Back to Overview

Gearbox V2.1 Security Audit

Summary

Our audit’s most critical focus areas include verifying the proper behavior, security, and financial stability of the protocol. A significant portion of our review concentrates on ensuring the accuracy of adapters when interacting with external systems. We also examined the newly added price feeds.

Security regarding all the aforementioned subjects is high.

We also examined the code’s correctness with respect to the available specification and the consistency of the implementation.

In summary, we find that the codebase of the protocol provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Gearbox V2.1

Gearbox Protocol has implemented version 2.1, an improved iteration of the existing v2 protocol. Based on lessons learned since the launch of v2, numerous enhancements and fixes have been incorporated to strengthen security, such as minimizing the attack surface. Access has been further restricted, with direct interaction with adapters no longer permitted. All interactions must now go through the CreditFacade. Additionally, new adapters have been introduced to enable credit accounts to interact with Balancer, Compound, and Aave V2, along with the addition of three new price feeds.

“Gearbox is a generalized leverage protocol: it allows anyone to take leverage in a DeFi-native way and then use it across various DeFi protocols. You take leverage with Gearbox and then use it on other protocols you already love. For example, you can leverage trade on Uniswap, leverage farm on Yearn or Curve and Convex, make complex delta-neutral strategies involving options and derivatives, get Leverage-as-a-Service for your structured product doing complex positions, etc.

The protocol has two sides to it: passive liquidity providers who earn higher APY by providing liquidity; – and active traders, farmers, or even other protocols who can borrow those assets to trade or farm with x4+ leverage.”

#Source