Runtime Verification audits QuipuSwap Stableswap DEX Factory Mode

Runtime Verification is thrilled to announce the QuipuSwap Stableswap DEX audit completion. QuipuSwap is an automated market-maker built on the Tezos blockchain.

Audit scope

Stable DEX, as a part of the growing QuipuSwap ecosystem, provides a platform for price-efficient stablecoin trading, intending to create a solution for the Tezos ecosystem akin to that Curve and Ellipsis have created for Ethereum and BSC, respectively.

Stableswap DEX is an AMM, built on LIGO, that allows users to create liquidity pools of 2 to 4 assets, and trade them freely. The protocol is comprised of two smart contracts. One, the factory contract, allows users to create pools for holding specific assets. A user would indicate the assets they wish to store and trade, and a contract to hold the assets is created. The other, the dex contract, allows users to interact with and trade assets between other liquidity pools.

The audit only covered LIGO source code contracts and it excluded any deployment and upgrade scripts, off-chain codebase, and client-side portions of the codebase. The audit scope is limited to the Factory mode contracts, while the DEX contract also included a mode that allows users to operate in a standalone fashion apart from the factory contract, this mode was not included in the audit scope. A detailed list of all the contracts, libraries, and interfaces audited can be found in the report.

Methodology

Runtime Verification conducted a manual code review for a period of 7 weeks and published a detailed report on June 22nd, 2022.

The first step in the audit process consisted of rigorously reasoning with the business logic of the contract, validating security-critical properties to ensure the absence of loopholes in the business logic and/or inconsistency between the logic and the implementation.

Next, the code was carefully inspected to ensure it wasn’t vulnerable to known security issues and attack vectors. Particular care was taken to analyze the Stableswap curve, which this contract uses as its pricing function. Though this curve has become quite popular, there is a lack of rigorous mathematical analyses of it. During the audit, the Stableswap curve was thoroughly analyzed to ensure that it satisfies the basic requirements of AMM pricing functions, and finally, the contract was checked to ensure that it correctly implements this pricing curve. During this process, the code was thoroughly analyzed and searched for as many potential sources of error as possible, including rounding errors, convergence failure, edge case behavior, etc.

Results

The audit identified and highlighted some issues along with a number of informative findings. The QuipuSwap team addressed all the issues and concerns raised during the audit and incorporated all the necessary changes in the smart contracts.

Users interested in a more detailed and technical explanation about the findings can go over the full report in our GitHub repository.

About QuipuSwap

QuipuSwap is an open-sourced platform on the Tezos blockchain that includes DEX contracts for swapping all Tezos-built tokens, multiple yield farming programs, staking opportunities, and other features. Being developed by the Madfish team, Quipuswap has become the largest Tezos DEX in terms of user base and liquidity provided.

About Runtime Verification

Runtime Verification is a technology startup based in Champaign-Urbana, Illinois. The company uses formal methods to perform security audits on virtual machines and smart contracts on public blockchains. It also provides software testing, verification services and products to improve the safety, reliability, and correctness of software systems in the blockchain field.