Trail of Bits
Audit Open Original ↗

Opus

Type

Security review

Client

Lindy Labs

Date

2023-12

Domain

Blockchain

Effort

8 wks

Section

Starknet

Trail of Bits's security review of Lindy Labs (Dec 2023) identified 8 issues: 1 high, 2 medium, 2 low, and 3 informational.

Findings · 8

  1. 1 Redistributed debt does not accrue interest until next trove action Low
  2. 2 Incorrect starting index in the bestow function Informational
  3. 3 MAX_YANG_RATE is set lower than intended Informational
  4. 4 LOWER_UPDATE_FREQUENCY_BOUND is set much lower than Starknet block time Informational
  5. 5 The absorb function can still be called even if the Absorber is killed Medium
  6. 6 The get_shrine_health function does not account for interest or recovery mode threshold Low
  7. 7 Yin cannot be pulled out of the Absorber if the Shrine is killed High
  8. 8 Exceptionally redistributed yangs are not included in compensation for absorptions Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related