Trail of Bits
Audit Open Original ↗

Perpetual Protocol V2

Type

Security review

Client

Perpetual Finance

Date

2022-02

Domain

Blockchain

Effort

4 wks

Section

Ethereum/EVM

Trail of Bits's security review of Perpetual Finance (Feb 2022) identified 9 issues: 4 medium, and 5 informational.

Findings · 9

  1. 1 Lack of zero-value checks on functions Status: Unresolved Informational
  2. 2 Solidity compiler optimizations can be problematic Status: Resolved Informational
  3. 3 mulDiv reverts instead of returning MIN_INT Status: Resolved Informational
  4. 4 Discrepancies between code and specification Status: Resolved Informational
  5. 5 Missing Chainlink price feed safety checks Status: Partially Resolved Medium
  6. 6 Band price feed may return invalid prices in two edge cases Status: Partially Resolved Medium
  7. 7 Ever-increasing priceCumulative variables Status: Resolved Medium
  8. 8 Lack of rounding in Emergency price feed Status: Unresolved Informational
  9. 9 It is possible to pollute the observations array Status: Undetermined Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related