Is ShibaSwap safe? DeFi Safety review gives it a score of just 3%

Published at: July 8, 2021

July 11: Updated to include the results of Certik's audit of the platform and DeFi Safety's subsequent upgrade of the rating to 35%.

Despite the immediate success of dog-themed decentralized exchange ShibaSwap, there are warnings that the DEX’s liquidity providers are throwing capital into an opaque protocol of questionable security.

Building on the popularity of their Doge-style token, Shiba Inu (SHIB), amid the Elon Musk-stoked dog-token trading frenzy, the coin’s developers launched their DEX with enticing yield incentives for liquidity providers on Tuesday.

Within 24 hours of launching, the protocol had amassed a total value locked (TVL) of more than $1 billion.

On Wednesday, platform reviewer DeFi Safety published a report on ShibaSwap, scoring the protocol at just 3%, far below the 70% level the site considers a pass.

Describing the score as “a devastating fail,” DeFi Safety failed ShibaSwap on all but two of its 22 review criteria, with the protocol scoring 30% for the clarity of information provided in its white paper.

The review’s author is Rex Hygate, the founder of SecuEth and Caliburn Consulting. He highlighted ShibaSwap’s anonymous team, lack of transparency and documentation and pointed to the fact there is no public software repository, development history, or way to test the code.

ShibaSwap is up with a devastating 3% score. If you are looking for a prime example of what absolute negligence looks like in a protocol, look no further than this. Zero Transparency. You are putting your money in a black hole. https://t.co/dUzU0vvCHW @ChrisBlec @ShibArmy #DeFi pic.twitter.com/QG3ykYakdt

— DeFi Safety (@DefiSafety) July 7, 2021

The platform has since undergone an audit by Certik, which has worked with Crypto.com, Ontology and Neo, among others. The audit found eight major issues which it provided advice to the team and marked as resolved. Many of the centralization issues were resolved through the implementation of a six of nine multisig.

Following the release of Cerik's audit, DeFi Safety upgraded the rating to 35%, with biggest improvements in the 'Security' rating which scored 79% and 'Access Controls' whichincreased to 57%.

On Wednesday, Solidity developer Joseph Schiarizzi posted an article warning that ShibaSwap’s staking contract had been under the control of just a single address for most of its first day of operation.

While ShibaSwap has since updated the contract to a multi-signature account requiring six of nine Safe Owners to agree on transactions before they can be executed, Schiarizzi warns that each of the addresses may be under the control of a single entity:

“Multiple of these Safe Owners are new accounts with 0 transactions and no ETH, so they are most likely just place holders for the ShibaSwap devs who can agree easily to call any owner only function on the staking contract.” 

Schiarizzi emphasized the risks associated with the staking contract’s migrate function being under the control of a single entity, identifying that the contract owners “can simply deploy a new migrator contract which sends themselves all the LP tokens.”

DeFi Watch analyst Chris Blec shared Schiarizzi’s warnings about ShibaSwap’s security risks to his 22,000 followers and highlighted the DeFi Safety review.

⚠️ Yesterday, it was noticed that all funds in ShibaSwap could be drained by 1 Ethereum account.ShibaSwap then switched ownership to a new Gnosis multisig with unknown signers & fresh addresses.The problem: it's possible to create a multisig and own all the keys yourself. pic.twitter.com/wSN1yOB2Qn

— Chris Blec (@ChrisBlec) July 7, 2021
Tags
Altcoin
Cryptocurrency Exchange
Decentralized Exchange
Related Posts
Uniswap moves closer to a new five million UNI airdrop
The second-ever governance proposal for the Uniswap decentralized exchange (DEX) is more than halfway to reaching a quorum with a little over 30 hours to go. If passed, the proposal will see 12,619 wallet addresses that interacted with Uniswap via a proxy contract receive 400 UNI tokens each. 5.05 million UNI in total will be allocated to the users of MyEtherWallet, Argent, Dharma, DeFi Saver, Nuo, Eidoo, Opyn, Furucombo, Monolith, and Rebalance. The proposal was put forward by Compound-based lending and savings protocol Dharma, who claimed its users felt “left out” by the initial distribution. The cohort of proxies were …
Technology / Oct. 30, 2020
Here are 6 DEX tokens that have seen exponential growth in 2021
DeFi has steadily grown in prominence over the past year thanks in large part to the strong foundations established by decentralized exchanges (DEX) that enable easy access to the latest tokens and projects. While there have been previous iterations of DEX user interfaces, such as IDEX or Etherdelta, it wasn’t until Uniswap launched that trading in the DeFi network really took off and facilitated the launch of the finance tokens. Here are six of the top-performing tokens in the decentralized finance sector. UNI/USDT Uniswap has risen from the humble beginnings of a simple user interface that allowed for a token …
Markets / Feb. 27, 2021
3 reasons why Theta price hit a new all-time high at $3.49
The sustained bullish performance from Bitcoin (BTC) and Ether (ETH) has increased the confidence of crypto investors and many are now looking deeper into projects that have strong fundamentals and offer real-world use cases. This week investors turned their attention to Theta (THETA), a decentralized network that allows users to share bandwidth and computing resources in order to stream video. In the last two months THETA price has increased by more than 350%, rallying from $0.66 on Dec.10 to a new all-time high of $3.44 on Feb.13. Three reasons for Theta’s recent price growth include the project’s plan to engage …
Blockchain / Feb. 14, 2021
Spike in DeFi lending pushes Compound (COMP) price to a new high at $570
As Bitcoin and numerous altcoins surge toward new all-time highs, traders who are coin rich but cash poor are increasingly flocking to decentralized finance lending platforms where they can collatoralize their holdings to raise funds for new investments. Compound is one of the leading DeFi lending platforms and over the past month its TVL and governance token price has rallied to new highs. Compound, which ranks third among DeFi lending protocols, has $4.55 billion worth of assets locked on the platform and its COMP governance token has doubled in value over the past week. Currently COMP trades for $566, a …
Markets / Feb. 12, 2021
Is asymmetric information driving crypto’s wild price swings?
It has long been believed that investors possessing inside knowledge help drive cryptocurrencies’ price volatility, and a number of academic papers have been published on this topic. This is why Coinbase’s intention to regularly publish in advance a catalog of tokens being assessed for listing on its prominent trading platform is noteworthy. Coinbase’s plans, announced in an April 11 blog along with 50 crypto projects “under consideration” for Q2 2022, could help tamp down the pervasive speculation that surrounds small-cap tokens. Meanwhile, this can help alleviate industry concerns about “information asymmetry,” which typically occurs when one party to a transaction …
Blockchain / April 18, 2022