Difference between revisions of "Impossible Finance (IF)"

From CryptoWiki

wiki_crypto>Zeb.dyor
(Created page with "==Basics== *Based in: *Started in / Announced on: *Testnet release: *Mainnet release: *Yield farming and fundraising ==History== ==Token== ===Launch=== ===Token...")
 
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[Yield farming]] and fundraising
==Basics==
==Basics==


Line 5: Line 7:
*[[Testnet]] release:
*[[Testnet]] release:
*[[Mainnet]] release:
*[[Mainnet]] release:
*[[Yield farming]] and fundraising


==History==
==History==
== Audits & Exploits ==
*[[Bug bounty]] program can be found [https://immunefi.com/bounty/impossiblefinance/ here] (26-5-2022):
''"Impossible Finance offers an active bug bounty of $94K. In addition, the bounty will also payout 10% of the funds at risk within a found attack vector. If a bug is found that would cause the loss of Impossible's entire [[Total Value Locked (TVL)|TVL]], the whitehat hacker would effectively get paid 10% of Impossible's TVL."''
*Scored [https://www.defisafety.com/app/pqrs/445 94%] by [[DeFi Safety]] (26-5-2022):
''"Impossible's TtC coverage is 174%. However, it is important to note that testing was only found for the launchpad [[contracts]], but not for the staking or trading ones. Nevertheless, Launchpad is Impossible's main offering and it is adequately tested as per our standards. No test for coverage seen. However, Impossible does have some solid Launchpad testing. As such, 50% will be given here. No testing reports/CI found in their repos or "Actions" tab. Impossible Finance has not undergone formal verification.''
''Impossible Finance has been audited multiple times both pre-deployment and post deployment. Audit reports can be found [https://github.com/ImpossibleFinance/audits here]."''
With the [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae comment]:
''"Firstly, the launchpad provider had a decent running start in our core transparency metrics. [[Address|Addresses]] are public and easily found, devs are doxxed, technical documentation was present, and the well-maintained [[Github|GitHub]] contained fully [[Open Source|open-source]] software.''
''However, one thing that was clearly missing was [[Admin Key|admin control]] information. Upon establishing contact with the developers, they worked very hard to produce this important document. It can now be found here: <nowiki>https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae</nowiki>. Secondly, this aforementioned document contains all the high-level information needed to evaluate Impossible Finance's [[admin controls]]. Core contracts are [[immutable]], ownership is through a [[Multi-Signature|MultiSig]], and change capabilities are restricted to trading [[fees]] and [[Whitelist|whitelisting]].''
''Moreover, there is also a breakdown of how Impossible mitigates the risk of [[Frontrunners|front running]] and [[Flash Loan|flash loan]] manipulations. With asymmetric boosts and [[staking]] allocations proportionate to [[stake]] amount held over time, Impossible's mechanisms capitalize on risk mitigation.''
''Lastly, the protocol shows a dedication to security via multiple pre-deployment audits for each protocol deployment and a sizeable [[bug bounty]] that will reward [[Whitehat|whitehats]] with up to 10% of total capital "saved" through attack vector disclosures.''
''In the future, we would love to see Impossible further develop its testing suite with the addition of code coverage and unit tests, detailed testing reports, and a formal verification. We will be monitoring these additions closely and update the report as they are added. All of that to say, Impossible Finance's process quality standards are extremely high. The protocol architecture and security measures were certainly well thought out, and we are looking forward to newer protocols utilizing its innovative launchpad in the future."''
===Bugs/Exploits===
*[https://twitter.com/WatchPug_/status/1406872310368268288 From] [[WatchPug]] (21-6-2021):
''"$0.5M was stolen from Impossible Finance. The hacker made multiple [[swaps]] in a row at about the same price and drained the [[Liquidity Provider (LP)|LP]], which is usually impossible."''
==Governance==
===Admin Key===
* [https://www.defisafety.com/app/pqrs/445 From] [[DeFi Safety]] (26-5-2022):
''"[[Admin Key|Admin control]] information is documented at this [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae location], and can easily be found. Impossible clearly identifies their [[Smart Contract (SC)|smart contracts]] as immutable [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae here]. Ownership is [[Multi-Signature|MultiSig]] and clearly indicated in this [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae location]. Impossible [[smart contracts]] are immutable at the core level, and smart [[contract]] change capabilities are described [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae here] at a granular level. Impossible's core protocol is immutable, but granular parameters such as trading pairs can be paused. Since Impossible is immutable, they have no need for a core [[timelock]]. However, any swap changes incur a [[block]] delay on the [[blockchain]], which effectively act as a time delay for swap upgrades. In addition, Impossible can retrieve funds from the launchpad in the event of an emergency, but this function is initially locked for months. Furthermore, "The admin does not have any ability to be able to take custody of users funds, and that fees also have a max limit of what they can be set to to prevent the [[multisig]] from raising fees to 100% to hurt users or drain any protocol activities."''
===DAO===
===Treasury===
==Token==
==Token==
===Launch===
===Launch===
Line 17: Line 52:
==Technology==
==Technology==


*[[Whitepaper]] can be found [insert here].
*[[Whitepaper]] can be found [https://gateway.pinata.cloud/ipfs/QmSXzevkMPU3z2nZFthEvzdzwpbXDR8Em62XqkKw8g4hTR/Impossible%20Finance%20IDIA%20Official%20Whitepaper.pdf here].
*Code can be viewed [https://github.com/impossiblefinance here].
*Code can be viewed [https://github.com/impossiblefinance here]. [https://www.defisafety.com/app/pqrs/445 From] [[DeFi Safety]] (26-5-2022):
''"At 313 commits and 26 branches, we didn't know a development history like this was possible."''


===Implementations===
===Implementations===


*Built on: [[Binance|BSC]]
*Built on: [[Binance|BSC]], [[Ethereum (ETH)|Ethereum]] and [[Polygon (MATIC)|Polygon]] ([https://www.defisafety.com/app/pqrs/445 26-5-2022]).


===How it works===
===How it works===
===Mining===
===Fees===
===Upgrades===
===Staking===
===Staking===
====Validator Stats====
====Validator Stats====
Line 32: Line 69:
===Interoperability===
===Interoperability===
===Other Details===
===Other Details===
==Privacy Method==
==Oracle Method==
 
* [https://www.defisafety.com/app/pqrs/445 From] [[DeFi Safety]] (26-5-2022):
 
Impossible does not use [[Oracle|oracles]] due to all pool prices being "calculated directly from the supply of [[tokens]] in the swap itself. There are no other [[derivatives]] or price feed reliances in the Impossible Finance ecosystem" that would require a price feed [[oracle]]. The Impossible launchpad does have any time preference, meaning that there are no [[Frontrunners|front-running]] opportunities there. Moreover, the Impossible swap has an asymmetric boost - which reduces slippage due to higher [[liquidity]] parameters. All this information is readily available [https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae here].
 
==Compliance==
==Compliance==
==Oracle Method==
==Their Other Projects==
==Their Other Projects==
==Governance==
===Admin Key===
===DAO===
===Treasury===
==Upgrades==
==Roadmap==
==Roadmap==


*Can be found [Insert link here].
*Can be found [Insert link here].
==Audits==
*[[bug bounty|Bug bounty]] program can be found [insert here].
*[https://twitter.com/WatchPug_/status/1406872310368268288 From] [[WatchPug]] (21-6-2021):
''"$0.5M was stolen from Impossible Finance. The hacker made multiple swaps in a row at about the same price and drained the LP, which is usually impossible."''
===Bugs/Exploits===
==Usage==
==Usage==
===Projects that use or built on it===
===Projects that use or built on it===
Line 59: Line 86:
===Pros===
===Pros===
===Cons===
===Cons===
==Team, Funding, Partnerships, etc.==
 
* Had investment from [[FTX (FTT)|Alameda Research]]/FTX, which [https://twitter.com/Edvis100/status/1591106606716313600 came out] (11-11-2022) during the FTX crash. This could mean fall-out risk. [https://docs.google.com/spreadsheets/d/1xoYqw-5EjQIiunX75UzozzMPOspm0KwFzgA-SKBcvyo/edit#gid=0 Turned out] (8-12-2022) to have sold $500k worth of tokens to Alameda.
 
==Team, Funding, Partners==
===Team===
===Team===


Line 65: Line 95:


===Funding===
===Funding===
[[Prisma Finance (PRISMA)|Prisma]]; (possibly only the founders were) [https://mirror.xyz/0xcaD9653550286Eb1D4779D622A6a5218b446b57C/wYAgS4n7aL4tNFdxSed_m_5nrNXg_3yNc18CwBdCyfU part of] the first Prisma round (31-5-2023)
===Partners===
===Partners===
==(:==
==(:==
Line 71: Line 103:
Making these free wiki pages is fun but takes a lot of effort and time.
Making these free wiki pages is fun but takes a lot of effort and time.


If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.
If you have enjoyed reading, tips are appreciated:) This will help us to [[keep]] expanding this archive of information.


[[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31
[[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31
Also check out [https://cointr.ee/zeb CoinTr.ee] for more content.
[[Category:Coins/Tokens]]
[[Category:Coins/Tokens]]

Latest revision as of 04:08, 1 June 2023

Yield farming and fundraising

Basics

  • Based in:
  • Started in / Announced on:
  • Testnet release:
  • Mainnet release:

History

Audits & Exploits

"Impossible Finance offers an active bug bounty of $94K. In addition, the bounty will also payout 10% of the funds at risk within a found attack vector. If a bug is found that would cause the loss of Impossible's entire TVL, the whitehat hacker would effectively get paid 10% of Impossible's TVL."

"Impossible's TtC coverage is 174%. However, it is important to note that testing was only found for the launchpad contracts, but not for the staking or trading ones. Nevertheless, Launchpad is Impossible's main offering and it is adequately tested as per our standards. No test for coverage seen. However, Impossible does have some solid Launchpad testing. As such, 50% will be given here. No testing reports/CI found in their repos or "Actions" tab. Impossible Finance has not undergone formal verification.

Impossible Finance has been audited multiple times both pre-deployment and post deployment. Audit reports can be found here."

With the comment:

"Firstly, the launchpad provider had a decent running start in our core transparency metrics. Addresses are public and easily found, devs are doxxed, technical documentation was present, and the well-maintained GitHub contained fully open-source software.

However, one thing that was clearly missing was admin control information. Upon establishing contact with the developers, they worked very hard to produce this important document. It can now be found here: https://impossiblefinance.notion.site/Contract-Addresses-Docs-Details-8f357cb16b844e89a759b28264a23eae. Secondly, this aforementioned document contains all the high-level information needed to evaluate Impossible Finance's admin controls. Core contracts are immutable, ownership is through a MultiSig, and change capabilities are restricted to trading fees and whitelisting.

Moreover, there is also a breakdown of how Impossible mitigates the risk of front running and flash loan manipulations. With asymmetric boosts and staking allocations proportionate to stake amount held over time, Impossible's mechanisms capitalize on risk mitigation.

Lastly, the protocol shows a dedication to security via multiple pre-deployment audits for each protocol deployment and a sizeable bug bounty that will reward whitehats with up to 10% of total capital "saved" through attack vector disclosures.

In the future, we would love to see Impossible further develop its testing suite with the addition of code coverage and unit tests, detailed testing reports, and a formal verification. We will be monitoring these additions closely and update the report as they are added. All of that to say, Impossible Finance's process quality standards are extremely high. The protocol architecture and security measures were certainly well thought out, and we are looking forward to newer protocols utilizing its innovative launchpad in the future."

Bugs/Exploits

"$0.5M was stolen from Impossible Finance. The hacker made multiple swaps in a row at about the same price and drained the LP, which is usually impossible."

Governance

Admin Key

"Admin control information is documented at this location, and can easily be found. Impossible clearly identifies their smart contracts as immutable here. Ownership is MultiSig and clearly indicated in this location. Impossible smart contracts are immutable at the core level, and smart contract change capabilities are described here at a granular level. Impossible's core protocol is immutable, but granular parameters such as trading pairs can be paused. Since Impossible is immutable, they have no need for a core timelock. However, any swap changes incur a block delay on the blockchain, which effectively act as a time delay for swap upgrades. In addition, Impossible can retrieve funds from the launchpad in the event of an emergency, but this function is initially locked for months. Furthermore, "The admin does not have any ability to be able to take custody of users funds, and that fees also have a max limit of what they can be set to to prevent the multisig from raising fees to 100% to hurt users or drain any protocol activities."

DAO

Treasury

Token

Launch

Token Allocation

Utility

Other Details

Stablecoin

Coin Distribution

Technology

"At 313 commits and 26 branches, we didn't know a development history like this was possible."

Implementations

How it works

Fees

Upgrades

Staking

Validator Stats

Liquidity Mining

Scaling

Interoperability

Other Details

Oracle Method

Impossible does not use oracles due to all pool prices being "calculated directly from the supply of tokens in the swap itself. There are no other derivatives or price feed reliances in the Impossible Finance ecosystem" that would require a price feed oracle. The Impossible launchpad does have any time preference, meaning that there are no front-running opportunities there. Moreover, the Impossible swap has an asymmetric boost - which reduces slippage due to higher liquidity parameters. All this information is readily available here.

Compliance

Their Other Projects

Roadmap

  • Can be found [Insert link here].

Usage

Projects that use or built on it

Competition

Pros and Cons

Pros

Cons

  • Had investment from Alameda Research/FTX, which came out (11-11-2022) during the FTX crash. This could mean fall-out risk. Turned out (8-12-2022) to have sold $500k worth of tokens to Alameda.

Team, Funding, Partners

Team

  • Full team can be found [here].

Funding

Prisma; (possibly only the founders were) part of the first Prisma round (31-5-2023)

Partners

(:

Knowledge empowers all and will help us get closer to the decentralised world we all want to live in!

Making these free wiki pages is fun but takes a lot of effort and time.

If you have enjoyed reading, tips are appreciated:) This will help us to keep expanding this archive of information.

ETH tip address: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31