{"id":901,"date":"2024-08-09T17:48:44","date_gmt":"2024-08-09T15:48:44","guid":{"rendered":"https:\/\/ackee.xyz\/blog\/?p=901"},"modified":"2024-08-09T18:11:43","modified_gmt":"2024-08-09T16:11:43","slug":"lido-simple-delegation-audit-summary","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/lido-simple-delegation-audit-summary\/","title":{"rendered":"Lido Simple Delegation Audit Summary"},"content":{"rendered":"<p><span style=\"font-weight: 400;\"><a href=\"https:\/\/lido.fi\/\" target=\"_blank\" rel=\"noopener\">Lido Finance<\/a> Simple Delegation allows LDO token holders to delegate their voting power to other addresses and delegates to participate in on-chain voting on behalf of their delegated voters.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Lido Finance engaged Ackee Blockchain to perform a security review of the Lido Finance Simple Delegation for a total of 10 engineering days in a period between Mar 18 and Mar 28, 2024.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Lido Finance also engaged Ackee Blockchain to perform a fix review of findings in Revision 1.0 on commit <code class=\"codehl\">e3cef8c<\/code>. Three out of ten findings were fixed, the remaining seven findings were acknowledged by the team with explanations. Lido Finance added several new tests and improved the documentation of private functions.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><b>Revision 2.0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Lido Finance engaged Ackee Blockchain to perform an incremental review of the Simple Delegation project with a total time donation of 2 engineering days in a period between Jun 27 and Jul 1, 2024.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Lido Finance engaged Ackee Blockchain to perform a fix review of the findings discovered in the previous revision on commit <code class=\"codehl\">50d9802<\/code>. Three out of four findings were fixed, and one informational finding was acknowledged. Except for the fixed findings, two minor changes were made to the codebase to improve readability and gas usage. The new changes were reviewed as well. See Revision 2.1 for the details of the updated codebase.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">METHODOLOGY<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">We began our review using static analysis tools, including <a href=\"https:\/\/getwake.io\/\" target=\"_blank\" rel=\"noopener\">Wake<\/a>. We then took a deep dive into the logic of the contracts. For testing and fuzzing, we have involved the Wake testing framework.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A complex, fully differential <a href=\"https:\/\/github.com\/Ackee-Blockchain\/tests-lido-simple-delegation\" target=\"_blank\" rel=\"noopener\">fuzz test<\/a> was prepared to ensure the system&#8217;s correctness. The fuzzing was performed with the bytecode generated by the Solidity compiler in version 0.4.24 with the optimizer enabled.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">During the review, we paid special attention to:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring the code is not subject to bugs of the outdated compiler version,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the voting logic is correct and is not affected by the additional delegation logic,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring the arithmetic of the system is correct, and there are no overflows or underflows in the arithmetic operations,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the upgradeability is implemented and used correctly,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">detecting possible reentrancies in the code,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ensuring access controls are not too relaxed or too strict,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">looking for common issues such as data validation.\u00a0<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><b>Revision 2.0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The review began with the migration to Solidity 0.6.2 needed to run Wake static analysis detectors. We then continued updating the fuzz test prepared in the previous revision and performed an incremental manual review in parallel with the fuzzing.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">During the review, we specifically checked:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the refactoring did not introduce new ways to exploit the system,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the code style and readability remained at a high level.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">SCOPE<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The scope includes the implementation of voting for Lido DAO with the simple delegation of votes. The audit was performed on commit <code class=\"codehl\">08d43e3<\/code>, and the scope was the following:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Voting.sol<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><b>Revision 2.0\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The audit was performed on the commit <code class=\"codehl\">079dd88<\/code>with the file Voting.sol as the scope.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">FINDINGS<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Here we present our findings.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Critical severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">No critical-severity issues were found.\u00a0<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">High severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">No high-severity issues were found.\u00a0<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Medium severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">No medium-severity issues were found.\u00a0<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Low severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">No low-severity issues were found.\u00a0<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Warning severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">W1: Usage of <code class=\"codehl\">solc<\/code>optimizer<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W2: Delegation does not expire<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W3: The initializer can be front-run<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W4: The initializer does not have validations for the correctness of <code class=\"codehl\">_token<\/code><\/span><\/p>\n<p><span style=\"font-weight: 400;\">W5: Declaration shadowing<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W6: Unused function parameters<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W7: Outdated Solidity version<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W8: Division rounding error<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W9: Set delegate with zero voting power<\/span><\/p>\n<p><span style=\"font-weight: 400;\">W10: Inconsistent <code class=\"codehl\">attemptVoteForMultiple<\/code> checks<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Information severity<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">I1: Unused function<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I2: Reserved keyword<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I3: Cache array length<\/span><\/p>\n<p><span style=\"font-weight: 400;\">I4: Incorrect NatSpec format<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">CONCLUSION<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Our review resulted in 10 warnings. In addition, we have concerns about the very concept of vote delegation. Vote delegation is a powerful tool that can increase voter turnout, but it can also centralize power in the hands of a few. Moreover, this mechanism can be potentially misused (see the original report, issue W2: Delegation does not expire). Since Lido has a strong influence on the Ethereum ecosystem, we encourage the team to consider a different approach to address voter apathy that would be more conducive to decentralization.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><br \/>\n<\/span><b>Revision 2.0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The static analysis yielded the I1 finding, and our review resulted in 4 informational findings. The vote delegation concept remained unchanged.\u00a0<\/span><\/p>\n<p><b><br \/>\nAckee Blockchain recommends Lido Finance to:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">consider using the latest Solidity version to take advantage of the latest optimizations and bug fixes,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">consider a different approach to address voter apathy that would be more conducive to decentralization,<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">address all other reported issues.<\/span><\/li>\n<\/ul>\n<p><b><br \/>\nAckee Blockchain\u2019s full Lido Finance audit report, which includes a more detailed description of all findings and recommendations, can be found here.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We were delighted to audit Lido Finance and look forward to working with them again.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Lido Finance Simple Delegation allows LDO token holders to delegate their voting power to other addresses and delegates to participate in on-chain voting on behalf of their delegated voters. Lido Finance engaged Ackee Blockchain to perform a security review of the Lido Finance Simple Delegation for a total of 10 engineering days in a period between Mar 18 and Mar 28, 2024.&hellip;<\/p>\n","protected":false},"author":22,"featured_media":902,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,10,103],"tags":[89,137,104],"class_list":["post-901","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-audits","category-ethereum","category-wake","tag-audit-summary","tag-lido","tag-wake"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/08\/LIDO-SIMPLE-DELEGATION-1-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/08\/LIDO-SIMPLE-DELEGATION-1-600x600.png","author_info":{"display_name":"Andrey Babushkin","author_link":"https:\/\/ackee.xyz\/blog\/author\/andrey-babushkin\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/22"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=901"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/901\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/902"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}