Open in app

Sign in

Write

Sign in

Pendle

Home

About

Follow publication

Pendle

The protocol to trade and hedge future yield.

Follow publication

Security Update

--

Security is a crucial aspect for us and as such, our contracts have undergone numerous audits. We’d like to take the chance now to share these audits with everyone.

We’ve received 3 audit reports and have fixed the issues found. The reports are available here. We’ll outline the issues found here:

Least Authority Report

We engaged Least Authority to audit an initial version of our contracts. Least Authority identified 5 issues, the likeliness of it to occur, as well as remediation suggestions. Here are the issues found:

Least Authority has also provided 8 suggestions to improve the contracts. In summary, Least Authority recommended reducing the complexity of our smart contracts and to conduct additional audits by independent teams, given the high complexity.

After the initial version was audited by Least Authority, we refactored the codes to make them more straightforward and secure. Beyond the engagement with Least Authority, we have also engaged 4 independent whitehats to further audit our contracts.

Here’s the summary of the public reports by 2 of the whitehats. For the following reports, severity was included. The issues found were all resolved.

Report 1

The first report identified 1 critical severity issue, 3 medium severity issues, and 3 low severity issues. Refer to the table below for more information:

Report 2

The second report identified 1 medium severity issue and 7 low severity issues. These are summed up in the table below:

The report also included some recommendations, mostly on removing redundant lines and considerations to improve code quality and gas consumption. We have reviewed these recommendations, following some and acknowledging the others.

Summary

There were a number of issues and suggestions brought up during our audits. These were all addressed and fixed by our dev team. The reports have been published and linked above, do check them out if you’re interested in reading more.

Security is very important to us and we’ll continue to engage auditors to ensure that contracts are up to standard. Moving forward, we will also introduce bug bounties to activate the community for contract reviews. More details to be released soon.

Join our Discord server and follow us on Twitter and Telegram to stay updated.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Announcement

--

--

Pendle
Pendle

Published in Pendle

702 Followers
Last published Feb 4, 2025

The protocol to trade and hedge future yield.

Pendle Team
Pendle Team

Written by Pendle Team

917 Followers
4 Following

Liberating Future Yield

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams