Smart Contract Security Audit For SyntheX

In-Depth Review of SyntheX's Collateral Management and Trading Pools

Score:
9.6 /10
Ecosystem:
Arbitrum
Type:
DeFi Synthetic Asset
Background Image

Overview

SyntheX is a DeFi system that allows users to mint synthetic assets backed by collateral assets. The main functionality of SyntheX are:

  1. Reward Distribution: The distribution of rewards for liquidity providers in various pools.
  2. Collateral Management: Management of collateral assets, including depositing, withdrawing, enabling/disabling collateral, setting collateral caps, and volatility ratios.
  3. Trading Pools: The contracts enable/disable trading pools and manage volatility ratios.
  4. Access Control: The contracts include functions for managing access control, pausing/unpausing the contract, and updating addresses for various components.
Services: Smart Contract Audit
Technologies: Solidity

Task

Blaize’s task was to find and describe security issues in the smart contracts of the platform.

We needed to check the SyntheX protocol with the following parameters:

  • Whether contracts the collateral deposit is secure;
  • Whether the rewards distribution works as expected;
  • Whether the liquidation mechanics is correct;
  • Whether the implemented functionality corresponds to the documentation;
  • Whether contracts meet best practices in efficient use of gas and code readability.

We have scanned both sets of smart contracts for commonly known and more specific vulnerabilities:

  • Unsafe types conversion and unsafe math;
  • Timestamp Dependence;
  • Reentrancy (for Solidity part);
  • Correct roles distribution and access control flow;
  • Gas Limit and Loops;
  • Transaction-Ordering Dependence;
  • DoS attacks with (Gas Limit, unexpected reverts, storage abuse, etc.);
  • Byte array vulnerabilities;
  • Style guide violation;
  • ERC20 standard correspondence and correct tokens usage;
  • Uninitialized state/storage/ local variables;

In addition, the SyntheX protocol was checked against less common vulnerabilities from the internal Blaize.Security knowledge base.

Protocol Overview

The scheme below shows a part of SyntheX smart contract, Blaize.Security audited.

Protocol Overview Image

The audited protocol is a synthetics platform based on the overcollaterization principle. The platform receives collateral deposits from users and mints synthetics by the linear utilization rate together with debt tokens for the user. Therefore the platform also combines features from the lending protocol since it enables the liquidation process for accounts under the collateral requirement.

For user incentivization, the platform provides rewards distributions for liquidity providers and SYX token providers (via the esSYX contract). More info about the protocol (including admins functions) is described in the “Protocol Overview” section in the report attached to the case below.

Smart Contract Security Audit Procedure

Blaize.Security has an established security audit procedure. It includes the following steps:

Comprehensive Security Audit

  • Manual code review;
  • Static analysis by automated tools;
  • Business logic review and decomposition of the system;
  • Unit test coverage check;
  • Extensive integration testing;
  • Fuzzy and exploratory testing;
  • Providing a detailed report of detected issues;
  • Verification of fixes;
  • Final audit report preparation & publishing.

Automated Tools Analysis

  • We scanned the contracts using several publicly available automated analysis tools such as Mythril, Solhint, Slither, and Smartdec. All issues found were verified manually.

Manual Code Review

  • We manually analyzed the smart contracts to identify potential security vulnerabilities. Our analysis involved a comparison of the smart contract logic with the description provided in the documentation.

Unit Test Coverage

  • The audit scope includes the unit test coverage, based on the smart contract code, documentation, and requirements presented by the SyntheX team. The coverage is calculated based on the set of Hardhat framework tests and scripts from additional testing strategies. However, to ensure the security of the contract, the Blaize.Security team suggests that the SyntheX team launch a bug bounty program to encourage further active analysis of the smart contracts.

Security Analysis Report

  • Finally, we have provided the SyntheX team with the smart contracts security analysis report. The document contains all the detected risks and possible ways of their mitigation, as well as issues, vulnerabilities, and recommendations for fixes and improvements. Besides, the report contains the confirmation of fixes and necessary explanations from the SyntheX team.

Audit Result

Firstly, the Blaize Security auditors team must mention that protocol has its own Oracle contracts, which utilize Chainlink, Aave, and Compound feeds. Though, Oracle contracts themselves are out of the scope of the current audits. Our team highly recommends utilizing several price sources, having a TWAP-like solution, or using Chainlink or other oracles aggregating several sources. Dependency of the synthetic on a single price source increases the risk of price manipulation through the 3rd party pool manipulation.

Audit Result Image

Audit Result

The security team performed an extensive manual audit during the testing stage and covered several checklists for common attack vectors and possible exploit possibilities. The team found several critical and high-risk issues with collateral withdrawal, fee calculation during the liquidation, and ETH transfer.

Another noticeable issue was connected to ETH and WETH’s identical support. After the audit, the SyntheX team added WETH support with mandatory ETH wrapping in the protocol, and the security team rechecked fixes with appropriate tests.

Audit Result Image

The code is well documented with Natspec and internal comments and contains important examples in crucial code places. The overall security is high enough, though the security team decreased the final rating a bit because of the dependency on oracles, which were out of the scope, the centralization aspect because of contract upgradeability, and several issues where the team has taken responsibility at. From all aspects, SyntheX protocol has passed the security audit and can be evaluated as Highly Secure, 9.6 out of 10.

Score:
9.6 /10
Rate Background
Audit Report

View our in-depth security audit

Detailed Report

Get in Touch

Your blockchain dreams deserve top-tier security. Let's secure them together with our team of certified blockchain security professionals.
Get consulting on WEB3 security from top-tier security researchers and auditors. Contact us, and let's fortify your decentralized future.