Difference between revisions of "Beefy Finance (BIFI)"

From CryptoWiki

m (1 revision imported)
Line 7: Line 7:


==History==
==History==
== Audits & Exploits ==
*[[Bug bounty]] program was announced for early May, but never launched ([https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits 18-6-2021]). Update (28-3-2022): This protocol offers an active bug bounty of [https://immunefi.com/bounty/beefyfinance/ $75K].
*Scored 79% on [[DeFi Safety]] (28-3-2022):
''"Beefy documents no software architecture. While some [[yield farming]] diagrams are documented, they relate to fee programs and not specific [[contracts]] and how they interact with each other. On a strategy level, there is no clear documentation relating to how they operate. No test report is documented in their [[GitHub]] repository. Beefy has not undergone formal verification. Beefy has undergone multiple audits. These were [https://github.com/beefyfinance/beefy-audits post deployment]. Their first "audit" was not an audit - it is a smart [[contract]] analysis. Their second and third audit was conducted by [[CertiK]]. Beefy uses V6 vaults - the most recent audit had V4 vaults in scope. Nevertheless, given the highly fluid nature of yield aggregator contract deployment, we will award points for this. Still, it is time to update these audits or even enter into a continual audit agreement with a firm."''
*Previously [https://defisafety.com/2021/06/18/beefy-finance/ scored] a 53% (18-6-2021): ''"[[CertiK (CTK)|Certik]] did a Beefy.Finance [https://github.com/beefyfinance/beefy-audits/blob/master/2021-05-11-Beefy-CertiK-Preeliminary-Comments.pdf preliminary comments audit] on May 11th 2021. [[Certik]] did a [https://github.com/beefyfinance/beefy-audits/blob/master/2021-03-05-Beefy-CertiK-Final-For-Beefy-Contracts.pdf security assessment] on Beefy.Finance [[Smart Contract (SC)|contracts]] on March 5th 2021. DefiYield did a Beefy.Finance [https://github.com/beefyfinance/beefy-audits/blob/master/2020-12-10-defiyield-beefyfinance.pdf audit] on December 10th 2021. Beefy.Finance was launched on September 16th 2020. Note: Changes in 2nd audit were implemented before deployment."'' With the [https://t.me/c/1453353094/3474 comment]:  ''"It should be higher except like so many [[Binance]] no sfw docs 0 tests. I am sure these guys have this stuff privately. Share, please. And do your edits in a repo people can see."''
===Bugs/Exploits===
== Governance ==
===Admin Key===
* [https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits From] [[DeFi Safety]] (28-3-2022):
''"The relevant contracts are identified as [[immutable]]. All vaults / strategies are immutable. Beefy does not use a pause control because it is immutable. This protocol has some [[timelock]] [https://docs.beefy.finance/safu-protocol/contracts-and-timelocks#timelocks documentation] which can be found at this location. Each relevant contract is identified. There is a justification as to why 6 hours was chosen."''
*[https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits From] [[DeFi]] Safety (18-6-2021):
''"All contracts are immutable as [https://docs.beefy.finance/beefyfinance/faq/products/strategies described]. Pause control not documented or explained."''
===DAO===
===Treasury===
==Token==
==Token==
===Launch===
===Launch===
Line 16: Line 37:
==Technology==
==Technology==


*[[Whitepaper]] can be found [insert here].
*[[Whitepaper]] can be found [https://docs.beefy.finance/ here].
*Code can be viewed [insert here].
*Code can be viewed [https://github.com/beefyfinance here]. [https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits From] [[DeFi Safety]] (28-3-2022):
''"At 810 commits at 74 branches, this development history has been around since before the cows came home."''


===Implementations===
===Implementations===


*Built on: [[Binance|BSC]] and [[Fuse Network (FUSE)|Fuse]] ([https://medium.com/fusenet/fuse-partners-with-beefy-finance-to-improve-defi-yields-for-users-fefd2601acef 11-1-2022]).
*Built on: [[Binance|BSC]] and [[Fuse Network (FUSE)|Fuse]] ([https://medium.com/fusenet/fuse-partners-with-beefy-finance-to-improve-defi-yields-for-users-fefd2601acef 11-1-2022]). According [https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits to] [[DeFi Safety]] (28-3-2022): [[Arbitrum]], [[Avalanche (AVAX)|Avalanche]], [[Celo (CELO)|Celo]], [[Crypto.com / Cronos (CRO)|Cronos]], [[HECO]], [[Moonbeam|Moonriver]], [[Polygon (MATIC)|Polygon]], [[Aurora (EVM on NEAR)|Aurora]], [[Harmony (ONE)|Harmony]], [[Moonbeam (GLMR) & Moonriver (MOVR)|Moonbeam]] and [[Metis (METIS)|Metis]] as well.


===How it works===
===How it works===
===Fees===
===Upgrades===
===Staking===
===Staking===
====Validator Stats====
====Validator Stats====
Line 30: Line 54:
===Interoperability===
===Interoperability===
===Other Details===
===Other Details===
==Privacy Method==
==Compliance==
==Oracle Method==
==Oracle Method==
==Their Other Projects==
==Governance==
===Admin Key===


* [https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits From] [[DeFi Safety]] (18-6-2021):
* [https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits From] [[DeFi Safety]] (28-3-2022):


''"All contracts are immutable as [https://docs.beefy.finance/beefyfinance/faq/products/strategies described]. Pause control not documented or explained."''
''"Beefy does not use an [[oracle]], and this is stated and explained in this [https://docs.beefy.finance/safu-protocol/contracts-and-timelocks#oracles location]. This protocol documents no [[Frontrunners|front running]] mitigation techniques in their strategies. Beefy is not usceptible to [[Flash Loan|flashloan]] attack, and this is explained in their [https://docs.beefy.finance/safu-protocol/contracts-and-timelocks#oracles documentation]."''


===DAO===
==Compliance==
===Treasury===
==Their Other Projects==
==Upgrades==
==Roadmap==
==Roadmap==


*Can be found [Insert link here].
*Can be found [Insert link here].
==Audits==
*[[Bug bounty]] program was announced for early May, but never launched ([https://docs.defisafety.com/finished-reviews/beefy.finance-process-quality-review#audits 18-6-2021]).
*[https://defisafety.com/2021/06/18/beefy-finance/ Scored] a 53% on [[DeFi Safety]] (18-6-2021): ''"[[CertiK (CTK)|Certik]] did a Beefy.Finance [https://github.com/beefyfinance/beefy-audits/blob/master/2021-05-11-Beefy-CertiK-Preeliminary-Comments.pdf preliminary comments audit] on May 11th 2021. Certik did a [https://github.com/beefyfinance/beefy-audits/blob/master/2021-03-05-Beefy-CertiK-Final-For-Beefy-Contracts.pdf security assessment] on Beefy.Finance [[Smart Contract (SC)|contracts]] on March 5th 2021. DefiYield did a Beefy.Finance [https://github.com/beefyfinance/beefy-audits/blob/master/2020-12-10-defiyield-beefyfinance.pdf audit] on December 10th 2021. Beefy.Finance was launched on September 16th 2020. Note: Changes in 2nd audit were implemented before deployment."'' With the [https://t.me/c/1453353094/3474 comment]:  ''"It should be higher except like so many Binance no sfw docs 0 tests. I am sure these guys have this stuff privately. Share, please. And do your edits in a repo people can see."''
===Bugs/Exploits===
==Usage==
==Usage==
===Projects that use or built on it===
===Projects that use or built on it===
Line 60: Line 71:
===Pros===
===Pros===
===Cons===
===Cons===
==Team, Funding, Partnerships, etc.==
==Team, Funding, Partners==
===Team===
===Team===


Line 72: Line 83:
Making these free wiki pages is fun but takes a lot of effort and time.
Making these free wiki pages is fun but takes a lot of effort and time.


If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.
If you have enjoyed reading, tips are appreciated :) This will help us to [[keep]] expanding this archive of information.


[[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31
[[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31

Revision as of 07:52, 4 August 2022

Basics

History

Audits & Exploits

  • Bug bounty program was announced for early May, but never launched (18-6-2021). Update (28-3-2022): This protocol offers an active bug bounty of $75K.
  • Scored 79% on DeFi Safety (28-3-2022):

"Beefy documents no software architecture. While some yield farming diagrams are documented, they relate to fee programs and not specific contracts and how they interact with each other. On a strategy level, there is no clear documentation relating to how they operate. No test report is documented in their GitHub repository. Beefy has not undergone formal verification. Beefy has undergone multiple audits. These were post deployment. Their first "audit" was not an audit - it is a smart contract analysis. Their second and third audit was conducted by CertiK. Beefy uses V6 vaults - the most recent audit had V4 vaults in scope. Nevertheless, given the highly fluid nature of yield aggregator contract deployment, we will award points for this. Still, it is time to update these audits or even enter into a continual audit agreement with a firm."

  • Previously scored a 53% (18-6-2021): "Certik did a Beefy.Finance preliminary comments audit on May 11th 2021. Certik did a security assessment on Beefy.Finance contracts on March 5th 2021. DefiYield did a Beefy.Finance audit on December 10th 2021. Beefy.Finance was launched on September 16th 2020. Note: Changes in 2nd audit were implemented before deployment." With the comment: "It should be higher except like so many Binance no sfw docs 0 tests. I am sure these guys have this stuff privately. Share, please. And do your edits in a repo people can see."

Bugs/Exploits

Governance

Admin Key

"The relevant contracts are identified as immutable. All vaults / strategies are immutable. Beefy does not use a pause control because it is immutable. This protocol has some timelock documentation which can be found at this location. Each relevant contract is identified. There is a justification as to why 6 hours was chosen."

"All contracts are immutable as described. Pause control not documented or explained."

DAO

Treasury

Token

Launch

Token Allocation

Utility

Other Details

Stablecoin

Coin Distribution

Technology

"At 810 commits at 74 branches, this development history has been around since before the cows came home."

Implementations

How it works

Fees

Upgrades

Staking

Validator Stats

Liquidity Mining

Scaling

Interoperability

Other Details

Oracle Method

"Beefy does not use an oracle, and this is stated and explained in this location. This protocol documents no front running mitigation techniques in their strategies. Beefy is not usceptible to flashloan attack, and this is explained in their documentation."

Compliance

Their Other Projects

Roadmap

  • Can be found [Insert link here].

Usage

Projects that use or built on it

Competition

Pros and Cons

Pros

Cons

Team, Funding, Partners

Team

  • Full team can be found [here].

Funding

Partners

(:

Knowledge empowers all and will help us get closer to the decentralised world we all want to live in!

Making these free wiki pages is fun but takes a lot of effort and time.

If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.

ETH tip address: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31

Also check out CoinTr.ee for more content.