🔵
Pearl Exchange (v1, v1.5)
  • Introduction
    • Pearl Exchange
    • Strategic Partnership
    • Team
  • Tokenomics
    • Ecosystem Tokens
    • Initial Supply and Distribution
    • Emissions Schedule
    • The Farmer Airdrop
  • The Pearl Flywheel
    • ve(3,3) Tokenomics
    • The ve(3,3) Death Spiral
    • The Pearl Flywheel
  • DEX Operations
    • Liquidity Pools
    • Swaps
    • Gauge Voting & Bribes
  • Protocol Details
    • Brand Assets
    • Contract Addresses v1.5
    • Contract Addresses v1
    • Official Links
    • Security
Powered by GitBook
On this page
  • Codebase Background
  • Multisig
  1. Protocol Details

Security

PreviousOfficial Links

Last updated 4 months ago

Codebase Background

Pearl Exchange is a THENA fork. THENA's codebase was adapted from Velodrome codebase, which was lifted directly from the Solidly smart contracts which were made open source in March 2022.

THENA was completely audited by PeckShield on March 25, 2023:

The original Solidly AMM has been audited by PeckShield, which revealed 5 low-severity and 1 informal findings. There have been no security-related incidents involving Solidly smart contracts since their deployment on Fantom in February 2022.

The Velodrome's code was subject to a security audit and peer review during a Code4rena bug bounty contest. The Code4rena contest results were released on August 8, 2022 and are available here. All high or medium-risk issues were fixed prior to deployment, except for a known problem (users being able to claim rewards from ExternalBribe contracts multiple times), which has been rectified using a wrapped contract approach. No user funds are at risk from this vulnerability. Velodrome also engaged with Coelacanth (@ImpossibleNFT) for an informal full audit. Reports from that audit are available here.

The main differences between Solidly's/THENA's original code and Pearl Exchange's code are:

  • THENA minter has been modified slightly to adjust for our optimized approach on rebase protection. THENA's code allowed us to configure the cap, we updated the code slightly to change the slope, adding a slope parameter into the code which we multiply in the calculate_rebase function.

  • $Pearl ERC-20 written fresh using the standard OpenZeppelin contract format

  • Pearl uses Velodrome's Pair and PairFees contracts

  • Voter contract modified, only allowing gauges to be created if one of the pool tokens is USDR. The governor (multisig) can bypass that rule and create a gauge for any pool.

  • No additional (functional) code was changed. Additional updates include:

    • Hard-coded values (addresses) have been updated to work with our protocol and assets

    • Automation contracts were modified to work with Gelato, rather than Chainlink

    • Front end was designed and built to align Pearl with Thena's build

    • General formatting

  • The airdrop distribution contract was written from scratch

Multisig

All contract modifications will be made through a 4/5 multisig.

Address

0x3265d353943c7A01806Dd3CE68bA02fb83B57042

0xEd41f5967252248412E6C69475ae8a5A4274A6f8

0x175D1Ba3e7ebe64C239ed097e9c1076eB65f20a7

0xB02B5d046c37301f0CF5caa25c3A437314CE2FD0

0xe220a27b0905037532c3D64eb2cFb95221079752

371KB
PeckShield-Audit-Report-Thena-v1.0.pdf
pdf
396KB
PeckShield-Audit-Report-Solidly-v1.0.pdf
pdf