Back to Overview

Mangrove Security Audit

Summary

The most critical subjects covered in our audit are functional correctness, access control, precision of arithmetic operations, front-running and signature handling. Security regarding most of the aforementioned subjects is high. Security of signature handling is basic due to possible ECDSA malleability, see ECDSA Signature Malleability. Security of front-running is good but keepers could lose funds to rogue makers unexpectedly due to unawareness of the exact functionality of sniping, see No Protection for Keepers.

The general subjects covered are unit testing, documentation, specification, gas efficiency and error handling. Security regarding all the aforementioned subjects is high.

In summary, we find that the codebase provides a high level of security.

It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.

About Mangrove

Mangrove implements an offer book based exchange. Individual offer books exist for each market consisting of a base and a quote asset. Technically an offer book is a sorted doubly linked list of offers. Each offer promises an amount of the so-called base asset and requests a certain amount of the quote asset. Makers create these offers. Takers take these offers by executing a so-called order. During the execution of an order, the amount of the base quote is transferred to the maker first before the maker address is called to execute arbitrary code. During this call, the maker must do all actions necessary and make the amount of the base asset available for the exchange to collect.

Offers are just promises and the execution of an order may fail. When an offer fails e.g., because it failed to make available the amount of tokens to the exchange, the execution of the order is stopped. A penalty mechanism exists to incentivize makers to have working offers. Upon offer creation, the maker has to provide a so-called provision in Ether to cover for the gas costs should the transaction revert. If the offer
succeeds, the provision is returned to the maker. When an offer fails, a part of the provision is given to the taker to compensate for his lost gas costs.

A callback to the maker at the end of an exchange allows the maker to update his offer.

The system is administrated by the governance which can add/remove or pause token pairs or change the parameters of the system.

ChainSecurity has proved its ability to independently understand, thoroughly analyze, and help secure novel and complex smart contracts in a surprisingly short amount of time. We could not ask for a better auditing partner.
Adrien Husson, smart contract lead @ Mangrove