Pools Finance

We express our gratitude to the Pools Finance team for the collaborative engagement that enabled the execution of this Smart Contract Security Assessment.

Pools Protocol is an Automated Market Maker (AMM) implementation that enables decentralized trading between token pairs through liquidity pools. It supports both classic constant product pools and stable pools with customizable amplification parameters for tokens that should trade near parity.

The system users should acknowledge all the risks summed up in the risks section of the report

Documentation quality

• Functional requirements are partially missed.

• NatSpecs are missing for the AMM part.

• Staking NatSpecs are partially outdated.

• Technical description is provided.

• There is no explanation in the documentation regarding the staking module.

Code quality

• The code mostly follows best practices and style guides:

• • See informational findings for more details.

• The development environment is configured.

Test coverage

• Deployment and basic user interactions are covered with tests.

• Staking and unstaking cases are covered.

• Staking admin operation cases are not covered.

• Interactions by several users are not tested thoroughly.

• Adding and removing liquidity cases are covered.

• Classic and stable pool creation and trading cases are covered.

• Some edge-case scenarios are not covered.

Pools Protocol is an Automated Market Maker (AMM) implementation built on the Iota blockchain. The protocol enables decentralized trading between token pairs through liquidity pools. It supports both classic constant product pools (similar to Uniswap V2) and stable pools with customizable amplification parameters for tokens that should trade near parity.

Classic pools use the constant product formula (x*y=k) for determining prices and swap amounts. These pools are suitable for token pairs that can have significant price differences. Stable pools use a modified formula with an amplification parameter to allow for more efficient trading of tokens that should maintain similar values (like stablecoins). The amplification parameter (A) determines how close to a constant sum curve (x*y=k) the pool behaves.

The protocol implements both swap fees and protocol fees. Swap Fees are charged on each trade (0.3% for classic pools, 0.05% for stable pools). Protocol Fees a portion of swap fees collected by the protocol (25%)

Pools Protocol is an AMM and staking protocol with the following contracts:

AMM:

• amm_swap: core pool implementation and liquidity management

• amm_router: trading path logic and user interface interactions

• amm_entries: public entry points for user interactions

• amm_config: protocol configuration and pause functionality

• amm_math: basic mathematical operations

• amm_stable_utils: stable pool-specific math operations

• amm_utils: swap calculations and math utilities

Staking:

• stake: core staking implementation with the emergency mechanism

• stake_entries: public entry points for user interactions

• stake_config: protocol configuration

Privileged roles

• The AMM admin account (AdminCap) is responsible for managing core protocol parameters. This includes setting the global pause status for swap activities, updating the amplification parameter for stable pools, switching pool types between classic and stable modes, and claiming protocol fees accumulated through trading activity.

• The emergency admin account emergency_admin_address  of stake module is responsible for activating global or pool-specific emergency states. When a global emergency is triggered, all pools become permanently locked. Alternatively, inner (local) emergencies affect only a specific pool. Once an emergency is activated, it is irreversible, rendering the affected pool invalid for future use. However, users can still unstake their tokens via the emergency_unstake function. The emergency admin also has the authority to assign a new emergency admin address.

• The treasury admin account treasury_admin_address  of stake module is responsible for withdrawing accumulated rewards either after an emergency has been triggered, or once three months have passed since the end of a staking harvest period (enabling the withdrawal of any unclaimed or excess rewards). The treasury admin also has the authority to assign a new treasury admin address.

The scope of the project includes the following smart contracts from the provided repository:

Assets in Scope