ShibaSwap.com Certik Audit Report Came In Hot Today!
At this point it is truly a mic drop moment. As you all know, ShibaSwap has been released as of July 6th 2021. It has been four long days for ShibArmy. The troops have been utilizing ShibaSwap to the best of their abilities. Cat, Trophias and the Mod Core team have been combating FUD while we are all it trying to spread knowledge and participate in the liquidity event. What a time for ShibArmy. All this blind faith people have for Shytoshi, Eric, Kaal and everybody behind this machine is nothing new on Planet Shiba. All this bullish momentum well before being on-boarded by Certik.
Heres what you need to know. 8/8 Major Findings Resolved. 1/1 Medium Findings Resolved. 10/11 Minor Findings Resolved, 14/14 Info Findings Resolved. So there was only ONE Minor Finding that may negatively our official score and that was Partially Resolved giving ShibaSwap an amazing score of 97% RESOLVED. Final score will be given in the next few days.
Shout out to @kaaldhairya You did a fantastic job! It’s very very hard to find a great developer who is also a leader and manager. You’re the best in the world and I’m happy you are here. Love you BRUH! — Shytoshi Kusama Tweets
So to avoid FUD let us break down that minor finding a little bit and get to the bottom of this right? In short it was issue that pertained to the slippage when swapping. The symbols and value of the pairs used are just for example purposes. Say somebody connects their wallet to ShibaSwap.com and wants to make a swap transaction swapping 100 SHIB for 1 LEASH. The attacker can monitor the pool and know the transaction detail (i.e, gas) for taking the benefit of front running the victim’s transaction. An attacker could raise the price of LEASH by swapping SHIB for LEASH before the transaction. As a result, the user might get less LEASH than he expected. After the transaction, the attacker would be able to swap LEASH for more SHIB than he used in his previous transaction.
In response to the minor issue [Shiba Team]: Set the bridge for low liquidity tokens to be their most liquid pair. Swap only highly liquid pairs, where price manipulation (without a flashloan) is not feasible. So they chose not to follow Certiks direct advice but surely they still fixed the issue at hand, hence the Partially Resolved status of the Minor Finding. Such a glorious moment for #ShibArmy and all the Devs. Job well done. Mission complete. Everybody strap up and get ready for take off. It seems as if it is only UP from here!