Logo

-

yAudit Joins Inverse for sDOLA Security Audit

Edo
Edo

Risk Working Group

DSAsDOLARisktransparencyengineeringProduct

3 min

Cover Image for yAudit Joins Inverse for sDOLA Security Audit

At Inverse Finance, we continue to be committed to the highest standards of security and transparency. As part of this commitment, we are excited to announce that we recently onboarded yAudit, a budding collective of auditors recruited from yAcademy (Yearn Finance’s auditing program), to conduct a comprehensive audit of our upcoming  sDOLA product as well as sDOLA’s companion product, the DOLA Savings Account (DSA).  

Previous clients of yAudit include the likes of Olympus DAO, Nouns DAO, Temple DAO, LlamaLend, Timeless Finance, and of course, Yearn Finance. They were our top choice for the task at hand given the similarities between these products and Yearn’s.

Understanding DOLA Savings Account (DSA) and sDOLA

Before we delve into the specifics of the audit, let's briefly look at the underlying smart contacts. For a more detailed writeup on these products, refer to the official proposal here and the sDOLA whitepaper here.

DolaSavings.sol: The DOLA Savings Account Underlying sDOLA

sDOLA is built on top of the DOLA Savings Account. A yearly DBR budget on a pro-rata basis is distributed to DOLA stakers, with a cap on the maximum yearly DBR Spend Rate, and consequently the DBR per DOLA rate, set by Inverse governance. This mechanism allows us to incentivize the holding of DOLA, thereby stabilizing its market presence.

sDOLA.sol: sDOLA Auto-Compounding  

sDOLA takes the concept of DOLA Saving Account a step further. It's an ERC-4626 vault that uses a virtual constant function market maker-based auction to continuously convert accrued DBR rewards into DOLA. The contract is designed to maintain a constant 'K' in the auction, as set by Inverse governance, with revenue payouts structured to prevent auction frontrunning. This process not only simplifies the investment process for DOLA holders but also potentially turns sDOLA into a valuable form of collateral.

sDolaHelper.sol: A user-friendly contract that facilitates easy buying, selling, and price checking of DBR.

The Role of yAudit

yAudit's comprehensive audit focused on several key areas:

  • Smart Contract Security: Ensuring that the contracts for DOLA Savings Account and sDOLA are free from vulnerabilities and are robust against potential attacks.

  • Economic Model Validation: Assessing the economic models underlying these mechanisms to ensure they are sound and sustainable.

  • Governance and Control Mechanisms: Reviewing the governance processes and control mechanisms in place for adjusting key parameters of the system.

  • User Experience and Interaction: Evaluating the ease of use and interaction processes for end-users, ensuring that the system is not only secure but also user-friendly.

A link to the audit results can be found here.

Moving Forward with Confidence

We would like to especially thank the team at yAudit for a timely and thorough job. They were a joy to work with and we are very much looking forward to our next collaboration. 

We believe smart contract reviews and formal external audits to be mandatory steps in a product release roadmap. We have stayed true to this idea and are proud to share the results time and time again with our stakeholders. Your trust and security are our top priorities, and we are here to play our part in the revolution that is DeFi. Stay tuned for further updates.


Edo
Edo

Risk Working Group


More Stories

Cover Image for Inverse Finance Expands Bounty Program's Max Bounty

Inverse Finance Expands Bounty Program's Max Bounty

At Inverse Finance, our commitment to security continues to evolve as the DeFi landscape advances. Today, we're thrilled to announce a major update to our Bug Bounty Program on the Immunefi platform: almost-doubling our maximum bounty reward to 80,000 DOLA...

2 min

Edo
Edo

Risk Working Group