Platform: Code4rena
Start Date: 17/02/2023
End Date: 22/02/2023
Period: 5 days
Status: Completed
Pot Size: $38,600 USDC
Participants: 5
Reporter: itsmetechjay
Judge: GalloDaSballo
Id: 217
League: ETH
0xsomeone | 1/5 | $0.00 | 3 | 1 | 0 | 2 | 0 | Grade A | 0 | 0 |
bin2chen | 2/5 | $0.00 | 2 | 1 | 0 | 1 | 0 | Grade A | 0 | 0 |
hihen | 3/5 | $0.00 | 3 | 1 | 0 | 2 | 0 | Grade A | 0 | 0 |
0x52 | 4/5 | $0.00 | 3 | 0 | 0 | 3 | 2 | Grade B | 0 | 0 |
AkshaySrivastav | 5/5 | $0.00 | 2 | 1 | 0 | 1 | 0 | 0 | 0 | 0 |
Auditor per page
This repo contains source contracts and testing suites for the MCAG contracts and the KUMA Protocol. Each corresponding project directory contains documentation in the /docs folder.
The src/kuma-protocol/ folder contains the contracts that comprise the decentralized KUMA protocol. See docs/kuma-protocol/ for KUMA protocol docs.
The src/mcag-contracts/ contains contracts that are managed by the centralized MCAG entity. See docs/mcag-contracts/ for MCAG contracts docs.
All other files in the repo
Please see the docs/ folder for more context.
- If you have a public code repo, please share it here: n/a - How many contracts are in scope?: 22 - Total SLoC for these contracts?: 1634 - How many external imports are there?: n/a - How many separate interfaces and struct definitions are there for the contracts within scope?: 3 structs, 10 interfaces - Does most of your code generally use composition or inheritance?: inheritance - How many external calls?: n/a - What is the overall line coverage percentage provided by your tests?: 100% - Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?: KUMA Protocol will depend on the Mimo Capital AG contracts - Please describe required context: Please read the docs in each respective folder - Does it use an oracle?: No - Does the token conform to the ERC20 standard?: Yes - Are there any novel or unique curve logic or mathematical models?: No - Does it use a timelock function?: No - Is it an NFT?: Yes - Does it have an AMM?: No - Is it a fork of a popular project?: No - Does it use rollups?: No - Is it multi-chain?: No - Does it use a side-chain?: No
This repo contains relevant tests for the two source projects. To run tests:
git submodule update --initforge testMake sure forge is at least on the following version: forge 0.2.0 (1a56901 2023-02-15T00:05:20.802314Z)
To skip invariant and fuzz tests run forge test --no-match-path "{*invariant*,*fuzz*}"
Alternatively use the following quickstart command:
rm -Rf 2023-02-kuma || true && git clone https://github.com/code-423n4/2023-02-kuma.git -j8 --recurse-submodules && cd 2023-02-kuma && git submodule update --init && foundryup && forge install && forge build && forge test --gas-report
The root folder contains a slither.config.json file that can be used to run static analysis on the kuma-protocol project. Refer to the foundry docs on how to run Slither
For the following files the invariants should be run with fail_on_revert = true in the foundry.toml:
[invariant] runs = 256 depth = 256 fail_on_revert = true
Then run the tests with forge test --match-path "*fail.on.revert*"