Auditing Bitcoin.com’s Farming Contracts for Security

In the rapidly evolving world of Web3, securing users’ assets and building trust are paramount. This was the mission behind softstack’s recent audit for Bitcoin.com’s newest farming smart contract, part of the larger Bitcoin.com Verse ecosystem. Here’s how we approached this audit and contributed to strengthening security for Bitcoin.com’s global user base.

bitcoin.comxsoftstackaudit

Client

Bitcoin.com

Project

VERSE ecosystem

Industry 

Web3

Service

Farming Smart Contract Audit

The Client: Bitcoin.com and the VERSE Ecosystem

Bitcoin.com has long been a trusted name in the cryptocurrency space, constantly innovating with features that make DeFi accessible to both seasoned and new crypto users. At the center of its Verse ecosystem is the VERSE token, a reward mechanism that incentivizes platform engagement, staking, and trading. The Dynamic Reward Farming contract, which softstack audited, is a key feature within this ecosystem, allowing users to earn rewards based on staking activity.

Audit Scope and Objectives

The scope of the audit was to rigorously assess Bitcoin.com’s Dynamic Reward Farming contract, with a focus on:

  1. Code Integrity and Vulnerability Mitigation: Detecting potential vulnerabilities and ensuring best practice. 
  2. Access Control and Permissions: Ensuring only authorized actions within sensitive contract functions.
  3. Gas Efficiency: Optimizing code for minimal gas usage and computational costs.
  4. Reward Calculation and Distribution Accuracy: Verifying accurate and fair distribution of rewards to stakers.

Methodology

Softstack applied both manual and automated testing, including symbolic execution and code comparison to specifications. By examining each line, our team of experts identified and analyzed even the smallest deviations from best practices.

Key Findings and Recommendations

While no critical or high-risk vulnerabilities were found, the audit highlighted a few minor areas for improvement:

  • SafeApprove Implementation: Enhancing security by adding validation to the approval function to prevent race conditions.
  • Token Management Flexibility: Recommendations were made to allow greater flexibility in adding and removing reward tokens.
  • Event Emissions: Suggestions for additional event emissions to enhance off-chain tracking of reward token additions.


All identified issues were either addressed or acknowledged by Bitcoin.com, ensuring enhanced security and user trust.

Learn more about the audit findings → Read the full report on GitHub

Conclusion

Softstack’s audit for Bitcoin.com’s newest farming contract reinforces our commitment to strengthening the security foundation of Web3. With each audit, we bring robust security, transparency, and precision, helping our clients realize their vision of a safe, scalable DeFi ecosystem.

Need Support for Your DeFi Project?

Our experience with industry leaders like Bitcoin.com translates into practical security solutions for your smart contracts. Whether you’re developing farming contracts, reward systems, or other DeFi applications, we understand the unique challenges you face.

Ready to enhance your project’s security? Reach out today

Services we provide

Web3 Development

Web3 Security

Web3 Consulting

Softstack Case Studies

Click through our success stories and see how we have helped other companies
achieve their Web3 goals.

Smart Contract Audit for Strobe Finance Cross-Chain Money Market on XRPL EVM

Softstack has completed a full audit of Strobe Protocol, a DeFi platform bridging XRPL with EVM chains via Axelar. The review covered cross-chain messaging, lending logic, oracle systems, and edge-case defenses.
Explore

Softstack Secures AllUnity’s MiCAR-Compliant Stablecoin

AllUnity partnered with Softstack to audit its MiCAR-compliant euro stablecoin. The audit confirmed secure, compliant smart contracts with no critical issues.
Explore

Smart Contract Audit – Fetch AI

Softstack completed a smart contract audit for Fetch AI’s Agentverse Launchpad, resolving vulnerabilities in bonding curves, multisig, and ERC-20 logic to ensure secure tokenized agent deployment.
Explore
unichxsoftstackaudit

Securing Unich: Softstack’s Smart Contract Audit for OTC Trading

Softstack audited Unich’s OTC smart contracts on EVM & Solana, resolving security risks and optimizing efficiency. Learn how Unich improved its security in our full report.
Explore
fijaxsoftstackauditblog

Fija’s Smart Contracts: Audited & Secured

To strengthen DeFi security, softstack audited Fija’s smart contracts—identifying vulnerabilities, enhancing protections, and reinforcing trust.
Explore
bitcoin.comxsoftstackaudit

Auditing Bitcoin.com’s Farming Contracts for Security

Softstack audited Bitcoin.com’s Dynamic Reward Farming contract, enhancing a secure and efficient experience for users. Learn how Bitcoin.com strengthened its Verse ecosystem.
Explore