Audit by Inference AG

Our vote escrow smart contracts have been audited by Inference AG.
Issue 1: `next_epoch` not executed on time
We have a bot running on our end that duly executes the entrypoint every Thursday at 12 AM (UTC). The core team carefully monitors the execution. The scripts for the bot can be found here: https://github.com/Plenty-DeFi/next_epoch_cron

In case, the execution has not occurred at the right time due to a potential bot failure. It can be called permissionless through https://better-call.dev/mainnet/KT1Xa92Nf6evFcEbxMXencfGPmS4urNyn5wd/interact/next_epoch​
Issue 2: Small bribes
Ideally, this should not be an issue since bribes would mostly be added by protocol owners or DAOs that have a sufficient understanding of the system. However, to be on the safer side, we have to give a clear warning under the `Who can bribe?` section.
Issue 3: Distribution of AMM fees
The scripts in the repository https://github.com/Plenty-DeFi/next_epoch_cron also handle the calling of appropriate entrypoint for fee distribution. In the event that the bot running the scripts ends up failing, the entrypoint can be called permissionless by passing the AMM address and epoch number through https://better-call.dev/mainnet/KT1Xa92Nf6evFcEbxMXencfGPmS4urNyn5wd/interact/pull_amm_fee​
Observation 1: Race condition in entrypoint
The race-condition issue is duly considered, and it will be handled accordingly during deployment through a batch deployment.
Observation 2: `ve_swap` exchange temporarily not possible
This will happen for a very small duration (possibly just one block) when nearing the end of the migration period i.e 2 years from now. A warning label will be added to the website in the approaching days.
Observation 3: No two-step procedure to replace admin address
The setAdministrator will be called once to replace the initial tz1 address-based admin with a multi-sig address. We shall take proper care to ensure that the admin transition is done correctly. 
Last modified 8d ago