DESCRIPTION
The contracts covered in this audit include all source codes excluding testing codes.The iterative audit covers the code in the initial version, as well as subsequent versions to fix discovered issues, as detailed in our audit report. Please note that external dependencies are assumed reliable and are therefore excluded from the audit scope.
Our audit methodology employs automated vulnerability scans, manual verification, and business logic analysis to uncover potential security issues coupled with gas and code quality optimization recommendations. In summary, we have found that the codebase contains several issues and security suggestions. The Burrowland team has addressed these issues promptly. It is important to note that our audit covers only the final reported versions of the codebase. Any subsequent updates would require a re-evaluation.
KEY FINDINGS
In total, we find 5 potential issues in the smart contract. We also have 2 recommendations and 0 notes, as follows:
| ID | Severity | Description | Category | Status |
|---|---|---|---|---|
| 1 | Low | Improper Round Direction | Defi Security | Fixed |
| 2 | Medium | Interactions Required for Newly Added Rewards | DeFi Security | Confirmed |
| 3 | Medium | Precision Loss during Token Transfer | DeFi Security | Confirmed |
| 4 | Medium | Lack of Updating Affected Farm | DeFi Security | Confirmed |
| 5 | Medium | Inconsistency of Modifiable booster_token_id and booster_decimals | DeFi Security | Fixed |
| 6 | - | Improper Discount Value Check | Recommendation | Confirmed |
| 7 | - | Redundant Invocation of add_affected_farm() | Recommendation | Fixed |
More details are provided in the audit report.