solved this issue with deleting SafeMath from the contract.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
// Informational
Some functions are missing @param for some of their parameters. Given that NatSpec is an important part of code documentation, this affects code comprehension, auditability, and usability.
MoonwellApolloGovernor.sol#L523
function setQuorumCaps(uint newLowerQuorumCap, uint newUpperQuorumCap) external {
require(msg.sender == address(timelock), "only timelock");
if (newLowerQuorumCap != lowerQuorumCap) {
uint oldLowerQuorumCap = lowerQuorumCap;
lowerQuorumCap = newLowerQuorumCap;
emit LowerQuorumCapChanged(oldLowerQuorumCap, newLowerQuorumCap);
}
if (newUpperQuorumCap != upperQuorumCap) {
uint oldUpperQuorumCap = upperQuorumCap;
upperQuorumCap = newUpperQuorumCap;
emit UpperQuorumCapChanged(oldUpperQuorumCap, newUpperQuorumCap);
}
}
SOLVED: The Moonwell team solved this issue by adding natspecs on the functions.
Commit ID: c7da88a3fe3f0062d8a83ba808b648f1da369fec
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
// Download the full report
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed