SyncSwap

DEX

Powered by zero-knowledge technology, SyncSwap brings more people easy-to-use and low-cost DeFi with complete Ethereum security.

Chain
TVL
＄10.64M
Native token
N/A
Protocol key links
Website Gitbook Twitter

Risk Rating

Moderate Risk

Assessment: 2024-03-25

Risk Assessment

Security History

Monitoring

Overall Score

71%

Alert

Assessor
Kop, supergu
Assessment Date
2024-03-25

Not yet undergone Underwriting review

SyncSwap presents a mixture of strengths and weaknesses. Positively, it features a non-upgradable smart contract for security, user-friendly documentation, a battle-tested AMM formula based on Curve and Uniswap, and a strong community backing. On the downside, risks include contract ownership by an EOA, creating a security vulnerability, the complexity and risks from flash loan support, lack of transparency regarding the team, and the absence of a decentralized governance system.

Economic
Evaluate possible financial and economic risks depending on the project type (e.g., for lending, check the collateralization system), protection against CVEs (Common Vulnerabilities and exploits), oracle risks, and systemic concerns.

78%

The AMM formula, influenced by Curve's model, has undergone extensive battle testing.

Common attacks have been successfully mitigated, showcasing strong security measures in place.

Despite the AMM formula being battle-tested, the project, launched a year ago, has not yet undergone extensive real-world testing to validate its resilience and security.

Support for flash loans introduces additional complexity and associated risks to the system.

Operation
Look into the team's experience, track record, and project governance. Consider legal and counterparty risks that may impact the project.

55%

The protocol boasts a significantly large community, indicating a robust level of engagement and interest from users.

Details regarding the team members and founders are not publicly disclosed, leading to a lack of transparency about the project's leadership.

A decentralized governance system is currently not established within the protocol.

Technical
Understand the security of the app, code quality, and controls in place. Check how well it was developed, tested, and reviewed by third parties.

73%

The smart contract is designed as non-upgradable, which inherently reduces the risk associated with post-deployment modifications.

High contract activity indicates robust user engagement and a healthy operational state.

The ownership of the contract is assigned to an EOA, presenting a potential security vulnerability due to the risk of private key exposure.

The absence of a bounty program could limit the discovery and resolution of potential security vulnerabilities, reducing the protocol’s defensive capabilities.

SyncSwap

DEX

Risk Rating

Overall Score

EconomicEvaluate possible financial and economic risks depending on the project type (e.g., for lending, check the collateralization system), protection against CVEs (Common Vulnerabilities and exploits), oracle risks, and systemic concerns.

OperationLook into the team's experience, track record, and project governance. Consider legal and counterparty risks that may impact the project.

TechnicalUnderstand the security of the app, code quality, and controls in place. Check how well it was developed, tested, and reviewed by third parties.

Economic
Evaluate possible financial and economic risks depending on the project type (e.g., for lending, check the collateralization system), protection against CVEs (Common Vulnerabilities and exploits), oracle risks, and systemic concerns.

Operation
Look into the team's experience, track record, and project governance. Consider legal and counterparty risks that may impact the project.

Technical
Understand the security of the app, code quality, and controls in place. Check how well it was developed, tested, and reviewed by third parties.