Tulip Protocol (TULIP)
Basics
History
Audits & Exploits
- Tulip does not offer an official Bug Bounty program (23-3-2022).
- Scored 45% on DeFi Safety (23-3-2022):
"Tulip is unaudited. Due to there being a complete lack of software functions within the Tulip documentation, there cannot be any traceability to its source code. No public test report of Tulip exists. Tulip has not undergone formal verification."
With the comment:
"As the team was very responsive to our communicative efforts, it quickly became apparent that Tulip values closed-source software. At 45%, this is the main aspect that hinders their score. Paired with unaudited code, Tulip's software practices may be a dealbreaker for some.
Nonetheless, with our guidance, the team has made noticeable improvements to their documentation. Most notably, they now clearly detail the extensively mutable nature of their smart contracts and their MultiSig/BPFLoader ownership. This transparency is certainly encouraging. Additionally, a previous lack of public smart contract addresses has been resolved, and they are now all readily available. All of these noticeable improvements demonstrate the team's willingness to become more transparent to their users, and this gives us hope for future developments.
However, the main caveat remains Tulip's closed-source software. If the protocol wants to further improve its process quality and transparency, it will no doubt have to sacrifice privacy and instead opt for an open-source future. This is paramount not only for security, but also for traceability."
Bugs/Exploits
Governance
Admin Keys
- From DeFi Safety (23-3-2022):
"Tulip's Admin Control information can easily be found in their documentation. All of Tulip's listed smart contracts are upgradeable through the BPFLoader. Tulip mentions the existence of their MultiSig here. Tulip does not document the existence of a pause control or similar functions. Tulip does not have a timelock."
DAO
Treasury
Token
Launch
Token Allocation
Utility
Other Details
Stablecoin
Coin Distribution
Technology
- Whitepaper or docs can be found here.
- Code can be viewed here. From DeFi Safety (23-3-2022):
"Although Tulip has a public software repository, it is filled with forks and their own SDK. They seem to keep their own smart contracts under a private repo."
Implementations
- Built on: Solana
- Programming language used:
Transaction Details
How it works
Fees
Upgrades
Staking
Validator Stats
Liquidity Mining
Scaling
Interoperability
Other Details
Oracle Method
- Pyth is mentioned as oracle (7-3-2022).
- From DeFi Safety (23-3-2022):
"Tulip details their use of Chainlink oracles. Tulip mitigates front running possibilities via its Chainlink oracle implementation. Tulip is flash loan resistant due to its Chainlink oracle implementation."
Compliance
Their Other Projects
Roadmap
- Can be found [Insert link here].
Usage
Projects that use or built on it
Competition
Pros and Cons
Pros
Cons
- Had investment from Alameda Research/FTX, which came out (11-11-2022) during the FTX crash. This could mean fall-out risk.
Team, Funding and Partners
Team
- Full team can be found [here].
- From DeFi Safety (23-3-2022): Tulip's team is not public.
Funding
Partners
(:
Knowledge empowers all and will help us get closer to the decentralized world we all want to live in!
Making these free wiki pages is fun but takes a lot of effort and time.
If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.