Summary
The most critical subjects covered in our audit are asset solvency, functional correctness, and accesscontrol. Functional correctness is good, but there were some issues uncovered, such as Rounding Errorsin TRC20 methods. Security regarding the other subjects is high. Note that any off-chain parts of thesystem are out of the scope of this review.
The general subjects covered are unit testing, documentation, code complexity, and gas efficiency. Unittesting is non-existent, as no unit tests were provided with the code. Documentation is improvable, as thecode is missing NatSpec on many functions, and no public documentation page exists. Code complexityis improvable, as low-level code is used in places where it is not necessary. The proxy pattern usedworks correctly but does not follow best practices that aid in avoiding mistakes during upgrades. SeeProxy Upgrades Must Be Well-tested. Gas efficiency is good.
In summary, we find that the codebase provides a good level of security.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. Theycomplement but don't replace other vital measures to secure a project.
About stUSDT Smart Contracts
stUSDT is a custodial system for providing off-chain yield to users on-chain. Users receive the stUSDTtoken as a representation of their deposit in the system and can create a withdrawal request to turn theirdeposit back into USDT.
---
"stUSDT is the receipt token users receive upon staking USD stablecoins on the platform. This decentralized intermediary to real-world assets allows holders to participate in real-world investment directly and start earning rewards."
We appreciate ChainSecurity for their thorough auditing of stUSDT, which has been instrumental in safeguarding our platform’s security. Their expertise in understanding Real-World Assets (RWA), combined with their meticulous approach and insightful feedback, aligns perfectly with our commitment to continually enhance the protocol’s functionality and security.
RWA DAO, stUSDT