Auditing Smart Contracts

Authors:         Wayne Landsman, Evgeny Lyandres, Edward Maydew, Daniel Rabetti, Che Zhang

Discussant:   Andreas Park
 

 

Overview of Discussion

  • General background on blockchain and DeFi
  • The Paper
  • Why you should care about this field

I hope one take home is that there is much more to DeFi  than

  • Bitcoin
  • FTX
  • Binance/Coinbase
  • Ripple
  • JP Morgan & tokenized deposits
  • Trumpcoin, Fartcoin, or wild speculation

So what is Blockchain & DeFi about?

What our financial infrastructure looks like

payments

stocks, bonds, and options

swaps, CDS, MBS, CDOs

insurance contracts

What would the most efficient financial infrastructure look like?

payments

stocks, bonds, and options

swaps, CDS, MBS, CDOs

insurance contracts

\(\Rightarrow\) a single common resource

  • easy value management
  • straightforward transfers & ownership accounting
  • new types of contracts and usage of assets
  • \(\ldots\)

What would the most efficient financial infrastructure look like?

But there is more: TradFi = Intermediated

  • everything is driven by intermediaries
    • access to infrastructure
    • holding and operation of assets

DeFi = self-determined & open

  • holding and operation of assets by individuals
  • using autonomous "smart contracts"
  1. Self-custody and selfcontrol of assets
  2. Unfiltered access to financial infrastructure
  3. Free entry of service providers
  4. Conceptually non-custodial services run as autonomous codes on the infrastructure
  5. Blockchain = common resource
  6. Services = platforms

features

consequences

Blockchain-based Decentralized Finance in a Nutshell

  1. Self-custody and selfcontrol of assets
  2. Unfiltered access to financial infrastructure
  3. Free entry of service providers
  4. Conceptually non-custodial services run as autonomous codes on the infrastructure
  5. Blockchain = common resource
  6. Services = platforms

features

What the focus of this paper?

What's special about smart contracts?

What is a smart contract/DeFi application?

  • piece of code that performs operations on the blockchain
  • can be
    • called (= used) by anyone
    • deployed by anyone
  • organized
    • as a platform
    • often requires deposits of assets
    • often involves transfers of assets
  • immutable?
    • actually not exactly...
  • liquidity pools for trading, borrowing & lending
  • collateral for trades (derivatives), borrowing
  • bonds for securing services and trust

some features

some examples

Here's the problem...

A word about tokens: What might token investors be concerned about?

  • Prat, Danos, Marcasse (Management Science 2025) "Fundamental Pricing of Utility Tokens"
    • tokens first sold to investors ...
    • ... but eventually make their way to users
  • hidden features of tokens:
    • Squid Game Token could not be sold
  • Do the economics of the tokens work?
    • set incentives
    • pay for usage
    • optimizing for usage and income
    • payment mechanisms
  • trust issuer?
    • can the be interference?
    • will there be updates and continuoed development (Canidio 2022)
  • tokens are mostly financial instruments
  • ... but they don't neatly fit into our existing nomenclature
  • same for issuers, usage, evolution of tokens
  • requires a different "mindset" to understand 

Three Examples of Exploits

Cream Finance

  • attacker donated $10M of token to a trading mechanism
  • changes the exchange rate from 1:1 to 2:1
  • extract 130M by borrowing against non-existent collateral

PBS attack

  • certain arbitrage algos are designed to front-run trades ("sandwich attacks")
  • attacker pretended there was a front-runnable trade but made the block header invalid
  • allowed to view front-runners which they then front-ran to extract $25M

Balancer Rounding Error

  • Solidity code rounds down when it shouldn't.
  • Convinced the pool that there were fewer tokens than there were \(\to\) low price
  • extract $113M tokens at low price
  • The issue is only arises for very small transactions.
  • But exploit works when applied at scale (many small round-down transactions)
  • attacks very subtle
  • hard to anticipate every scenario and combination of scenarios
  • attacks happen with immense scale and incredibly quickly

What can we do to prevent exploit? What are common fault lines? 

  • do transfers work under all circumstances
    • edge cases matter
  • reliance on oracles
    • use price and input from other sources
    • oracles can be manipulated
  • applications may be used by others in unexpected ways
    • flash-loan attacks
    • unobserved risks created by users (Morpho)
  • smart contract code of other applications that you rely on may change
    • Morpho v. AAVE

What is so special about "auditing" smart contracts?

  • software code reviews and standards are nothing new
  • cyber-attacks happen everywhere
  • ... yet blockchain is different
  • Cyber-attack: indirect cost
    • loss of data
    • loss of secrets
    • abuse of information
  • Blockchain exploit:
    • direct loss of funds of customers/users
    • often irretrievable
    • no accountability, no recourse
    • no ability of courts or regulators to order return of funds

The cyber-attack \(-\) code-review  problem

known
knowns

unknown
knowns

known
unknowns

unknown
unknowns

develop "processes"

get
outside
help

code review space

  • write the code as well as you can before you deploy
  • code audit verifies that you
    • followed the right procedure
    • made no obvious error
  • you lacked full expertise and missed important checks
  • code audit identifies the issue and allows you to fix them
  • you know that problems can arise in the future but you don't know  what might happen
  • you build-in safeguards
  • you get caught off-guard by problems that you didn't think would be a problem
  • you need out-of-the-box thinking

This Paper: The Code Review Decision

July 31, 2025: "today I am announcing the launch of “Project Crypto”—a Commission-wide initiative to modernize the securities rules and regulations to enable America’s financial markets to move on-chain."

Overall View

  • code reviews/audits will become a major topic in the policy debate and will grow in importance over the next decade as finance moves on-chain
  • many important questions and we haven't scratched the surface
    • standards, processes, what level of resilience, accountability, by whom to whom, legality
  • this is a very nice, well-developed paper with enormous data work
  • captures important questions  about code-reviews
  • very clear about endogeneity concerns but still worthwhile
  • this will attract hundreds of citations and become a reference-text

  1. Code Review Decision

    • Who asks for code review?
    • What type of review?
      • Centralized firm? What level of reputation?
      • Decentralized “bounty” system?

  2. Audit Effectiveness

    • Do audits reduce the likelihood or severity of future security breaches?

  3. Post-Breach Responses

    • How do developers and auditors react after hacks?
    • Effects on auditor reputation and market share?

Research Questions

When do you do the review? Circumstances may matter

before launch

  • brand-new
  • updated version (v1\(\to\)v2 etc)

bad things have just happened to others

after launch

bad things happen to others

bad things happen to you

What kind of code review?

worry about

  • participation incentive
  • sufficient competition (may discover problem and exploit in future)

decentralized "bounty" program

code audit firm

high repuation (and pricey)

unknown (but cheap)

1. Audit Demand

  • Who seeks audits?
    • oracles, bridges, cross-chain designs, lending logic.
  • Top tier
    • Larger and more visible protocols.
  • Ex exploit
    • Systemic hacks increase demand for high-reputation audits.

Main Findings Part 1: Audit Demand

Main Findings - some niggles

  • many co-variates have a hindsight feel and create look-ahead bias
    • "vulnerability" is  ex-post proven
      • "novel" vs anticipated exploit?
      • \(\to\) after Balancer, we could now add AMMs to the list
      • Can you find contemporaneous measures like documentation flags, omissions in prior year? 
    • "larger" =TVL is ex post & hard to separate from audit 
      • use revenue projections, testnet activity, intended fundraising $$
  • Log_raised and listed are likely correlated
    • Binance listings are very expensive (>$1M in early 2020s)
    • \(\to\) need to be well-funded
  • Github commits
    • See Daniel's other work on code-washing

variable I'd like to see:

  • many projects copy extensively from one another
  • could over-attribute exploits to low-tier reviewers
  • use code originality or fork lineage
  • Naive average:
    • audits do not reduce hack probability.
  • Correcting for selection
    • top-tier and decentralized (bounty) audits are associated with fewer and smaller losses.

Main Findings: Audit Effectiveness

small niggle:

  • It looks like "reviewed" first order stochastically dominates "not-reviewed" for the first 2 years post review
  • means that audited protocols "survive" longer without a hack

what I'd like to see:

  • Can you plot the unconditional distribution (plots the cumulative hacked fraction)?

decentralized "bounty" program

code audit firm

high repuation (and pricey)

unknown (but cheap)

More niggles: Audit Effectiveness

  • a project can obtain reviews from all three categories
  • Many top-tier auditors also run or sponsor bounty programs:

    • CertiK operates Skynet (continuous monitoring) and public “leaderboards.”

    • Hacken and Quantstamp co-list clients on Immunefi.

    • PeckShield routinely posts live vulnerability findings on social media.

  • \(\Rightarrow\) top-tier itself comes with bounty program
  • bounty programs can also serve a separate purpose: publicity!
  • so bounty programs are
    • signalling and
    • monitoring
  • Can you decompose that?
  • Hacked protocols:
    • upgrade auditors or
    • add bounty programs.
  • Auditors implicated in hacks
    • lose about 4 pp of market share short-term, but usually recover.
    • Strong, visible crisis management mitigates reputational damage.

Main Findings: Post Breach Effects

key ingredient are systemic risk events

  • plausible selection!
  • all infrastructure related - everyone with similar architecture affected
  • focus on bridge & oracle issues
  • plausibly exogenous to other protocols
  • highly visible and discussed

Niggles on Post Breach Effects

  • narrow definition which may miss sector-specific risks
    • lending: Cream Finance, bZx, Mango
    • stablecoins: Terra-Luna
    • Governance/DAO: Beanstalk
  • high alignment of treatment with oracle/cross-chain risk group \(\to\) overstate generalizability?
  • could lead to under-identification, or capture some spurious correlation

Last words: it's still early ...

The view of blockchain, Crypto, and DeFi according to "some"

crazy internet money with no value

a vehicle to create unlimited crazy internet money

utility
tokens

DAOs

NFTs

Meme

other crazy
 money

alternative vehicles for vaporware

History of Crypto and Blockchain how I'd like you to see it

single-purpose digital money

general purpose platform

DeFi applications

alternative digital money

alternative smart contract platforms

scaling solutions and higher level (d)apps

money applications

Timeline of DeFi Development vs. Rest of World's Understanding

2008/9

single-purpose blockchain

2014/5

general-purpose network

2017/8

2017/8

stablecoins on Ethereum

2020/1

"simple" finance applications

DAOs

financial engineering

2023/4/5

  • this is where policy is today
  • also asset pricing :p

\(t-8\) 

  • microstructure
  • corporate finance

\(t-3\) 

treat the blockchain world as a serious attempt to make finance better, more efficient, more competitive, cheaper, faster

The Bottom Line: Crypto is ...

  1. A crazy world of vaporware, gambling, scams, fraud, rug-pulls, money laundering, Bitcoin-crazy nutters, Fartcoin, Hawk-Tuah Tokens
     
  2. A serious attempt to make finance better, more efficient and remove frictions, more competitive, cheaper, faster

Risk and Complexity Covariates

Protocol Design Risk

  • ORACLE — uses external data feeds (price oracles)
    ↳ single-point-of-failure and manipulation exposure
  • BC_CROSSCHAIN — deployed across multiple blockchains
    ↳ bridge and interoperability vulnerabilities
  • IND_LENDING — lending or collateralized protocols
    ↳ complex liquidation logic, oracle reliance
  • log_Staking — total assets staked at launch
    ↳ more user funds at risk → higher assurance demand

Scale / Exposure

  • log_TVL — total value locked (day-one deposits)
    ↳ proxy for protocol scale and visibility
    (measured ex post; potentially endogenous)

Governance / Transparency

  • DAO — decentralized governance structure
    ↳ multiple stakeholders, monitoring incentives
  • GITHUB, log_Commits — public code repository and activity
    ↳ indicator of open development and code complexity

Auditing Smart Contracts

By Andreas Park

Auditing Smart Contracts

  • 8

More from Andreas Park