April 28, 2022

Beosin Has Completed Security Audit Service of MasterChefV2 and cake-pool Contracts in PancakeSwap

Project Overview

Audit work duration: April 13, 2022 — April 21, 2022


Audit methods: Formal Verification, Static Analysis, Typical Case Testing and Manual Review.

Audit team: Beosin Technology Co. Ltd.






About Pancake

PancakeSwap helps users make the most out of the crypto in three ways: Trade, Earn, and Win. It is the leading decentralized exchange on BNB Smart Chain, with the highest trading volumes in the market. Users can earn CAKE and other tokens for free with super high interest rates. With winning models like lottery, NFT collectibles and prediction, PancakeSwap makes making money fun. The official website of PancakeSwap is: https://pancakeswap.finance/


Beosin team has audited the MasterChefV2 and cake-pool contracts in pancakeSwap. Both contracts are deposit mining series. The MasterChefV2 contract is an extension of the MasterChefV1 deposit model, which will use the rewards of MasterChefV1 as the source of pledge rewards for this contract, while supporting the adjustment of user’s deposit revenue factors. The cake-pool adopts a deposit-locking model, where the contract will automatically select different revenue factors depending on the number of user pledges and the lock-up period.




Audit Results

Beosin has audited two smart contracts for PancakeSwap. After auditing, 2 Low-risk and 4 Info items were identified in the MasterChefV2 contract; 1 Low-risk and 3 Info items were identified in the cake-pool contract. No critical, high or medium risk issues were found during the auditing process. The final audit results are available in the audit report.


Enter 20220421617 and 202204211554 to view the two reports at https://beosin.com/#/index/service/contracts






Audit Workflow

Beosin has focused on the core security issues such as contract permission control, security of deposited assets, rationality of reward mechanism, and business logic of key functions during the audit process. The auditing workflow is mainly as follows:




  1. Conduct preliminary source code review;


2.Use Beosin’s self-developed automatic smart contract formal verification platform — VaaS to conduct an in-depth detection of the contract codes in all aspects;


3.Practical deployment and validation via sandbox simulation;


4.Manual line-by-line code review by security experts;


5.Complete the final audit report.




More

1. Beosin Has Completed Security Audit Service of Crypto LEGO ALG


2. Beosin Has Completed Security Audit Service of TribeOne


3. Beosin’s Analysis of the ZEED Exploit


4. Beosin Has Completed Security Audit Service of Crafting


5. How to Ensure the Security of NFT Under the Web 3.0 Boom?


6. How to quickly track assets laundered by Hacker’s Paradise-Tornado Cash?


If you have need any blockchain security services, please contact us:


Website Email Official Twitter Alert Telegram LinkedIn

Related Project

Related Project Secure Score

Guess you like
Learn More
  • DEUS Finance Suffered its Second Flashloan Attack This Year: Beosin’s Detailed Analysis

    April 28, 2022

  • VaaS — Automatic Detection Tool , Make Your Smart Contract Secure In Web3.0

    April 28, 2022

  • Beosin Has Completed Security Audit Service of SeasonSwap With No Issues Identified

    April 28, 2022

  • The Jump Satoshi Token $JST has a backdoor, users are urged to withdraw the funds ASAP

    April 26, 2022

Join the community to discuss.