Audits
xSuite
Security Audits
AshPerp
Smart Contracts
15 audits | 133 issues fixed | Last audited on Jun 1, 2024
Trading
Contract for opening, managing and closing perpetual orders.
Audit
Report
PDF
Date
Jun 1, 2024
Code Hash
Fe3+aGJ…wgmk1U=
Inherent risks
10 inherent risks:
  • Users might not obtain their due profit when they close their position.
  • Users might not be able to close their position and would have to continue to pay the borrowing fee.
  • The borrowing fee per block might increase over time.
  • Users might not get their take profit executed whereas the execution price was met and therefore would lose the expected profit.
  • Users might not get their stop loss executed as soon as the execution price is met and therefore would lose more than expected.
  • Users might get liquidated whereas the liquidation price has not been met yet.
  • Users might not get their limit order and stop order executed whereas the execution price was met.
  • Users pay open fees even if their order could not be opened, and pay closing fees even if their order could not be closed.
  • The owner can cancel trades anytime without traders or liquidity providers earning profits.
  • Users might not obtain the expected fee discount and rebate.
All details are available in the report.
Issues
0 issue remaining (33 reported)
Severity
Reported
Remaining
Critical
3
0
Major
5
0
Medium
12
0
Minor
13
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…s8q6j9p
Trading (2)
Contract for opening, managing and closing perpetual orders.
Audit
Report
Date
Jun 1, 2024
Code Hash
Fe3+aGJ…wgmk1U=
Inherent risks
10 inherent risks:
  • Users might not obtain their due profit when they close their position.
  • Users might not be able to close their position and would have to continue to pay the borrowing fee.
  • The borrowing fee per block might increase over time.
  • Users might not get their take profit executed whereas the execution price was met and therefore would lose the expected profit.
  • Users might not get their stop loss executed as soon as the execution price is met and therefore would lose more than expected.
  • Users might get liquidated whereas the liquidation price has not been met yet.
  • Users might not get their limit order and stop order executed whereas the execution price was met.
  • Users pay open fees even if their order could not be opened, and pay closing fees even if their order could not be closed.
  • The owner can cancel trades anytime without traders or liquidity providers earning profits.
  • Users might not obtain the expected fee discount and rebate.
All details are available in the report.
Issues
2 issues remaining (23 reported)
Severity
Reported
Remaining
Critical
1
0
Major
5
0
Medium
10
1
Minor
7
1
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…s8q6j9p
Pairs
Contract for managing all pairs of tokens allowed for perpetual trading.
Audit
Report
Date
Jun 1, 2024
Code Hash
QSftEK5…k+/+9A=
Inherent risks
0 inherent risk
Issues
0 issue remaining (18 reported)
Severity
Reported
Remaining
Critical
0
0
Major
3
0
Medium
7
0
Minor
8
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…snezcur
Pairs (2)
Contract for managing all pairs of tokens allowed for perpetual trading.
Audit
Report
Date
Jun 1, 2024
Code Hash
QSftEK5…k+/+9A=
Inherent risks
0 inherent risk
Issues
0 issue remaining (3 reported)
Severity
Reported
Remaining
Critical
1
0
Major
0
0
Medium
2
0
Minor
0
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…snezcur
Delegate
Contract where a trader can delegate the management of his trades and deposited assets to another account of his choice.
Audit
Report
Date
Jun 1, 2024
Code Hash
zvpSNG4…90FgWU=
Inherent risks
1 inherent risk:
  • Users give full control to authorized accounts over their trades.
All details are available in the report.
Issues
0 issue remaining (5 reported)
Severity
Reported
Remaining
Critical
2
0
Major
0
0
Medium
1
0
Minor
2
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sfkvl6s
Delegate (2)
Contract where a trader can delegate the management of his trades and deposited assets to another account of his choice.
Audit
Report
Date
Jun 1, 2024
Code Hash
zvpSNG4…90FgWU=
Inherent risks
1 inherent risk:
  • Users give full control to authorized accounts over their trades.
All details are available in the report.
Issues
0 issue remaining (1 reported)
Severity
Reported
Remaining
Critical
0
0
Major
0
0
Medium
1
0
Minor
0
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sfkvl6s
Vault
Contract where users deposit tokens and get a share of the Vault in return. The Vault’s shareholders earn part of the trading fees and traders’ losses, but lose tokens when traders make profits because traders’ profits are taken from the Vault.
Audit
Report
Date
Jun 1, 2024
Code Hash
V0uI/Y7…eXmoCw=
Inherent risks
4 inherent risks:
  • Users might lose part or all the money they deposit in the vault.
  • Users might lose more money or earn less money than they should.
  • Users have no guarantee that the insurance funds will cover all their losses.
  • The owner can withdraw funds from the insurance funds.
All details are available in the report.
Issues
0 issue remaining (17 reported)
Severity
Reported
Remaining
Critical
0
0
Major
3
0
Medium
11
0
Minor
3
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…slhqpqy
Vault (2)
Contract where users deposit tokens and get a share of the Vault in return. The Vault’s shareholders earn part of the trading fees and traders’ losses, but lose tokens when traders make profits because traders’ profits are taken from the Vault.
Audit
Report
Date
Jun 1, 2024
Code Hash
V0uI/Y7…eXmoCw=
Inherent risks
4 inherent risks:
  • Users might lose part or all the money they deposit in the vault.
  • Users might lose more money or earn less money than they should.
  • Users have no guarantee that the insurance funds will cover all their losses.
  • The owner can withdraw funds from the insurance funds.
All details are available in the report.
Issues
0 issue remaining (7 reported)
Severity
Reported
Remaining
Critical
0
0
Major
0
0
Medium
5
0
Minor
2
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…slhqpqy
NFT Delegator
Contract where users deposit AshPerp NFTs in order to enjoy fee rebates and discounts on spread when opening trades.
Audit
Report
Date
Jun 1, 2024
Code Hash
OqfDeB+…1pgWkw=
Inherent risks
0 inherent risk
Issues
0 issue remaining (7 reported)
Severity
Reported
Remaining
Critical
0
0
Major
1
0
Medium
2
0
Minor
4
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sht7zkr
NFT Delegator (2)
Contract where users deposit AshPerp NFTs in order to enjoy fee rebates and discounts on spread when opening trades.
Audit
Report
Date
Jun 1, 2024
Code Hash
OqfDeB+…1pgWkw=
Inherent risks
0 inherent risk
Issues
0 issue remaining (2 reported)
Severity
Reported
Remaining
Critical
0
0
Major
1
0
Medium
0
0
Minor
1
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sht7zkr
Price Aggregator
Contract where AshPerp oracles push prices to execute users’ trades.
Audit
Report
Date
Jun 1, 2024
Code Hash
YMMfksl…/gyO1c=
Inherent risks
2 inherent risks:
  • Oracle bots might fulfill an order with delay or not at all.
  • Oracle bots might not be able to do a sanity check on the price used to fulfill an order.
All details are available in the report.
Issues
0 issue remaining (4 reported)
Severity
Reported
Remaining
Critical
0
0
Major
0
0
Medium
3
0
Minor
1
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sp5346s
Price Aggregator (2)
Contract where AshPerp oracles push prices to execute users’ trades.
Audit
Report
Date
Jun 1, 2024
Code Hash
YMMfksl…/gyO1c=
Inherent risks
2 inherent risks:
  • An oracle bot might fulfill an order with delay or not at all.
  • An oracle bot might not be able to do a sanity check on the price used to fulfill an order.
All details are available in the report.
Issues
0 issue remaining (2 reported)
Severity
Reported
Remaining
Critical
0
0
Major
0
0
Medium
1
0
Minor
1
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sp5346s
Referrals
Contract allowing referrers to refer traders. When the referred trader opens an order, he enjoys a discount on the opening fee, and the referrer earns a portion of the opening fee.
Audit
Report
Date
Jun 1, 2024
Code Hash
AKL7UFM…t5ekK4=
Inherent risks
0 inherent risk
Issues
0 issue remaining (7 reported)
Severity
Reported
Remaining
Critical
0
0
Major
1
0
Medium
3
0
Minor
3
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sprnwsh
Referrals (2)
Contract allowing referrers to refer traders. When the referred trader opens an order, he enjoys a discount on the opening fee, and the referrer earns a portion of the opening fee.
Audit
Report
Date
Jun 1, 2024
Code Hash
AKL7UFM…t5ekK4=
Inherent risks
0 inherent risk
Issues
0 issue remaining (0 reported)
Severity
Reported
Remaining
Critical
0
0
Major
0
0
Medium
0
0
Minor
0
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
erd1qqqqqq…sprnwsh
PnL Feed
Contract calculating the vault’s PnL to control the assets that traders can borrow from the vault
Audit
Report
Date
Jun 1, 2024
Code Hash
No code hash specified
Inherent risks
0 inherent risk
Issues
0 issue remaining (6 reported)
Severity
Reported
Remaining
Critical
0
0
Major
2
0
Medium
2
0
Minor
2
0
Disclaimer
The report makes no statements or warranties regarding the security of the code, the information herein or its usage. It does not constitute legal or investment advice. Authors shall not be liable for any acts or omissions based on the information contained herein.
Address of deployment
No address of deployment associated to this smart contract.
Disclaimer