[tBTC] ERC20 Token Smart Contract Technical Assessment

[tBTC] ERC20 Token Smart Contract Technical Assessment

General Information

Risk Summary

  • Does the contract implement the ERC20 token standards? Yes.
  • Risk analysis : MEDIUM.

Technical Information

  • Compiler version : v0.5.17+commit.d19bba13
  • Decimals : 18
  • Overflow checks : Yes, the contract uses the SafeMath library for uint operations.
  • Mitigation against allowance race-condition : Yes, the contract implements increaseAllowance and decreaseAllowance to get around this issue.
  • Upgradeable contract patterns : No.
  • Access control or restriction lists : No.
  • Non-standard features or behaviors : Yes.
    • VendingMachine can mint unlimited tBTC.

Formal Verification Considerations:

  • Does transfer have simple semantics? Yes.
  • Does transferFrom have simple semantics? Yes.
  • Can balances be arbitrarily modified by some actor? No.
  • Are there any external calls? No.

Testnet Information

  • tBTC is deployed on Ropsten. List of relevant addresses for each release here.

Contract Logic Summary

Administrative Addresses

Inheritance Structure

tBTC uses a bunch of standard OpenZeppelin contracts for the ERC20 implementation.

Contract Risk Summary

I put the contract risk as MEDIUM, but it is on the lower end. All the code itself is built using standard Open Zeppelin contracts with SafeMath. The multi-sig owner address is only capable of performing a limited set of operations such as setting fees, lot size, collateralization ratio and a one-time emergency freeze for the first 180 days. However some of the operations such as setting price feeds for ETH/USD are a bit more risky. There is some additional risk with the protocol itself. It is a new design, so it’s possible the economics haven’t been worked out perfectly.

Supporting Materials

Architecture Diagram

Inheritance Diagram

Sūrya’s Description Report

Files Description Table

File Name SHA-1 Hash
tBTC.sol c459e17cfa4685068a79d122afdc2d5e2fb662da

Contracts Description Table

Contract Type Bases
Function Name Visibility Mutability Modifiers
IERC20 Interface
totalSupply External :exclamation: NO❗️
balanceOf External :exclamation: NO❗️
transfer External :exclamation: :stop_sign: NO❗️
allowance External :exclamation: NO❗️
approve External :exclamation: :stop_sign: NO❗️
transferFrom External :exclamation: :stop_sign: NO❗️
ERC20 Implementation IERC20
totalSupply Public :exclamation: NO❗️
balanceOf Public :exclamation: NO❗️
transfer Public :exclamation: :stop_sign: NO❗️
allowance Public :exclamation: NO❗️
approve Public :exclamation: :stop_sign: NO❗️
transferFrom Public :exclamation: :stop_sign: NO❗️
increaseAllowance Public :exclamation: :stop_sign: NO❗️
decreaseAllowance Public :exclamation: :stop_sign: NO❗️
_transfer Internal :lock: :stop_sign:
_mint Internal :lock: :stop_sign:
_burn Internal :lock: :stop_sign:
_approve Internal :lock: :stop_sign:
_burnFrom Internal :lock: :stop_sign:
ERC20Detailed Implementation IERC20
Public :exclamation: :stop_sign: NO❗️
name Public :exclamation: NO❗️
symbol Public :exclamation: NO❗️
decimals Public :exclamation: NO❗️
VendingMachineAuthority Implementation
Public :exclamation: :stop_sign: NO❗️
SafeMath Library
add Internal :lock:
sub Internal :lock:
mul Internal :lock:
div Internal :lock:
mod Internal :lock:
ITokenRecipient Interface
receiveApproval External :exclamation: :stop_sign: NO❗️
TBTCToken Implementation ERC20Detailed, ERC20, VendingMachineAuthority
Public :exclamation: :stop_sign: ERC20Detailed VendingMachineAuthority
mint External :exclamation: :stop_sign: onlyVendingMachine
burnFrom External :exclamation: :stop_sign: NO❗️
burn External :exclamation: :stop_sign: NO❗️
approveAndCall Public :exclamation: :stop_sign: NO❗️


Symbol Meaning
:stop_sign: Function can modify state
:dollar: Function is payable

Hi, I have been collaborating with the Keep / TBTC community. This assessment is a bit over my head, but I could bring of the developers over to provide some answers to what you are discussing here.
Keep / TBTC is a very solid project. Let me know how to best help out in the assessment that you are doing for the approvals. We are definitely looking forward to bring TBTC to MakerDAO and help increase the utility of BTC in Ethereum with this alternative.


I agree. tBTC is a great project, and the plan is to onboard it soon. You can talk to @juan about having the devs present the project in the weekly collateral calls (maybe they already did?).


@mhluongo presented tbtc back in October. :slight_smile: