🤜 We have cooperation with Blockchain Consilium to audit notification contract for YFOS Bank 🏦
Blockchain Consilium — Specializes in ERC20 Tokens and Crowdsale Smartcontracts. Blockchain Consilium is one of the leading Smartcontract auditing firms that has audited contracts like $FTX, $WOM and $SRM.
An initial assessment of the issues and how to solve was given to perfect the Bank before to starting.
Based on that, we have revised the issues and Bank Smartcontract has officially been sent for final finalization by the testers.
Issue 1: Loopy
The audit company found the issue: if the attacker send lots of packages (Package ID), for example 1000 packages. When the interest is due, if they call the “getInterest” command, the contract bank must perform 1000 transactions in a single txHash at the same time, which will cause an error (Because each txHash only includes a maximum of about 200 transactions).
→ Solution: After researching, we updated the contract to solve this issue: Each user can only send maximum 5 packages (Package ID). After reaching all 5 packages (Package ID), users can add a new package by canceling the old one.
Issue 2: Dividend and Rounding Error
This is a common issue in dividend contracts. However, we have come up with a solution from the beginning by “the interest is divided by the amount deposited in”, so it is totally not based on the total amount of rewards in the pool.
About “Rounding Error”, the decimals of the YFOS token is 18, the error is almost zero or very small. In addition, because this is a contract of Bank (not contract of Staking), so it works similar to savings at banks.
Issue 3: Centralize
Although the contract was initially met the requirements of decentralization, but after consultation with the auditors, we decided to upgrade contract with adding the function of binding conditions: The amount of token in the contract (bankBudget) is not enough to pay the interest, the contract will not receive any more deposit.
For example: Contract WETH bank is running at 1:1 interest rate, currently, the total amount of WETH deposited is 99 WETH in the contract and there are 100 YFOS in bankBudget, user can only send 1 WETH to the contract, if the amount of deposit is more than 1 WETH, the contract will inform error.
Thus, we have completed the contract of Bank and passed the audit by the experts of Blockchain Consilium
We will start deploying and launching YFOS Bank in the next 24 hours.