Skip to content

AayushJhaAudits/FusePoolDirectory-Audit-Rari-Capital-Compound-Fork-

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

5 Commits
FusePoolDirectory.sol
FusePoolDirectory.sol
Β 
Β 
FusePoolDirectory_Audit_Report_April19_2025.pdf
FusePoolDirectory_Audit_Report_April19_2025.pdf
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

πŸ” Smart Contract Audit β€” FusePoolDirectory.sol

Auditor: Aayush
Protocol: Rari/Fuse (Compound Fork)
Date: April 19, 2025
Contract Audited: FusePoolDirectory.sol
Audit Type: Manual Code Review + Foundry-Based Testing
Status: βœ… Completed

πŸ“„ Audit Summary

This audit reviews the security, correctness, and gas efficiency of FusePoolDirectory.sol from Rari/Fuse Protocol.
The contract is responsible for creating and registering Fuse interest rate pools, and it uses a proxy pattern via Unitroller and Comptroller.

βœ… Key Fixes & Improvements

  • Reentrancy protection added to deployPool()
  • Contract validation and zero-address checks added
  • Redundant storage writes optimized
  • Event emission and pool duplication protections enforced
  • 100% test coverage via Foundry

πŸ“„ Full Audit Report

πŸ”— Download the full audit report (PDF)

πŸ§ͺ Test Suite

Foundry-based unit and fuzz tests covering:

  • βœ… Reentrancy protection
  • βœ… Input validation
  • βœ… Whitelist logic
  • βœ… Event emission
  • βœ… Gas optimization logic

πŸ”— View Test Suite on GitHub Gist

πŸ› οΈ Tools Used

  • Foundry
  • Slither (Static Analysis)
  • Manual Code Review
  • GitHub Actions (for CI)

πŸ“Œ Notes

⚠️ The original contract was written in Solidity 0.6.12, which does not support custom errors.
If the protocol is upgraded to Solidity ^0.8.0, we recommend using custom errors instead of require() to save gas.

Twitter Portfolio Email

Security First. Gas Second. Clarity Always.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages