Security Audit Report for Phoenix Bonds


Phoenix Bonds is a principal-protected bonding platform that helps protocols with liquidity-bootstrapping, provides perpetually-boosted yield to users and works with all yield bearing assets. The core contracts covered in this audit include Phoenix Bonds contracts in the code repository. The iterative audit covers the code in the initial version, as well as subsequent versions to fix discovered issues, as detailed in our audit report. Please note that external dependencies are assumed reliable and are therefore excluded from the audit scope. Our audit methodology employs automated vulnerability scans, manual verification, and business logic analysis to uncover potential security issues coupled with gas and code quality optimization recommendations. In summary, we did not find any critical and non-critical issues within the audited codebase. However, we have put five recommendations to further strengthen the code logic, along with three notes that should be taken into consideration. It is important to note that the scope of our audit was strictly limited to the specific code versions mentioned in the report. Any updates made subsequent to our review would require a re-evaluation.


In total, we find 0 potential issues in the smart contract. We also have 5 recommendations and 3 notes, as follows:

High Risk: 0
Medium Risk: 0
Low Risk: 0
Recommendation: 5
Note: 3
ID Severity Description Category Status
1 - Two-Step Transfer of Privileged Account Ownership Recommendation Confirmed
2 - Potential Centralization Problem Recommendation Confirmed
3 - Lack of Check of Price for LiNEAR Recommendation Confirmed
4 - Lack of Validation for Owner when Upgrading Recommendation Fixed
5 - Code Optimization Recommendation Fixed
6 - Assumption on the Secure Implementation of Dependencies Note Confirmed
7 - Delayed Price of LiNEAR Note Confirmed
8 - No Restriction of Redeem Time Note Confirmed

More details are provided in the audit report.

Take the first step towards a secure future

Reach out now for BlockSec's expert code audit services, elevate the security of your protocol before it goes live!