3 min read

Least Authority Metapool Audit Announcement

Least Authority Metapool Audit Announcement

Saddle Finance is pleased to announce that the security audit of the Metapool smart contracts has been completed with the technical diligence of Least Authority, a renowned expert in blockchain security and smart contract audits.

We at Saddle believe security is paramount, and audits prevent potentially catastrophic vulnerabilities from surfacing. Millions of dollars have been lost with unaudited contracts due to the manipulation of code by hackers. Audits are crucial to security and provide testing that goes beyond regular bug detection. Working with Least Authority ensures the smart contracts are reliable, resilient, and operational as per the specifications.

Least Authority’s rigorous audit reviewed the design and implementation of the Metapool smart contracts and found no security vulnerabilities.

Below is an overview of Least Authority’s findings.

Details of Audit
Saddle engaged the services of Least Authority to assess the security of its Metapool smart contracts. The Metapool smart contracts compose a component within the system’s smart contract suite governing the functionality of Metapools, which pair a saddle stable coin with an underlying token, enabling swaps and pool participation rewards.

The team, comprising five Security Researchers/Engineers, took over three months to review the code and deliver the final audit. According to the report, Saddle has taken into consideration necessary access controls and modifiers to block potential attack vectors in the design of the Metapool smart contracts. The Metapool smart contracts, and the Saddle Finance smart contracts in general, are well organized, modular, and generally adhere to best practices.

What did the audit entail?
The goal of the audit was to ensure the operation of Metapool smart contracts as intended. Additionally, it required a detailed analysis to ascertain any code flaws, security issues, vulnerabilities, and bugs.
The audit was essential to ensure the overall robustness and strengthen the security of the Metapool smart contracts.

The security audit was performed with several methodologies, including:

Manual Code Review
Vulnerability Analysis
Documenting Results
Suggested Solutions
Resolutions and Publishing

Least Authority, in its report, states security has been taken into consideration in the design of the Metapool smart contracts, as demonstrated by the utilization of necessary access controls and the use of modifiers to block potential attack vectors.
As such, no security vulnerabilities were detected however, a couple of suggestions were made, which were addressed and resolved by the Saddle team.

Addressing the audit’s findings confirms Saddle has taken the required steps to ensure the security and stability of the Network.

About Least Authority
Least Authority believes that people have a fundamental right to privacy and that the use of secure solutions enables people to use the Internet and other connected technologies. We provide security consulting services to help others make their solutions more resistant to unauthorized access to data and unintended manipulation of the system. We support teams from the design phase through the production launch and after.

The Least Authority team has skills for reviewing code in C, C++, Python, Haskell, Rust, Node.js, Solidity, Go, and JavaScript for common security vulnerabilities and specific attack vectors. The team has reviewed implementations of cryptographic protocols and distributed system architecture, including in cryptocurrency, blockchains, payments, and smart contracts. Additionally, the team can utilize various tools to scan code and networks and build custom tools as necessary.

Least Authority was formed in 2011 to create and further empower freedom-compatible technologies. We moved the company to Berlin in 2016 and continue to expand our efforts. Although we are a small team, we believe that we can have a significant impact on the world by being transparent and open about the work we do.

About Saddle
Saddle is a decentralized AMM that enables cheap, efficient, fast and low-slippage swaps. The saddle is built by a team of DeFi natives aimed to bridge the gaps between the different silos of DeFi. We believe in collaboration, building Saddle as a DeFi lego block, and helping DeFi teams bring AMMs to any blockchain.

Feel free to reach out through our community Discord or follow us on Twitter.