# Security Audit

{% hint style="info" %}
Security is a top priority for Native. Native was built and designed following all of the industry’s best practices. Native’s contracts have been verified on Etherscan and BscScan.
{% endhint %}

## Audit Overview <a href="#audit-synopsis" id="audit-synopsis"></a>

Native contracted [Omniscia](https://omniscia.io/) to audit its Native V1 smart contract. Omniscia's audit report was issued on February 26, 2023.&#x20;

**Report :** [Link ](https://omniscia.io/reports/native-defi-exchange-63e26ceefed14e001649b91b)

During the audit, Omniscia, filtered and validated a total of **12 findings utilizing static analysis** tools as well as identified a total of **59 findings during the manual review** of the codebase.&#x20;

Based on the findings, the Native team alleviated and/or nullified all the issues raised by the Omniscia team.&#x20;

## Audit Synopsis <a href="#audit-synopsis" id="audit-synopsis"></a>

<figure><img src="/files/xwtKzWquSeZ3Onuxl0UE" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/gncCG9akpxcMK0E5cGcy" alt=""><figcaption></figcaption></figure>

## Issues Highlights:  <a href="#audit-synopsis" id="audit-synopsis"></a>

<details>

<summary><mark style="color:red;">[Major]</mark> FMH-01M: Unsafe Migration of Pragma Version <mark style="color:green;">(✓Alleviated)</mark></summary>

#### Description: <a href="#description" id="description"></a>

The `FullMath` library present in the codebase does not conform to the audited Uniswap V3 implementation as it has been upgraded to a `0.8.X` `pragma` version unsafely.

#### Solution: <a href="#alleviation" id="alleviation"></a>

All function code of the `FullMath` implementation has been wrapped in `unchecked` code blocks, ensuring that they are performed identically to the original Uniswap V3 implementation.

</details>

<details>

<summary><mark style="color:red;">[Major]</mark> PFY-03M: Inexistent Exposure of Pause Functionality <mark style="color:green;">(✓Alleviated)</mark></summary>

#### Description: <a href="#description-2" id="description-2"></a>

The contract is meant to make use of the `Pausable` dependency to protect the `addPoolCreator`, and `removePoolCreator` functions, the modifiers are ineffectual as the contract can never be paused.

#### Solution: <a href="#alleviation-2" id="alleviation-2"></a>

The `Pausable` methods are now exposed using homonym functions (`pause` & `unpause`) protected with the `onlyOwner` modifier

</details>

<details>

<summary><mark style="color:red;">[Major]</mark> RRE-04M: Inoperable Output Swap Mechanism <mark style="color:green;">(✓Alleviated)</mark></summary>

#### Description: <a href="#description-3" id="description-3"></a>

The current `exactOutput` mechanism is unsafe and inoperable in production due to the significant gas cost as well as stack space it utilizes, causing it to frequently run out of memory (OOM), out of gas (OOG), and / or out of stack space (OOS). Additionally, if a pool is entered twice as part of a multi-order swap the transaction will fail as each pool has a `nonReentrant` protection mechanism in its `swap` function.

#### Solution: <a href="#alleviation-3" id="alleviation-3"></a>

The `exactOutputSingle` and `exactOutput` functions have been commented out of the codebase rendering this exhibit no longer applicable.

</details>

<details>

<summary><mark style="color:orange;">[Medium]</mark> PLO-05M: Unsafe Casting Operations <mark style="color:green;">(✓Alleviated)</mark></summary>

#### Description: <a href="#description-4" id="description-4"></a>

The referenced statements perform an unsafe casting operation from a `uint256` data type to an `int256` data type. As the casting overflow will benefit the user due to its presence in the `executeSwapToTreasury` function, a carefully crafted order payload can be exploited to extract a set of funds from the treasury whilst transmitting close to none.

#### Solution: <a href="#alleviation-4" id="alleviation-4"></a>

The limitations on the input variables have been properly applied.

</details>

<details>

<summary><mark style="color:orange;">[Medium]</mark> RRE-03M: Inexistent Protection Against Multi-Order Invocation <mark style="color:green;">(✓Alleviated)</mark></summary>

#### Description: <a href="#description-2" id="description-2"></a>

The `exactOutputSingle` will misbehave if it is invoked with a `params.orders` argument that contains more than one orders. If a user invokes the wrong function, they will end up evaluating an incorrect slippage value for the `amountInMaximum` comparison thus causing them to incur slippage they cannot protect against.

#### Solution: <a href="#alleviation-2" id="alleviation-2"></a>

The `exactOutputSingle` function has been commented out of the codebase as highlighted in **RRE-04M: Inoperable Output Swap Mechanism**; this exhibit is nullified.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.native.org/native-whitepaper/about-native/security-audit.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.