Auditing Bitcoin.com’s Farming Contracts for Security

In the rapidly evolving world of Web3, securing users’ assets and building trust are paramount. This was the mission behind softstack’s recent audit for Bitcoin.com’s newest farming smart contract, part of the larger Bitcoin.com Verse ecosystem. Here’s how we approached this audit and contributed to strengthening security for Bitcoin.com’s global user base.

bitcoin.comxsoftstackaudit

Client

Bitcoin.com

Project

VERSE ecosystem

Industry 

Web3

Service

Farming Smart Contract Audit

The Client: Bitcoin.com and the VERSE Ecosystem

Bitcoin.com has long been a trusted name in the cryptocurrency space, constantly innovating with features that make DeFi accessible to both seasoned and new crypto users. At the center of its Verse ecosystem is the VERSE token, a reward mechanism that incentivizes platform engagement, staking, and trading. The Dynamic Reward Farming contract, which softstack audited, is a key feature within this ecosystem, allowing users to earn rewards based on staking activity.

Audit Scope and Objectives

The scope of the audit was to rigorously assess Bitcoin.com’s Dynamic Reward Farming contract, with a focus on:

  1. Code Integrity and Vulnerability Mitigation: Detecting potential vulnerabilities and ensuring best practice. 
  2. Access Control and Permissions: Ensuring only authorized actions within sensitive contract functions.
  3. Gas Efficiency: Optimizing code for minimal gas usage and computational costs.
  4. Reward Calculation and Distribution Accuracy: Verifying accurate and fair distribution of rewards to stakers.

Methodology

Softstack applied both manual and automated testing, including symbolic execution and code comparison to specifications. By examining each line, our team of experts identified and analyzed even the smallest deviations from best practices.

Key Findings and Recommendations

While no critical or high-risk vulnerabilities were found, the audit highlighted a few minor areas for improvement:

  • SafeApprove Implementation: Enhancing security by adding validation to the approval function to prevent race conditions.
  • Token Management Flexibility: Recommendations were made to allow greater flexibility in adding and removing reward tokens.
  • Event Emissions: Suggestions for additional event emissions to enhance off-chain tracking of reward token additions.


All identified issues were either addressed or acknowledged by Bitcoin.com, ensuring enhanced security and user trust.

Learn more about the audit findings → Read the full report on GitHub

Conclusion

Softstack’s audit for Bitcoin.com’s newest farming contract reinforces our commitment to strengthening the security foundation of Web3. With each audit, we bring robust security, transparency, and precision, helping our clients realize their vision of a safe, scalable DeFi ecosystem.

Need Support for Your DeFi Project?

Our experience with industry leaders like Bitcoin.com translates into practical security solutions for your smart contracts. Whether you’re developing farming contracts, reward systems, or other DeFi applications, we understand the unique challenges you face.

Ready to enhance your project’s security? Reach out today

Services we provide

Web3 Development

Web3 Security

Web3 Consulting

Softstack Case Studies

Click through our success stories and see how we have helped other companies
achieve their Web3 goals.

bitcoin.comxsoftstackaudit

Auditing Bitcoin.com’s Farming Contracts for Security

Softstack audited Bitcoin.com’s Dynamic Reward Farming contract, enhancing a secure and efficient experience for users. Learn how Bitcoin.com strengthened its Verse ecosystem.
Explore
XRP Ledger Security Audit

Security Auditing Ripple’s Multi-Purpose Token on XRP Ledger.

Explore our XRP Ledger security audit for Ripple's Multi-Purpose Token, ensuring robust implementation and scalable blockchain solutions.
Explore
pantosxsoftstack_infrastructuresecurityaudit2

Security Audit of Pantos Node Infrastructure and Smart Contracts

Discover how Softstack’s in-depth security audit strengthened Pantos’ cross-chain nodes and smart contracts, setting new standards in blockchain interoperability and security.
Explore
tezosxsoftstack

Telegram Mini App SDK

Softstack's t:connect SDK brings Tezos and Etherlink to 800M+ Telegram users, enabling seamless blockchain integration.
Explore
softstack smart contract audit report on velvet capital

Smart Contract Audit

Discover how softstack's comprehensive smart contract audit strengthened Velvet Capital's DeFi platform. Learn about our expert findings, methodology, and the importance of security in blockchain development.
Explore

Technical Due Diligence MC² Finance

The role of Technical Due Diligence towards successful fundraising
Explore

We’re here to be your preferred service partner
for software development, cybersecurity and consulting in Web3. 

Request Audit

EXPLORE

Contact
Career
Press & Branding
Insights

SERVICES

Web3 Development
Web3 Security
Web3 Consulting

EXPERTISE

Ecosystems
Programming Languages
BioHash (BEKI)
Twitter Linkedin Github Telegram
hello@softstack.io
Legal Notice   Privacy Policy   Disclaimer

Co-Financed by the European Union – the Federal Government and Land Schleswig-Holstein (GRW)

Copyright © 2017 – 2024 Softstack GmbH (formerly Chainsulting). All rights reserved.