Fantastic News! Our audit report is finally ready to be shared with the community. This medium will provide some updates regarding this alongside other news.
History & Context
For context, our developers forked the Tomb Finance code when it was PUBLICLY accessible and as such the code remains the same with regards to all core modules. We have edited the main contracts only to add flexibility and better readability. Furthermore, Obelisk is currently checking the contracts for our long awaited profit distribution feature. Safety is paramount to the team at Based Finance, and as such the public is unable to use this feature at the moment until we have results from the continuing audit.
Code difference comparison of Tomb & Based deployed contracts
We welcome everyone to check the changes we have made to the various relevant contracts of our protocol with respect to tomb’s code. You do not need to be a programmer to verify the changes as the tool below will highlight the changes & most of it is easily understandable. It wont even take 10 minutes to go through all the changes in all of these 4 contracts. We have created direct links with prepopulated contract codes. We would advise you to copy contract code yourselves from the official documentation of both protocols found at the official links.
- Tomb Masonry vs Based Acropolis contracts https://www.diffchecker.com/acq7j5wt Clearly the only changes here are the naming changes for the protocol & the tokens.
- Tomb vs Based Treasury contracts https://www.diffchecker.com/N501hTQq There are the obvious name changes, expected tokenomics number changes & we prefer to use block.timestamp instead of now
- Tomb vs Based Oracle contracts https://www.diffchecker.com/OE6HIpsy Literally one single change where we removed the constructor from being public
- Tomb vs Based Reward pool contracts (Agora) https://www.diffchecker.com/Xrk8dlTa Usual naming changes in addition to following 2 changes.
Pools with ids 0 & 1 have minimum allocpoints hard coded.
Pools with id greater than 2 have deposit fees. - Solidity Compiler Version
Tomb uses solidity compiler v0.6.12 & Based uses v0.8.0. Although ideally newer versions need to be better, in this case the new compiler does not check overflows as the old one did.
Obelisk Audit
Obelisk Audit report for Based Finance contracts can be found at: https://github.com/Tibereum/obelisk-audits/blob/main/Based.pdf
Clarifications on select issues mentioned in Audit
As clarified from the difference check in the earlier section it is clarified that the code remains almost exactly the same as Tomb’s. We have all contracts redone to obelisk standards for future use, thus have a much cleaner tomb fork code in case we need to redeploy.
– High risk issues — Oracle related issues, Profit distribution issues
Response — Oracle code is the same as from Tomb & works perfectly. We are working with Chainlink for a better Oracle & if that does not work it can be redeployed at any time. Profit distribution has not yet been deployed & changes are still being audited.
– Based Finance has opted against having a timelock. Nevertheless all contracts are renounced except bshareRewardPool and Treasury. The reasons for this are as follows:
Firstly, Based is NOT just a tomb fork, it is an ever-changing space as we constantly have new features and projects coming in the near future. As such, we need to be able to adjust right away to ensure seamless delivery of products for our investors. A Time-Lock would be counterproductive in this scenario.
Secondly, we are still adjusting the expansion rate on treasury and changing how much $BASED is being printed in the Acropolis to satisfy demand. This is the main mechanism to fine tune the printing of based at certain rates. When we are at the optimal printing rate and the final adjustments of our protocol have taken place — the last remaining contracts may be renounced as well.
Reminder: This is just a report from Obelisk to present to our partners/ future partners. The final audit is still yet to be published (It takes time!, especially as they are working on our Profit Distribution contract now.)
Lastly we welcome our investors to take a look at previous Obelisk Audits on other Tomb Forks who share the same code as us. We would also like to point out the fact that the same code with another fork has gotten a 92% safety rating with Certik.
Tomb on and stay Based.