🔐
Security Audit
Security is a top priority for Native. Native was built and designed following all of the industry’s best practices. Native’s contracts have been verified on Etherscan and BscScan.
Native contracted Omniscia to audit its Native V1 smart contract. Omniscia's audit report was issued on February 26, 2023.
During the audit, Omniscia, filtered and validated a total of 12 findings utilizing static analysis tools as well as identified a total of 59 findings during the manual review of the codebase.
Based on the findings, the Native team alleviated and/or nullified all the issues raised by the Omniscia team.


The
FullMath
library present in the codebase does not conform to the audited Uniswap V3 implementation as it has been upgraded to a 0.8.X
pragma
version unsafely.All function code of the
FullMath
implementation has been wrapped in unchecked
code blocks, ensuring that they are performed identically to the original Uniswap V3 implementation.The contract is meant to make use of the
Pausable
dependency to protect the addPoolCreator
, and removePoolCreator
functions, the modifiers are ineffectual as the contract can never be paused.The
Pausable
methods are now exposed using homonym functions (pause
& unpause
) protected with the onlyOwner
modifierThe current
exactOutput
mechanism is unsafe and inoperable in production due to the significant gas cost as well as stack space it utilizes, causing it to frequently run out of memory (OOM), out of gas (OOG), and / or out of stack space (OOS). Additionally, if a pool is entered twice as part of a multi-order swap the transaction will fail as each pool has a nonReentrant
protection mechanism in its swap
function.The
exactOutputSingle
and exactOutput
functions have been commented out of the codebase rendering this exhibit no longer applicable.The referenced statements perform an unsafe casting operation from a
uint256
data type to an int256
data type. As the casting overflow will benefit the user due to its presence in the executeSwapToTreasury
function, a carefully crafted order payload can be exploited to extract a set of funds from the treasury whilst transmitting close to none.The limitations on the input variables have been properly applied.
The
exactOutputSingle
will misbehave if it is invoked with a params.orders
argument that contains more than one orders. If a user invokes the wrong function, they will end up evaluating an incorrect slippage value for the amountInMaximum
comparison thus causing them to incur slippage they cannot protect against.The
exactOutputSingle
function has been commented out of the codebase as highlighted in RRE-04M: Inoperable Output Swap Mechanism; this exhibit is nullified.Last modified 4mo ago