evoDefi (AMM on HSC)
- Completed
-
Audit Report
Commissioned
28 Aug 2021
Completed
30 Aug 2021
Contracts Audited
EvoSwapV2Router 0x9a45723AA0F705B1DCf9bd8C2099d3663fB967f9 EvoSwapV2Factory 0x3bab5FA55CD0E476006f3850A5e8E173D7Bbb166 EvoSwapV2Pair Created by factory or router: check creation transaction to verify that the pair was created by the factory EvoSwapV2ERC20 Dependency EvoSwapV2Library Dependency View Audit Report
IssuesRisk SummaryFound Resolved Partially Resolved Acknowledged
(no change made)High 0 – – – Medium 0 – – – Low 1 – – 1 Informational 4 – – 4 Total 5 – – 5 The evoDefi AMM on HSC is a simple Uniswap clone. Since the evoDefi AMM is such a straightforward fork from one of the most audited projects in the world, the code-related risks are absolutely minimal. However, there are still a few risks users should be aware of:
- The wrapped Hoo token is heavily used inside the protocol but is currently not verified. Our team has decompiled the source code and could not find anything malicious but this might still be a small risk when participating in this protocol and the broader Hoo ecosystem.
- Phishing: When any swap frontend is compromised, it is very easy to be mislead into approving or sending out malicious transactions. Checking that the contract address you interact with is the router helps somewhat, but there are other ways by which phishing is still possible like the malicious frontend changing the destination address for the swap tokens.
- Impermanent loss inherent to staking in any exchange: As with any LP staking, there is always a risk that impermanent loss will be greater than staking rewards.
- The probability of the native token’s value dropping rapidly simply due to the nature of yield farming. Carefully evaluating the team and project could help with assessing this.
When using this protocol, the main risks you want to look out for are:
- Ensuring that the contracts you are interacting with matches the one we audited. This can be done by comparing the addresses with the one present in the contracts page in our audit.
- Our audits only cover code-related risks. Users will have to do their own due diligence on other aspects of the protocol such as the reputation of the team, the protocol’s tokenomics, and other aspects of the project that might be relevant.