Trader Joe<\/a> is a<\/strong> multi-functional DeFi trading platform<\/strong> on the Avalanche Blockchain.<\/span> Users can trade, lend, stake, and participate in launch events for newly issued tokens.<\/span><\/p>\n Trader Joe’s differentiates itself from classic decentralized exchanges such as Uniswap by combining DEX with lending and leveraged trading.<\/span><\/p>\n At the time of writing this post, Trader Joe is offering users these features:<\/span><\/p>\n To learn more about <\/span>Trader Joe, read the official documentation<\/strong><\/span> here<\/a><\/strong>.<\/span><\/p>\n Between February 7 and March 4, 2022<\/strong>, the <\/span>Ackee Blockchain<\/span><\/a> security team performed an audit<\/a> of Trader Joe’s following contracts:<\/span><\/p>\n During the audit, the Trader Joe and Ackee Blockchain teams agreed on the extension of the audit scope<\/a> based on issues found in the audit. The whole auditing process was performed with a total time donation of 15 engineering days<\/strong>.\u00a0<\/span><\/p>\n <\/p>\n During the security review, special attention was paid to <\/strong>the following questions:<\/p>\n The audit methodology for Trader Joe consisted of:<\/span><\/p>\n <\/p>\n The Trader Joe development team is aware that the security of smart contracts is a crucial aspect of every cryptocurrency protocol, and that’s why Trader Joe engaged Ackee Blockchain to conduct a follow-up audit<\/strong> of the new BoostedMasterChefJoe<\/em> contract. <\/span>The follow-up audit was performed between March 14 and March 18, 2022<\/strong>.<\/span><\/p>\n In the first audit,<\/span> we identified 18 findings<\/a>: 4 warning <\/strong>severity, 3 informational <\/strong>severity, 1 low<\/strong> severity, 3 medium<\/strong> severity and 7 high<\/strong> severity issues. The most critical was that a denial of service could occur<\/strong> in BoostedMasterChefJoe<\/em> under relatively common circumstances (see H1 in the audit report).<\/span><\/p>\n It is worth mentioning that the contract was not deployed on the mainnet, and we at Ackee Blockchain are happy to contribute to the security of the Trader Joe protocol.<\/span> As mentioned above, based on the first audit report (especially on the critical issue), the Trader Joe team decided to re-write the whole BoostedMasterChefJoe<\/em> smart contract, and then the follow-up audit<\/strong> was conducted. It resulted in 7 findings: 2 warning <\/strong>severity, 1\u00a0informational <\/strong>severity, 1 low<\/strong> severity, 1 medium<\/strong> severity and 2 high<\/strong> severity issues.<\/span><\/p>\n After the first audit<\/strong>, we recommended Trader Joe to:<\/p>\n After the follow-up audit<\/strong>, we recommended\u00a0 Trader Joe to:<\/p>\n We were delighted to audit <\/span>Trader Joe <\/b>and<\/span>\u00a0look forward to working with them again.\u00a0<\/span><\/p>\n <\/p>\n The full Ackee Blockchain audit<\/b> report<\/b> of Trader Joe with a more detailed description of all findings and recommendations can be found <\/b>here<\/b><\/span><\/a>. The follow-up audit of the new BoostedMasterChefJoe <\/em><\/b>can be found <\/strong>here<\/a>.\u00a0<\/b><\/p>\n","protected":false},"excerpt":{"rendered":" About Trader Joe Trader Joe is a multi-functional DeFi trading platform on the Avalanche Blockchain. Users can trade, lend, stake, and participate in launch events for newly issued tokens. Trader Joe’s differentiates itself from classic decentralized exchanges such as Uniswap by combining DEX with lending and leveraged trading.<\/p>\n","protected":false},"author":11,"featured_media":191,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,10],"tags":[31,21,59,30,24,33,60,135],"class_list":["post-189","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-audits","category-ethereum","tag-amm","tag-audit","tag-avalanche","tag-dex","tag-ethereum","tag-evm","tag-lp","tag-traderjoe"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2022\/04\/ABCH-Trader-Joe-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2022\/04\/ABCH-Trader-Joe-600x600.png","author_info":{"display_name":"Andrea Nov\u00e1kov\u00e1","author_link":"https:\/\/ackee.xyz\/blog\/author\/andrea-novakova\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=189"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/189\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/191"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
About the audit<\/h4>\n
\n
\n<\/span><\/li>\n<\/ul>\n\n
\n
Findings<\/h4>\n
\n<\/span><\/p>\nConclusion<\/h4>\n
\n
\n