GateKeeper Audit
The GateKeeper contract interacts with ERC20 tokens and includes functionalities for whitelisting users, transforming tokens between two forms (QUESO to xQUESO and back), applying fees, and enforcing cooldown periods. Here’s a breakdown of the contract’s design and potential areas of concern:
Security and Design Review
Use of SafeERC20 Library: This is a good practice that helps prevent issues with ERC20 tokens that do not return a boolean value. It ensures that token transfers, approvals, and other interactions are handled safely.
Reentrancy Protection: The contract uses ReentrancyGuard for functions that involve external calls to prevent reentrancy attacks. This is crucial for functions like transformQUESOToXQUESO, transformXQUESOToQUESO, whitelistUserAndSpendWPLS, and their "noBurn" variants.
Pausable Functionality: Incorporating Pausable allows the contract owner to pause and unpause the contract, adding an extra layer of control in case of emergencies.
Burritos.Cash Response: This is designed to disable the need for a user to be whitelisted if the project were to take off and if for some reason the project regulation wise needed to not require WPLS, this would be turned off. You never know what could change. The contract is not upgradable so this is there just in case it's ever needed. It does not stop any of the other parts of the functionality though.
Fee Management: The contract allows setting a transformation fee percentage, which is applied when users transform QUESO to xQUESO or vice versa. This fee is transferred to a specified feesAddress. Ensuring that this fee percentage and address are managed transparently and responsibly is important.
Burritos.Cash Response: This is in place to protect the price of xQUESO so users can't enter and exploit the price via daily yield (aka: melts).
Cooldown Mechanism: To prevent abuse of the transformation mechanism (e.g., to game the fee system or manipulate token supply), a cooldown period is enforced between transformations for each user. This is a good practice to regulate the frequency of such operations.
Burritos.Cash Response: This is in place in case the fees are ever zero'd out, the cool down period could still protect the price from explotation of yield.
Whitelisting and WPLS Spending: Users can be whitelisted either by spending a minimum amount of WPLS tokens or through manual whitelisting by the owner. This dual approach offers flexibility but requires careful management to ensure fairness and security.
Burritos.Cash Response: This is designed to allow any wallet to be whitelisted forever as long as they deposit the minimum amount of required WPLS to be turned into LP and then be burnt. This is to benefit the entire protocol and all three tokens: BRC, SALSA, & QUESO.
This whitelist feature gets renounced when the contract gets renounced. It can also be paused if ever needed to open the gates to everyone.
Burn Functionality: The contract periodically sends accumulated QUESO and xQUESO to a burn address. This mechanism is intended to reduce the token supply and potentially increase its value. However, the decision to burn tokens should be made with clear governance or policy guidelines.
Potential Concerns and Recommendations
Centralization Risks: The contract has several owner-only functions that control critical aspects of the contract, such as fee percentages, cooldown periods, and pausing/unpausing the contract. It's important to have transparent governance or a decentralized mechanism to manage these powers in the long term.
Burritos.Cash Response: This is necessary in order to run the project as intended and protect the inflation via yield amounts.
Fee Percentage Limit: The fee percentage is limited to a maximum of 3%, which is reasonable to prevent exorbitant fees. However, the community or stakeholders should have a say in how these fees are determined and used.
Burritos.Cash Response: This is to instill trust with users that there won't ever be a case where they convert to xQUESO, and then the worst case scenario were to happen where the fee would be increased to 100%, they would lose all of their funds. This proves that it's impossible to ever do that. Hence, a 3% fee which helps control the returns that falls right in line with the max amount of yield that xQUESO can provide.
Cooldown Period Management: The cooldown period is a sensitive parameter that can significantly impact user experience and token economics. Changes to this parameter should be communicated clearly to users.
Burritos.Cash Response: This is only in place to be optional if ever needed, if fees are ever eliminated, there still needs to be a way to prtoect the project from yield explotiation. This could set a time limit on how often a user can flow between QUESO / xQUESO (ex: 24 hours).
Token Burn Mechanism: Automatically burning tokens can be a powerful tool for managing supply but requires clear communication about when and why burns occur. Consider implementing a governance process for making these decisions.
Security of External Calls: While SafeERC20 mitigates risks associated with token interactions, always be cautious about interactions with other contracts or tokens. Ensure that the contracts for queso, xqueso, and wpls are secure and audited.
Contract Upgradeability: The contract does not appear to be upgradeable.
Compliance and Regulatory Considerations: Depending on the jurisdictions involved, there may be regulatory considerations related to the whitelisting process, token burns, and the transformation mechanism.
Made possible by AI.
Last updated