Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
Home»HACKING NEWS»AAVE Umbrella Thanksgiving Summary -Ackee Blockchain
HACKING NEWS

AAVE Umbrella Thanksgiving Summary -Ackee Blockchain

By Crypto FlexsMarch 22, 20253 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
AAVE Umbrella Thanksgiving Summary -Ackee Blockchain
Share
Facebook Twitter LinkedIn Pinterest Email

UMBRELLA is a new version of the AAVE safety module that helps to solve bad debt management within the AAVE protocol.

BGD conducted a security review of the AAVE protocol with a total time donation of 19 engineering days between February 10 and February 26, 2025 to participate in Ackee Blockchain Security.

methodology

We started reviewing using the contained static analysis tools. Wake up. This is i2 find. Then I dive about the logic of the contract. We used for testing and purging Wake up Test framework. We have implemented additional unit tests to help analyze stock inflation potential.M1) And arithmetic errors (L1). We also implemented an additional fuzz test set, but there was no entire fujing campaign in the range of this report. The puz test found potential integration issues related to price oracle availability (L2). During the review, we paid special attention later.

  • Inflation and standard compliance inspection for analyzing ERC-4626;
  • So that you cannot abuse the slashing mechanism;
  • Confirmation of accuracy of compensation deployment;
  • The arithmetic guarantee of the system was correct.
  • In the code, it detects reintroduction and unprotected calls.
  • Access control is not too comfortable or too strict. and
  • We are looking for common problems such as data verification.

range

The first audit was performed for the commit. a2ad2ff And the range umbrella ,,, stakeToken and rewards Folder.

COMMIT has been reviewed de990C5.

The third review was performed at the commit 5b987d2 There is a final change before the release. The problem was not confirmed during this review.

Security discovery classification is determined by two grades. influence and What can be. This two -dimensional classification helps to clarify the seriousness of individual problems. The problem to be evaluated middle It is severe, but the possibility of being found only by the team is generally reduced according to the possibility. warning or Information provision Severe rating.

Our review results have emerged 9 DiscoveryFrom providing information to intermediate seriousness. The most serious discovery is M1We have confirmed the stock inflation problem. The slash mechanism allows the stock to grow rapidly and rely greatly on the right function of the system. StakeToken Vaults, which receives the entire slash due to a deficit or a swimming pool defect, can enter the service refusal. Because of the granting characteristics of slash and deposits, attackers can enter the state in a single transaction. The attack cost is determined by the default token (it can be as low as a few cents).

For more information on the customer’s recognition, see the survey results in the entire audit report.

Threshold

There was no important serious problem.

The severity is high

There is no high severe serious problem.

Intermediate

M1: possible stock inflation

Low severity

L1: Frequently insisted on rewards can cause losses.

L2: latestAnswer After removing the configuration, the function is reversed

Significance of warning

W1: Insonquid use _msgSender() ~ Above msg.sender

W2: missing validation of the upper limit validateTargetLiquidity

Information seriousness

i1: Ota

I2: Instructions that are not used

i3: License error processing

i4: The same suffix is ​​used for names and symbols.

Trust model

The authority in the system is carefully designed to limit the potential impact of a single component, but the user DEFAULT_ADMIN_ROLE To correctly configure the system and act honestly (AAVE governance must be given).

conclusion

AcKee Blockchain Security recommends BGD.

  • Set off chain monitoring for the following purposes M1 find; and
  • Solve all other reports.

You can find the entire AAVE umbrella audit report of AcKee Blockchain Security. here.

We were happy to be thankful for AAVE and expect to work with them again.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Encryption Inheritance Update: June 2025

June 25, 2025

HyperLend Protocol Thanksgiving Summary -Ackee Blockchain

June 21, 2025

Encryption inheritance: Roundup -February 20125

June 19, 2025
Add A Comment

Comments are closed.

Recent Posts

CARV’s New Roadmap Signals Next Wave Of Web3 AI

June 27, 2025

CARV’s New Roadmap Signals Next Wave Of Web3 AI

June 27, 2025

Bybit Expands Global Reach With Credit Card Crypto Purchases In 25+ Currencies And Cashback Rewards

June 27, 2025

BYDFi Joins Seoul Meta Week 2025, Advancing Web3 Vision And South Korea Strategy

June 27, 2025

Earns $9,800 Per Day With BTC Breaks Through $107,000, GoldenMining Global Market.

June 27, 2025

Why Bakkt Holdings can buy Bitcoin with a $ 1 billion increase

June 27, 2025

NVIDIA RTX strengthens FITY’s AI -centered innovation in Cooler Design.

June 27, 2025

Join Earn Mining To Mine Easily And Earn $7752 A Day

June 26, 2025

Bitcoin prices return to green -building exercise for more profits

June 26, 2025

Weed® Announces Partnership With Khalifa Kush; Launches Global Commercialization

June 26, 2025

GBM Launches Auction Festival With The Sandbox, Aavegotchi, Unstoppable Domains, And More

June 26, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

CARV’s New Roadmap Signals Next Wave Of Web3 AI

June 27, 2025

CARV’s New Roadmap Signals Next Wave Of Web3 AI

June 27, 2025

Bybit Expands Global Reach With Credit Card Crypto Purchases In 25+ Currencies And Cashback Rewards

June 27, 2025
Most Popular

Improved UMAP performance on GPU using RAPIDS cuML

November 2, 2024

Avalanche (AVAX) continues to decline amid market uncertainty

April 14, 2024

Regional Grants Honduras and Colombia Summary

January 18, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.