B005: Audit Scopes

Forked Code

The first step I take into assessing the scope of a project is to detect whether it is a fork of some other well-known project which would significantly reduce the time necessary to audit the project either because it has been audited multiple times or because its documentation is quite expansive and can be based on.

SushiSwap Code
  • Uniswap V2 AMM: Contract filename structure (XERC20.sol, XFactory.sol, XPair.sol, XRouter.sol) & notion of token0 and token1 etc. within code.
  • Balancer V1 AMM: Contract filename structure (XPool.sol, XConst.sol XMath.sol etc.) & notion of denormalizedWeight and normalizedWeight along with bind / unbind / rebind functions.
  • Compound Governance: Presence of Timelock.sol, thoroughly documented code for the Proposal struct & castVote / castVoteBySig functions.
  • SushiSwap Staking: Chef contract suffix, UserInfo & PoolInfo and deposit, withdraw & emergencyWithdraw functions.
PancakeSwap Code

Scope Depth Level

I have historically found myself identifying vulnerabilities during the scoping process and this is usually an indicator of “too much” time spent in a project’s scope.

  • Multiple “import” statements that are not of a well-known library (OpenZeppelin)
  • Total contract length, per-function length, per-function total code paths (if-else chains, for loops etc.), and per-function state mutability
  • Naming notions (i.e. “Oracle”, “Staking”, “Pool”, “Strategy” etc.)
  • ERC Standards (i.e. “ERC20”, “ERC721” etc.)

Documentation & Test Coverage

Although some may disagree, this particular aspect of a project’s code is not that definitive in my day-to-day workflow. A project rarely moves beyond the above stage during the scoping process as scrolling through the code will tend to give a good level of confidence in quotes.

Conclusion

Assessing a project’s audit scope necessitates multiple aspects that should be considered to form a well-informed estimate. In my personal methodology, I have attempted to optimize the time it takes to form such an estimate by approaching a project with a set of mental guidelines applied to the code of the project.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store