LEND ERC20 Token Smart Contract Domain Team Assessment
- Symbol: LEND
- Address: 0x80fB784B7eD66730e8b1DBd9820aFD29931aab03
- Deployment date: September 17th, 2017
- Total Supply: 1299999941703168126810575000 (uint256)
- Developers Allotment: 300000000000000000000000000 (uint256)
- Project website: https://aave.com/
- Github repository: https://github.com/ETHLend/ICO_SmartContract
- Can use existing MCD collateral adapter: Yes, the GemJoin adapter.
- Does the contract implement the ERC20 token standard? Yes, the contract implements all the required ERC20 functions. Aside from a few auxiliary functions, the contract is a basic ERC20 implementation.
- Risk analysis: LOW.
- Compiler version: v0.4.16+commit.d7661dd9
- Decimals: 18
- Overflow checks: Yes, the contract uses a SafeMath library.
- Mitigation against allowance race-condition: Yes.
- Upgradeable contract patterns: No.
- Access control or restriction lists: No.
uint256instead of standard
Formal Verification Considerations
- Does transfer have simple semantics? Yes.
- Does transferFrom have simple semantics? Yes.
- Can balances be arbitrarily modified by some actor? No.
Are there any external calls?
- Yes, one. In the ‘withdrawEther()` function there is an external call: ‘escrow.send(this.balance)’. This function contains the onlyTokenManager modifier, and can only be called by the tokenManager address.
- Kovan LEND token address: 0x1BCe8A0757B7315b74bA1C7A731197295ca4747a (unverified)
- Aave Developer Documentation mainnet & testnet addresses list:
Audits & Related Documentation
- Smart Contract Security Audit Report:
Contract Logic Summary
The token uses a SafeMath contract as its base contract. The standard ERC20 interface, Token, inherits the SafeMath contract, and then a StdToken contract inherits the Token interface and provides the basic ERC20 function implementations. Lastly, an EthLendToken contract then inherits the StdToken contract. This EthLendToken contract contains all the ICO logic and a set of overriding ERC20 functions that wrap the inherited StdToken ERC20 specific functions.
The contract has six states, as defined in the ‘State’ enum: Init, Paused, PresaleRunning, PresaleFinished, ICORunning, and ICOFinished. The contract is in its terminal state, ICOFinished, and can no longer return to any other state. Most of the ICO logic in EthLendToken is now defunct or inaccessible.
The token audit reported several issues that “did not affect the security of the ICO contract directly.” And further cited that “most of the issues are fixed.” The audit then cites the contract initialization design pattern as one of the unfixed issues.
Below is a list of several addresses related to token management:
Address teamTokenBonus: 0x3533F9798c34E3971888043871E0b4fc1702adeA
- Address that receives the 300,000,000 LEND developers bonus.
Address tokenManager: 0xFe1A6056EE03235f30f7a48407A5673BBf25eD48
- Address that can call
onlyTokenManagerfunctions (‘setState()’, ‘withdrawEther()’, and ‘setTokenManager()’).
- Address that can call
Address escrow: 0xA8EB8Ee66e94f883D764Ee55df9DA2B3d517a662
- Gathered funds can only be withdrawn to this escrow address.
Contract Risk Summary
This is a low risk contract. The ERC20 functions are implemented to the industry standard and does not use upgradeable design patterns. The ERC20 allowance race condition is mitigated and noted in their code. The contract makes use of a SafeMath library to prevent overflows & underflows. The
escrow addresses can not interact with any of the ERC20 contract logic. The ICO has concluded, and as a result all of the ICO code is now defunct and unusable, but still present. Lastly, the contract does not make use of any access control lists or restrictive features.
It’s also worth noting that the contract has been operational on mainnet since September 17th, 2017.
**== ERC20 functions definition == [✓] transfer (address, uint256) -> (bool) [✓] approve (address, uint256) -> (bool) [✓] transferFrom (address, address, uint256) -> (bool) [✓] allowance (address, address) -> (uint256) [✓] balanceOf (address) -> (uint256) == Custom modifiers == [✓] No custom modifiers in ERC20 functions (there are requires) == ERC20 events == [✓] Transfer (address, address, uint256) [✓] Approval (address, address, uint256) [x] transfer must emit Transfer (address, address, uint256) [x] approve must emit Approval (address, address, uint256) [x] transferFrom must emit Transfer (address, address, uint256) == ERC20 getters == [✓] totalSupply () -> (uint256) [x] decimals () -> (uint8) [✓] symbol () -> (string) [✓] name () -> (string) == Allowance frontrunning mitigation == [x] increaseAllowance (address, uint256) -> (bool) [x] decreaseAllowance (address, uint256) -> (bool) == Balance check in approve function == [✓] approve function should not check for sender's balance**