Trail of Bits
Audit Open Original ↗

Maple Protocol v2

Type

Security review

Client

Maple Labs

Date

2022-09

Domain

Blockchain

Effort

8 wks

Section

Ethereum/EVM

Trail of Bits's security review of Maple Labs (Sep 2022) identified 12 issues: 2 medium, 9 low, and 1 undetermined.

Findings · 12

  1. 1 Incorrect argument passed to _getPlatformOriginationFee Low
  2. 2 The protocol could stop working prematurely Low
  3. 3 Insucient event generation Low
  4. 4 Incorrect GovernorshipAccepted event argument Low
  5. 5 Partially incorrect Chainlink price feed safety checks Low
  6. 6 Incorrect implementation of EIP-4626 Low
  7. 7 setAllowedSlippage and setMinRatio functions are unreachable Low
  8. 8 Inaccurate accounting of unrealizedLosses during default warning revert Medium
  9. 9 Attackers can prevent the pool manager from finishing liquidation Medium
  10. 10 WithdrawalManager can have an invalid exit configuration Low
  11. 11 Loan can be impaired when the protocol is paused Undetermined
  12. 12 Fee treasury could go to the zero address Low

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related