Rocket Pool ETH-rETH Smart Contract Audit

 Project Background

Website Details

  • Rocket Pool is a decentralized Ethereum staking protocol offering liquid and node staking solutions. 
  • It allows users to stake ETH and receive rETH, a liquid staking token, or to run a node with as little as 16 ETH. 
  • This approach promotes decentralization and security within the Ethereum network.


Code Details

  • This Solidity code defines an ERC20 token that is mintable and burnable via a bridge contract, specifically designed to work with the Optimism Layer 2 solution. Here’s an overview of the key components and functionalities:
  • Core Contract
    • Semver: Handles semantic versioning with `MAJOR_VERSION`, `MINOR_VERSION`, and `PATCH_VERSION`.
    • ERC20:
      • Implements the standard ERC20 functionality with additional internal functions to handle minting, burning, allowances, and token transfers.
      • Functions include `name`, `symbol`, `decimals`, `totalSupply`, `balanceOf`, `transfer`, `allowance`, `approve`, `transferFrom`, `increaseAllowance`, `decreaseAllowance`, `_transfer`, `_mint`, `_burn`, `_approve`, `_spendAllowance`, `_beforeTokenTransfer`, and `_afterTokenTransfer`.
    • OptimismMintableERC20:
      • Extends `ERC20` and `Semver` to create a mintable and burnable token for use with the Optimism bridge.
      • The constructor takes parameters for the bridge address, remote token address, token name, and symbol.
      • The `mint` and `burn` functions can only be called by the bridge contract.
      • Implements `supportsInterface` for interface detection.
  • This structure ensures that the token adheres to the ERC20 standard while adding the necessary functionalities for integration with the Optimism Layer 2 solution, specifically for minting and burning tokens via a designated bridge contract.

Audit Summary

  • We observed 2 Informational issues in the smart contracts. but those are not critical. 
  • The security state of the reviewed smart contract, based on standard audit procedure scope, is “Secured”.

Executive Audit Summary

  • According to the standard audit assessment, the Customer`s solidity smart contracts are “Secured”.  This token contract does not have any ownership control, hence it is 100% decentralized.
  • We used various tools like Slither, Solhint and Remix IDE. At the same time this finding is based on critical analysis of the manual audit.

Audit Report in PDF


Audit Report Flip book

Please wait while flipbook is loading. For more related info, FAQs and issues please refer to DearFlip WordPress Flipbook Plugin Help documentation.

Leave a Reply

Your email address will not be published. Required fields are marked *

18 − seven =