{"id":174,"date":"2022-02-25T12:00:27","date_gmt":"2022-02-25T10:00:27","guid":{"rendered":"https:\/\/ackeeblockchain.com\/blog\/?p=174"},"modified":"2022-04-13T15:04:22","modified_gmt":"2022-04-13T14:04:22","slug":"ackee-blockchain-audited-everstake-eversol-stake-pool","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/ackee-blockchain-audited-everstake-eversol-stake-pool\/","title":{"rendered":"Ackee Blockchain audited EverSOL Stake Pool by Everstake"},"content":{"rendered":"

About Everstake’s EverSOL Stake Pool<\/h4>\n

At the time of writing this post, Everstake<\/a> is the biggest decentralized staking provider<\/strong>, trusted by 625 000 users. It helps secure PoS protocols (Solana<\/a>, Polkadot, Ethereum, Terra, Cosmos, and many more).<\/span><\/p>\n

How does the Everstake EverSOL Stake Pool work?<\/h5>\n

EverSOL Stake Pool <\/b>provides an opportunity for staking delegators to gain more yield by enabling liquid staking and issuing liquid tokens (eSOL).<\/span><\/p>\n

Delegators who stakes with EverSOL Stake Pool receive eSOL for every SOL they deposited to the pool. Deposited SOL tokens are then delegated to a set of selected validators, according to the EverSOL <\/span>Delegation Strategy<\/span><\/a>. EverSOL Stake Pool has instant unstake, and delegators can skip the general Solana unstake period and undelegate immediately. Minted eSOL tokens can be used in DeFi to generate additional yield.<\/span><\/p>\n

\"\"<\/p>\n

According to the EverSOL Stake Pool roadmap, the <\/span>EverSOL DAO<\/a><\/b> will be created and play an essential role in the staking mechanism. Delegators will be able to choose from two options on how they can use their staking rewards:<\/span><\/p>\n

    \n
  1. Delegators will be able to support the DAO<\/strong>. 7% of their rewards will be sent to the DAO’s Treasury (the funds will be used to fund Solana-based projects).<\/span><\/li>\n
  2. Or delegators will choose to earn more rewards<\/strong> by sending rewards back to the Stake Pool SOL balance.<\/span><\/li>\n<\/ol>\n

    \"\"<\/p>\n

    To learn more about the <\/span>Everstake and EverSOL Stake Pool, <\/b>read the official documentation <\/strong><\/span>here<\/a><\/strong>.<\/span><\/p>\n

    About the audit<\/h4>\n
    \n
    \n
    \n
    \n

    Two auditors of Ackee Blockchain<\/a>, engaged by Everstake, audited<\/a> EverSOL Stake Pool between February 17 and February 25, 2022<\/strong>. The auditing process was performed with a total time donation of 5 engineering days<\/strong>.\u00a0<\/span><\/b><\/p>\n<\/div>\n

    \n
    \n
    \n
    \n

    During these five days, particular attention was paid to<\/strong> the findings from previous audits of the Stake pool program and the newly added functionality.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

    The security review was first performed by detailed\u00a0m<\/strong>anual code review <\/b>– checking the code line by line for potential vulnerabilities or code duplications, then by testing and automated analysis <\/strong>– running client’s tests to ensure that the system works as expected, potentially writing missing unit or fuzzy tests using own testing framework <\/span>Trdelnik<\/span><\/a>.<\/span>\u00a0Furthermore, by l<\/strong>ocal deployment and hacking<\/b> – deploying the program locally, then trying to attack the system and break it.<\/p>\n

    Findings<\/h4>\n

    Using our toolset, manual code review, unit and fuzzy testing<\/span>\u00a0led to the following findings<\/a><\/strong>:<\/p>\n