• Total Prize Pool: $60,500 USDC
  • HM awards: $37,500 USDC
  • QA report awards: $5,000 USDC
  • Gas report awards: $2,500 USDC
  • Bot race awards: $5,000 USDC
  • Judge awards: $6,000 USDC
  • Lookout awards: $4,000 USDC
  • Scout awards: $500 USDC
• Join C4 Discord to register
• Submit findings using the C4 form
• Read our guidelines for more details
• Starts May 03, 2023 20:00 UTC
• Ends May 11, 2023 20:00 UTC

Automated findings output for the contest can be found here.

Note for C4 wardens: Anything included in the automated findings output is considered a publicly known issue and is ineligible for awards.

The Ajna protocol is a non-custodial, peer-to-peer, permissionless lending, borrowing and trading system that requires no governance or external price feeds to function. The protocol consists of pools: pairings of quote tokens provided by lenders and collateral tokens provided by borrowers. Ajna is capable of accepting fungible tokens as quote tokens and both fungible and non-fungible tokens as collateral tokens.

• Twitter
• Website
• Business Logic recording
• Whitepaper
• Ajna Technical Spec
• ELI5
• Technical Diagrams Pools
• Technical Diagrams Grants

• @base64-sol/base64.sol
  • ajna-core/src/libraries/external/PositionNFTSVG.sol
• @clones/Clone.sol
  • ajna-core/src/base/Pool.sol
• @clones/ClonesWithImmutableArgs.sol
  • ajna-core/src/ERC20PoolFactory.sol
  • ajna-core/src/ERC721PoolFactory.sol
• @openzeppelin/contracts/interfaces/IERC1271.sol
  • ajna-core/src/base/PermitERC721.sol
• @openzeppelin/contracts/security/ReentrancyGuard.sol
  • ajna-core/src/PositionManager.sol
  • ajna-core/src/RewardsManager.sol
  • ajna-core/src/base/Pool.sol
• @openzeppelin/contracts/token/ERC20/ERC20.sol
  • ajna-core/src/PositionManager.sol
• @openzeppelin/contracts/token/ERC20/IERC20.sol
  • ajna-core/src/ERC20Pool.sol
  • ajna-core/src/PositionManager.sol
  • ajna-core/src/RewardsManager.sol
  • ajna-core/src/base/FlashloanablePool.sol
  • ajna-core/src/base/Pool.sol
• @openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol
  • ajna-core/src/ERC20Pool.sol
  • ajna-core/src/PositionManager.sol
  • ajna-core/src/RewardsManager.sol
  • ajna-core/src/base/FlashloanablePool.sol
  • ajna-core/src/base/Pool.sol
• @openzeppelin/contracts/token/ERC721/ERC721.sol
  • ajna-core/src/PositionManager.sol
  • ajna-core/src/base/PermitERC721.sol
• @openzeppelin/contracts/token/ERC721/IERC721.sol
  • ajna-core/src/RewardsManager.sol
• @openzeppelin/contracts/utils/Address.sol
  • ajna-core/src/base/PermitERC721.sol
• @openzeppelin/contracts/utils/introspection/IERC165.sol
  • ajna-core/src/ERC721PoolFactory.sol
• @openzeppelin/contracts/utils/Multicall.sol
  • ajna-core/src/PositionManager.sol
  • ajna-core/src/base/Pool.sol
• @openzeppelin/contracts/utils/Strings.sol
  • ajna-core/src/libraries/external/PositionNFTSVG.sol
• @openzeppelin/contracts/utils/structs/EnumerableSet.sol
  • ajna-core/src/PositionManager.sol
• @oz/governance/utils/IVotes.sol
  • ajna-grants/src/grants/base/Funding.sol
• @oz/security/ReentrancyGuard.sol
  • ajna-grants/src/grants/base/Funding.sol
• @oz/token/ERC20/ERC20.sol
  • ajna-grants/src/token/AjnaToken.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/extensions/draft-ERC20Permit.sol
  • ajna-grants/src/token/AjnaToken.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/extensions/ERC20Burnable.sol
  • ajna-grants/src/token/AjnaToken.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/extensions/ERC20Votes.sol
  • ajna-grants/src/token/AjnaToken.sol
• @oz/token/ERC20/extensions/ERC20Wrapper.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/extensions/IERC20Metadata.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/IERC20.sol
  • ajna-grants/src/grants/GrantFund.sol
  • ajna-grants/src/grants/base/ExtraordinaryFunding.sol
  • ajna-grants/src/grants/base/StandardFunding.sol
  • ajna-grants/src/token/BurnWrapper.sol
• @oz/token/ERC20/utils/SafeERC20.sol
  • ajna-grants/src/grants/GrantFund.sol
  • ajna-grants/src/grants/base/StandardFunding.sol
• @oz/utils/Address.sol
  • ajna-grants/src/grants/base/Funding.sol
• @oz/utils/math/SafeCast.sol
  • ajna-grants/src/grants/base/ExtraordinaryFunding.sol
  • ajna-grants/src/grants/base/Funding.sol
  • ajna-grants/src/grants/base/StandardFunding.sol
• @prb-math/contracts/PRBMathSD59x18.sol
  • ajna-core/src/libraries/external/PoolCommons.sol
  • ajna-core/src/libraries/external/TakerActions.sol
  • ajna-core/src/libraries/helpers/PoolHelper.sol
• @prb-math/contracts/PRBMathUD60x18.sol
  • ajna-core/src/libraries/external/PoolCommons.sol

- If you have a public code repo, please share it here:
  - [grants](https://github.com/ajna-finance/ajna-grants)
  - [RewardsManager](https://github.com/ajna-finance/ajna-core/blob/main/src/RewardsManager.sol)
  - [PositionsManager](https://github.com/ajna-finance/ajna-core/blob/main/src/PositionsManager.sol)
- How many contracts are in scope?:   3
- Total SLoC for these contracts?:  1191
- How many external imports are there?: 22 
- How many separate interfaces and struct definitions are there for the contracts within scope?:  15 interfaces and 15 structs
- Does most of your code generally use composition or inheritance?:   Inheritance
- How many external calls?:   0
- What is the overall line coverage percentage provided by your tests?:  100
- Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?:   true
- Please describe required context:   It may be helpful for auditors to gain an understanding of how positions manifest themselves as LP inside of the core pool contracts via methods like `addQuoteToken()` to better understand `PositionManager.sol`. Additionally, an understanding of reserve auctions (`kickReserveAuction()` and `takeReserves()`) will assist auditors in understanding and auditing `RewardsManager.sol`. `ajna-grants/src/grants` is relatively self encapsulating.
- Does it use an oracle?:  No
- Does the token conform to the ERC20 standard?:  True -> the Ajna token
- Are there any novel or unique curve logic or mathematical models?: Listed in a whitepaper
- Does it use a timelock function?:  No
- Is it an NFT?: True -> in `PositionManager.sol` one is created of a user's position
- Does it have an AMM?: Swapping exists in the pool contracts but is out of scope for this audit
- Is it a fork of a popular project?:   False
- Does it use rollups?:   
- Is it multi-chain?:  True
- Does it use a side-chain?: False

• Sherlock report
• Trail of Bits report

export ETH_RPC_URL='<RPC_URL_HERE>' && export QUOTE_PRECISION=18 && export COLLATERAL_PRECISION=18 && export BUCKET_INDEX_ERC20=2570 && export BUCKET_INDEX_ERC721=850 && export NO_OF_BUCKETS=3 && rm -Rf 2023-05-ajna || true && git clone https://github.com/code-423n4/2023-05-ajna.git -j8 --recurse-submodules && cd 2023-05-ajna && foundryup -v nightly-87bc53fc6c874bd4c92d97ed180b949e3a36d78c && cd ajna-grants && make test-with-gas-report && cd .. && cd ajna-core && make test-with-gas-report && cd ..

NOTE:

• install foundry by running foundryup -v nightly-87bc53fc6c874bd4c92d97ed180b949e3a36d78c (this version is required due to breaking changes introduced in foundry-rs/foundry#4827)
• Follow instructions in each sub repo -> Make a copy of .env.example and name it .env add the values for
  • ETHERSCAN_TOKEN - required by brownie to verify contract sources
  • WEB3_INFURA_PROJECT_ID - required by brownie to fork chain
  • ETH_RPC_URL - required by forge to fork chain
  • QUOTE_PRECISION - required by invariant tests
  • COLLATERAL_PRECISION - required by invariant tests
  • BUCKET_INDEX_ERC20 - required by invariant tests
  • BUCKET_INDEX_ERC721 - required by invariant tests
  • NO_OF_BUCKETS - required by invariant tests

clone down and cd into the repo

git clone https://github.com/code-423n4/2023-05-ajna.git && cd 2023-05-ajna

cd into sub repo:

cd ajna-grants

To run unit tests:

make tests

To run unit tests with gas report:

make test-with-gas-report

cd into sub repo:

cd ajna-core

To run unit tests:

make test

To run unit tests with gas report:

make test-with-gas-report