Truffi Pools

Smart Contract Audit Report

Executive Summary

This report presents the outcomes of our collaborative engagement with the Truffi team, focusing on the comprehensive evaluation of the Pools contract.

Our team conducted an initial security assessment from May 29th to May 31st, 2024. The report was updated on June 6th after reviewing changes from commit 31ee370 to commit da08a61. The changes to the report reflect updates made by the team to address Finding #4 and resolve Findings #1, 2, 3, 5, and 6, as well as some functional upgrades to the code. Notably, the introduction of an Exchanger address that a Pool owner can use to exchange inscriptions on the owner's behalf. On June 7th the report was updated to reflect the project's mainnet deployment.

Truffi Pools is a new contract which allows users to create, manage, and interact with Pools which can be utilized for Token Inscriptions. As the Token contract was not included within the scope of this audit, we are unable to assess the Inscription functionality which is intended to occur during certain interactions with the contract.

Audit Scope

Name	Source Code	Visualized
Pool	`BASE Mainnet`	Inheritance Chart. Function Graph.
Pools	`BASE Mainnet`	Inheritance Chart. Function Graph.

Name/Source Code	Visualized
Pool `BASE Mainnet`	Inheritance Chart. Function Graph.
Pools `BASE Mainnet`	Inheritance Chart. Function Graph.

Audit Findings

All findings have been resolved, though some centralized aspects are present.

Finding #1	Pools	HighResolved
Finding #1 - Pools HighResolved
Description: The reindexPools() function uses the following logic to remove a Pool. `bool offset = false; for(uint256 i = 0; i < activePoolCount; i++){ if(indexes[i] == addr) offset = true; if(offset) indexes[i] = indexes[i + 1]; } activePoolCount--;` Looping through the entire list of active pools, as well as shifting remaining elements upon deleting are both inefficient methods of removal, and can result in failed transactions due to gas limitations as the list of active pools count increases. Risk/Impact: Pool deletion functionality may break if the active pool count grows too large, preventing pool owners from retrieving their deposited tokens. Recommendation: An index field should be added to the SPool struct to quickly identify the index of the pool to destroy. To avoid shifting the remaining pools after deletion, index updates should be executed in a similar manner as follows: `pools[indexes[activePoolCount - 1]].index = i; indexes[i] = indexes[activePoolCount - 1]; indexes[activePoolCount - 1] = address(0);` Resolution: The team has implemented the above recommendation.
Finding #2	Pools	HighResolved
Finding #2 - Pools HighResolved
Description: The following function exists to fetch Inscriptions from a Pool, which requires potentially looping through a Pool's entire Inscription count. If a Pool's Inscription count grows too large, this function may fail due to gas limitations: `function getInscriptionByAmount(uint256 amount, address addr) internal view returns (SInscription memory) { uint256 count = ITruffi(token).inscriptionCount(addr); SInscription memory inscription; for(uint256 i = 0; i < count; i++){ inscription = ITruffi(token).inscriptionOfOwnerByIndex(addr, i); if(inscription.seed == amount) return inscription; } return inscription; }` Risk/Impact: Core Inscription exchange functionality may break for certain Pools if their Inscription count grows too large. Recommendation: The exchangeInscription() and getInscriptionByAmount() functions should include an index parameter that is passed in by the user exchanging; this index can then be used to retrieve the required Inscription through a single inscriptionOfOwnerByIndex() call. Resolution: The team has indicated that the inscription count should never exceed 50, mitigating the risk of breaking Pool functionality.
Finding #3	Pools & Pool	HighResolved
Finding #3 - Pools & Pool HighResolved
Description: The transfer() function is used to send native blockchain currency to various addresses throughout both contracts, which limits the recipient to 2300 gas. If an address receiving native currency from a transfer() call executes any logic upon receival, transactions may fail due to the gas limitations. Risk/Impact: Fee withdrawals by Pool owners and other core contract functionality containing transfer() calls may fail if the recipient is a contract. This can result in funds being trapped inside the contract. Recommendation: The project team should use the call() function instead of the transfer() function to send the chain's native currency. The team must also ensure to update the withdrawPoolFees() function to include the nonReentrant modifier, or reset a Pool's tracked fees before transferring them to the owner as follows: `function withdrawPoolFees(address addr) public onlyPoolOwner(addr) returns (bool) { uint256 balance = payable(addr).balance; require(balance > 0, "Pool does not have any fees"); Pool(payable(addr)).withdrawFee(balance); uint256 _toSend = fees[addr]; fees[addr] = 0; payable(ownerships[addr]).call{value: _toSend}(""); return true; }` Resolution: The team has correctly replaced the transfer() function with the sendValue() function from the Address library.
Finding #4	Pools	LowAcknowledged
Finding #4 - Pools LowAcknowledged
Description: The switchPool() function provides a permit to a user for a Pool address that appears to be intended to be random, but only uses state variables and block attributes to generate "randomness". Risk/Impact: A Pool address can be determined by a user before executing a transaction, or during a transaction by a contract which can be designed to revert upon receiving an undesirable permit. Recommendation: If certain Pools are intended to be more desirable than other Pools, the project team should use a verifiable source of randomness such as Chainlink VRF for each permit's issuance. This would also prevent contracts from reverting upon receiving an undesirable permit. Update: The team has updated the code to implement a commit-reveal mechanism, utilizing the blockhash of the block that is two blocks ahead of the block in which the permit was requested. While the team acknowledges that validators have some capability to manipulate the blockhash, the probability of such manipulation occurring is very low. Additionally, the team should be mindful when setting the permit expiration, as blockhashes are only available for the most recent 256 blocks; beyond this range, the blockhash values default to zero.
Finding #5	Pools	InformationalResolved
Finding #5 - Pools InformationalResolved
Description: This contract does not support fee-on-transfer tokens as the Pool token. Recommendation: The project team should exercise caution and avoid using a fee-on-transfer token as the Pool token unless the proper exemptions are made. Resolution: The team states that the intended Pool token, Truffi, does not have fee-on-transfer functionality.
Finding #6	Pools	InformationalResolved
Finding #6 - Pools InformationalResolved
Description: Pool token transfers automatically add 9 decimals to specified transfer amounts. Recommendation: The project team should not use a token with less than 9 decimals, and should exercise caution if using a token with more than 9 decimals to avoid unintended transfer amounts. Resolution: The team states that the intended Pool token, Truffi, has 9 decimals.

System Overview

POOL CONTROLS

Any user can create a new Pool to be used for Inscription exchange. A specified Pool token amount is transferred from the user to the newly created Pool contract. The Pool is assigned a level based on the contract's token thresholds for each level. The user must provide an exact threshold amount upon creation. After creation, tokens are repeatedly transferred back and forth between this contract and the Pool, intended to trigger Inscription functionality.

A user can refresh, withdraw fees from, or destroy their Pool only after the cooldown period since creation has passed. This repeatedly transfers tokens back and forth between the Pool and this contract to trigger Inscription functionality. Withdrawing fees transfers the Pools native token balance to this contract and subsequently transfers the user its accumulated fees. Destroying a Pool returns the token balance of the Pool to the user and disables it from further use.

INSCRIPTION EXCHANGE

A user can create a permit for Inscription exchange if they have either not yet created one or if the permit cooldown has passed from their last permit creation. The user must provide the contract's switch fee in the native token upon generating a new permit. The pool on which the permit is valid for is determined pseudorandomly using various contract and block attributes. The project team should note that this number is not truly random and can be determined by users before a transaction is submitted. A permit is only valid for the contract's permit duration, starting from the block of its creation.

A user can exchange an inscription on a Pool that they have been granted a valid permit for. If the owner of the pool has allowed an exchanger address to exchange an inscription, then the exchanger address can exchange an inscription on the pool owner's behalf. A permit can no longer be used if its pool is destroyed after a permit is created for it. An exchange fee must be provided, which is transferred to the Pool address and added to its accumulated fees. When an exchange is initiated, a Token Inscription is fetched from the Pool's Token Inscriptions based on the Inscription's seed matching the user's specified amount; the user can also provide an "extra" value which must match the Inscription's seed if it is not zero. If an extra value is not provided and an Inscription matching the user's amount is not found, the Pool's last indexed Inscription is used. The provided amount is transferred from the user to this contract, and an equal amount of tokens are transferred from the Pool to the user. The provided tokens are then transferred from this contract to the Pool. These tokens are subsequently transferred from the Pool back to this contract and then back into the Pool.

OWNERSHIP

The owner can update the permit cooldown to any value between 2 and 10 blocks (inclusive). The owner can update the permit expiration to any value between 15 and 900 blocks (inclusive). The owner can update the exchange and switch fees to any value up to 0.001 ETH at any time. The owner can update the destroy cooldown value to any value up to 43200 blocks at any time. The owner can also withdraw any Pool tokens or native tokens from the contract at any time.

Vulnerability Analysis

Vulnerability Category	Notes	Result
Arbitrary Jump/Storage Write	N/A	PASS
Centralization of Control	Ownership controls as described above.	PASS
Compiler Issues	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	The team has updated the code to implement a commit-reveal mechanism, utilizing the blockhash of the block that is two blocks ahead of the block in which the permit was requested. While the team acknowledges that validators have some capability to manipulate the blockhash, the probability of such manipulation occurring is very low. Additionally, the team should be mindful when setting the permit expiration, as blockhashes are only available for the most recent 256 blocks; beyond this range, the blockhash values default to zero.	PASS
Ether/Token Theft	N/A	PASS
Flash Loans	N/A	PASS
Front Running	N/A	PASS
Improper Events	N/A	PASS
Improper Authorization Scheme	N/A	PASS
Integer Over/Underflow	N/A	PASS
Logical Issues	N/A	PASS
Oracle Issues	N/A	PASS
Outdated Compiler Version	N/A	PASS
Race Conditions	N/A	PASS
Reentrancy	N/A	PASS
Signature Issues	N/A	PASS
Sybil Attack	N/A	PASS
Unbounded Loops	N/A	PASS
Unused Code	N/A	PASS
Overall Contract Safety		PASS

About SourceHat

SourceHat has quickly grown to have one of the most experienced and well-equipped smart contract auditing teams in the industry. Our team has conducted 1800+ solidity smart contract audits covering all major project types and protocols, securing a total of over $50 billion U.S. dollars in on-chain value!
Our firm is well-reputed in the community and is trusted as a top smart contract auditing company for the review of solidity code, no matter how complex. Our team of experienced solidity smart contract auditors performs audits for tokens, NFTs, crowdsales, marketplaces, gambling games, financial protocols, and more!

What is a SourceHat Audit?

Typically, a smart contract audit is a comprehensive review process designed to discover logical errors, security vulnerabilities, and optimization opportunities within code. A SourceHat Audit takes this a step further by verifying economic logic to ensure the stability of smart contracts and highlighting privileged functionality to create a report that is easy to understand for developers and community members alike.

How Do I Interpret the Findings?

Each of our Findings will be labeled with a Severity level. We always recommend the team resolve High, Medium, and Low severity findings prior to deploying the code to the mainnet. Here is a breakdown on what each Severity level means for the project:

High severity indicates that the issue puts a large number of users' funds at risk and has a high probability of exploitation, or the smart contract contains serious logical issues which can prevent the code from operating as intended.
Medium severity issues are those which place at least some users' funds at risk and has a medium to high probability of exploitation.
Low severity issues have a relatively minor risk association; these issues have a low probability of occurring or may have a minimal impact.
Informational issues pose no immediate risk, but inform the project team of opportunities for gas optimizations and following smart contract security best practices.

Go Home