Core Protocol Security Audit

Audit Overview

We were tasked with performing an audit of the Beanstalk codebase and in particular their complete stablecoin protocol implementation.

Over the course of the audit, we were able to pinpoint a significant vulnerability in plot transfers as well as several potentially exploitable attack vectors.

Additionally, we identified certain discrepancies between the whitepaper and the codebase around weather conditions as well as incentive times for BIPs.

The codebase contains code that has been imported from several other projects including Alpha Homora, DyDx and the 0x protocol all of which was validated for any discrepancies and properly documented in case any changes were needed to standardize the code.

Overall, the codebase has been developed to a high standard although it is relatively lackluster in in-line documentation which we urge the Beanstalk team to enhance.

In addition to the security vulnerabilities identified within the report, we have performed an extensive gas optimization analysis of the codebase to attempt to rigorously optimize several aspects of the code all of which have been listed in the respective Code Style chapter.

Post-Audit Conclusion

The Beanstalk team proceeded with applying remediations to all findings in a private codebase that we reviewed and consequently approved for merge with the public development repository.

All findings were either adequately dealt with or provided with sufficient additional material to be considered as nullified with the Beanstalk team assimilating all optimizational exhibits into the codebase wherever applicable.

The codebase of the Beanstalk team can be considered of a very high standard and no outstanding issues remain within the codebase.

Contracts Assessed

Files in Scope Repository Commit(s)
AppStorage.sol (ASE) Beanstalk 61a638bb43,
ee4720cdb4
Bip.sol (BIP) Beanstalk 61a638bb43,
ee4720cdb4
Bean.sol (BEA) Beanstalk 61a638bb43,
ee4720cdb4
BeanSilo.sol (BSO) Beanstalk 61a638bb43,
ee4720cdb4
BeanDibbler.sol (BDR) Beanstalk 61a638bb43,
ee4720cdb4
C.sol (PRO) Beanstalk 61a638bb43,
ee4720cdb4
ClaimFacet.sol (CFT) Beanstalk 61a638bb43,
ee4720cdb4
ConvertSilo.sol (CSO) Beanstalk 61a638bb43,
ee4720cdb4
ConvertFacet.sol (CFE) Beanstalk 61a638bb43,
ee4720cdb4
Decimal.sol (DEC) Beanstalk 61a638bb43,
ee4720cdb4
Diamond.sol (DIA) Beanstalk 61a638bb43,
ee4720cdb4
Dibbler.sol (DIB) Beanstalk 61a638bb43,
ee4720cdb4
DiamondCutFacet.sol (DCF) Beanstalk 61a638bb43,
ee4720cdb4
DiamondLoupeFacet.sol (DLF) Beanstalk 61a638bb43,
ee4720cdb4
FieldFacet.sol (FFT) Beanstalk 61a638bb43,
ee4720cdb4
FundraiserFacet.sol (FFE) Beanstalk 61a638bb43,
ee4720cdb4
GovernanceFacet.sol (GFT) Beanstalk 61a638bb43,
ee4720cdb4
InitBip0.sol (IB0) Beanstalk 61a638bb43,
ee4720cdb4
InitBip1.sol (IB1) Beanstalk 61a638bb43,
ee4720cdb4
InitBip2.sol (IB2) Beanstalk 61a638bb43,
ee4720cdb4
InitBip5.sol (IB5) Beanstalk 61a638bb43,
ee4720cdb4
InitBip7.sol (IB7) Beanstalk 61a638bb43,
ee4720cdb4
InitEmpty.sol (IEY) Beanstalk 61a638bb43,
ee4720cdb4
InitDiamond.sol (IDD) Beanstalk 61a638bb43,
ee4720cdb4
InitHotFix2.sol (IHF) Beanstalk 61a638bb43,
ee4720cdb4
InitHotFix3.sol (PRT) Beanstalk 61a638bb43,
ee4720cdb4
InitHotFix4.sol (PRC) Beanstalk 61a638bb43,
ee4720cdb4
InitHotFix5.sol (PRL) Beanstalk 61a638bb43,
ee4720cdb4
InitFundraiser.sol (IFR) Beanstalk 61a638bb43,
ee4720cdb4
Life.sol (LIF) Beanstalk 61a638bb43,
ee4720cdb4
LPSilo.sol (LPS) Beanstalk 61a638bb43,
ee4720cdb4
LibMeta.sol (LMA) Beanstalk 61a638bb43,
ee4720cdb4
LibCheck.sol (LCK) Beanstalk 61a638bb43,
ee4720cdb4
LibClaim.sol (LCM) Beanstalk 61a638bb43,
ee4720cdb4
LibEIP712.sol (LEI) Beanstalk 61a638bb43,
ee4720cdb4
LibMarket.sol (LMT) Beanstalk 61a638bb43,
ee4720cdb4
LibConvert.sol (LCT) Beanstalk 61a638bb43,
ee4720cdb4
LibDiamond.sol (LDD) Beanstalk 61a638bb43,
ee4720cdb4
LibInternal.sol (LIL) Beanstalk 61a638bb43,
ee4720cdb4
LibIncentive.sol (LIE) Beanstalk 61a638bb43,
ee4720cdb4
LibAppStorage.sol (LAS) Beanstalk 61a638bb43,
ee4720cdb4
OracleFacet.sol (OFT) Beanstalk 61a638bb43,
ee4720cdb4
OwnershipFacet.sol (OFE) Beanstalk 61a638bb43,
ee4720cdb4
PodTransfer.sol (PTR) Beanstalk 61a638bb43,
ee4720cdb4
Sun.sol (SUN) Beanstalk 61a638bb43,
ee4720cdb4
Silo.sol (SIL) Beanstalk 61a638bb43,
ee4720cdb4
SiloExit.sol (SET) Beanstalk 61a638bb43,
ee4720cdb4
SiloFacet.sol (SFT) Beanstalk 61a638bb43,
ee4720cdb4
SeasonFacet.sol (SFE) Beanstalk 61a638bb43,
ee4720cdb4
SiloEntrance.sol (SEE) Beanstalk 61a638bb43,
ee4720cdb4
UpdateSilo.sol (USO) Beanstalk 61a638bb43,
ee4720cdb4
UniswapV2OracleLibrary.sol (UVO) Beanstalk 61a638bb43,
ee4720cdb4
VotingBooth.sol (VBH) Beanstalk 61a638bb43,
ee4720cdb4
Weather.sol (WEA) Beanstalk 61a638bb43,
ee4720cdb4

Audit Synopsis

Severity Identified Alleviated Partially Alleviated Acknowledged
4 4 0 0
6 6 0 0
14 14 0 0
52 52 0 0

During the audit, we filtered and validated a total of 8 findings utilizing static analysis tools as well as identified a total of 68 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.

pie title Total Issues "Major" : 4 "Medium" : 6 "Minor" : 14 "Informational" : 52

The list below covers each segment of the audit in depth and links to the respective chapter of the report:

Next

Compilation