Security
Last updated
Last updated
Pearl Exchange is a THENA fork. THENA's codebase was adapted from Velodrome codebase, which was lifted directly from the Solidly smart contracts which were made open source in March 2022.
THENA was completely audited by PeckShield on March 25, 2023:
The original Solidly AMM has been audited by PeckShield, which revealed 5 low-severity and 1 informal findings. There have been no security-related incidents involving Solidly smart contracts since their deployment on Fantom in February 2022.
The Velodrome's code was subject to a security audit and peer review during a Code4rena bug bounty contest. The Code4rena contest results were released on August 8, 2022 and are available here. All high or medium-risk issues were fixed prior to deployment, except for a known problem (users being able to claim rewards from ExternalBribe contracts multiple times), which has been rectified using a wrapped contract approach. No user funds are at risk from this vulnerability. Velodrome also engaged with Coelacanth (@ImpossibleNFT) for an informal full audit. Reports from that audit are available here.
The main differences between Solidly's/THENA's original code and Pearl Exchange's code are:
THENA minter has been modified slightly to adjust for our optimized approach on rebase protection. THENA's code allowed us to configure the cap, we updated the code slightly to change the slope, adding a slope parameter into the code which we multiply in the calculate_rebase function.
$Pearl ERC-20 written fresh using the standard OpenZeppelin contract format
Pearl uses Velodrome's Pair and PairFees contracts
Voter contract modified, only allowing gauges to be created if one of the pool tokens is USDR. The governor (multisig) can bypass that rule and create a gauge for any pool.
No additional (functional) code was changed. Additional updates include:
Hard-coded values (addresses) have been updated to work with our protocol and assets
Automation contracts were modified to work with Gelato, rather than Chainlink
Front end was designed and built to align Pearl with Thena's build
General formatting
The airdrop distribution contract was written from scratch
All contract modifications will be made through a 4/5 multisig.
| Address |
|---|
0x3265d353943c7A01806Dd3CE68bA02fb83B57042 |
0xEd41f5967252248412E6C69475ae8a5A4274A6f8 |
0x175D1Ba3e7ebe64C239ed097e9c1076eB65f20a7 |
0xB02B5d046c37301f0CF5caa25c3A437314CE2FD0 |
0xe220a27b0905037532c3D64eb2cFb95221079752 |