Difference between revisions of "Tulip Protocol (TULIP)"

From CryptoWiki

(Created page with " ==Basics== *Based in: *Started in / Announced on: *Testnet release: *Mainnet release: ==History== ==Audits & Exploits== *Tulip [https://www.defisafety.com/pqrs/382 does not] offer an official Bug Bounty program (23-3-2022). *Scored [https://www.defisafety.com/pqrs/382 45%] on DeFi Safety (23-3-2022): ''"Tulip is unaudited. Due to there being a complete lack of software functions within the Tulip documentation, there cannot be any traceability...")
 
Line 10: Line 10:
*Scored [https://www.defisafety.com/pqrs/382 45%] on [[DeFi Safety]] (23-3-2022):
*Scored [https://www.defisafety.com/pqrs/382 45%] on [[DeFi Safety]] (23-3-2022):
''"Tulip is unaudited. Due to there being a complete lack of software functions within the Tulip documentation, there cannot be any traceability to its source code. No public test report of Tulip exists. Tulip has not undergone formal verification."''
''"Tulip is unaudited. Due to there being a complete lack of software functions within the Tulip documentation, there cannot be any traceability to its source code. No public test report of Tulip exists. Tulip has not undergone formal verification."''
With the [https://t.me/c/1453353094/7970 comment]:
''"As the team was very responsive to our communicative efforts, it quickly became apparent that Tulip values closed-source software. At 45%, this is the main aspect that hinders their score. Paired with unaudited code, Tulip's software practices may be a dealbreaker for some.''
''Nonetheless, with our guidance, the team has made noticeable improvements to their documentation. Most notably, they now clearly detail the extensively mutable nature of their [[smart contracts]] and their MultiSig/BPFLoader ownership. This transparency is certainly encouraging. Additionally, a previous lack of public smart [[contract]] [[addresses]] has been resolved, and they are now all readily available. All of these noticeable improvements demonstrate the team's willingness to become more transparent to their users, and this gives us hope for future developments.''
''However, the main caveat remains Tulip's closed-source software. If the protocol wants to further improve its process quality and transparency, it will no doubt have to sacrifice privacy and instead opt for an [[Open Source|open-source]] future. This is paramount not only for security, but also for traceability."''


===Bugs/Exploits===
===Bugs/Exploits===
Line 58: Line 66:
==Their Other Projects==
==Their Other Projects==
==Roadmap==
==Roadmap==
*Can be found [Insert link here].
*Can be found [Insert [[LINK|link]] here].
==Usage==
==Usage==
===Projects that use or built on it===
===Projects that use or built on it===

Revision as of 09:18, 11 April 2022

Basics

  • Based in:
  • Started in / Announced on:
  • Testnet release:
  • Mainnet release:

History

Audits & Exploits

"Tulip is unaudited. Due to there being a complete lack of software functions within the Tulip documentation, there cannot be any traceability to its source code. No public test report of Tulip exists. Tulip has not undergone formal verification."

With the comment:

"As the team was very responsive to our communicative efforts, it quickly became apparent that Tulip values closed-source software. At 45%, this is the main aspect that hinders their score. Paired with unaudited code, Tulip's software practices may be a dealbreaker for some.

Nonetheless, with our guidance, the team has made noticeable improvements to their documentation. Most notably, they now clearly detail the extensively mutable nature of their smart contracts and their MultiSig/BPFLoader ownership. This transparency is certainly encouraging. Additionally, a previous lack of public smart contract addresses has been resolved, and they are now all readily available. All of these noticeable improvements demonstrate the team's willingness to become more transparent to their users, and this gives us hope for future developments.

However, the main caveat remains Tulip's closed-source software. If the protocol wants to further improve its process quality and transparency, it will no doubt have to sacrifice privacy and instead opt for an open-source future. This is paramount not only for security, but also for traceability."

Bugs/Exploits

Governance

Admin Keys

"Tulip's Admin Control information can easily be found in their documentation. All of Tulip's listed smart contracts are upgradeable through the BPFLoader. Tulip mentions the existence of their MultiSig here. Tulip does not document the existence of a pause control or similar functions. Tulip does not have a timelock."

DAO

Treasury

Token

Launch

Token Allocation

Utility

Other Details

Stablecoin

Coin Distribution

Technology

"Although Tulip has a public software repository, it is filled with forks and their own SDK. They seem to keep their own smart contracts under a private repo."

Implementations

  • Built on: Solana
  • Programming language used:

Transaction Details

How it works

Fees

Upgrades

Staking

Validator Stats

Liquidity Mining

Scaling

Interoperability

Other Details

Oracle Method

"Tulip details their use of Chainlink oracles. Tulip mitigates front running possibilities via its Chainlink oracle implementation. Tulip is flash loan resistant due to its Chainlink oracle implementation."

Privacy Method

Compliance

Their Other Projects

Roadmap

  • Can be found [Insert link here].

Usage

Projects that use or built on it

Competition

Pros and Cons

Pros

Cons

Team, Funding and Partners

Team

  • Full team can be found [here].
  • From DeFi Safety (23-3-2022): Tulip's team is not public.

Funding

Partners

(:

Knowledge empowers all and will help us get closer to the decentralized world we all want to live in!

Making these free wiki pages is fun but takes a lot of effort and time.

If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.

ETH tip address: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31