Trail of Bits
Audit Open Original ↗

MakerDAO Sai

Type

Security review

Client

DappHub

Date

2017-10

Domain

Blockchain

Effort

8 wks

Section

Ethereum/EVM

Trail of Bits's security review of DappHub (Oct 2017) identified 12 issues: 5 high, 4 medium, and 3 low.

Findings · 12

  1. 1 Race condition in the ERC20 approve function may lead to token thet High
  2. 2 Unprotected function and integer overlow may lead to system destabilization High
  3. 3 Reliance on undefined behavior may lead to unexpected behavior Low
  4. 4 Rounding strategy in DSMath fixed-point multiplication/division may lead to errors Medium
  5. 5 Misconfigured deploy may lead to unusable system Low
  6. 6 Inconsistent SaiTub.join() docs may lead to unexpected user behavior Low
  7. 7 Race conditions during contracts deployment may lead to system compromise High
  8. 8 Multiple divisions by zero may lead to unusable system Medium
  9. 9 Lack of validation on tax may lead to unusable system High
  10. 10 Inconsistent debt bookkeeping may lead to trapped tokens Medium
  11. 11 Loss of decimal precision leads to free tokens High
  12. 12 Loss of decimal precision leads to incomplete global settlement Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related