Introduction
Gradient, a decentralized trading protocol, engaged Assure DeFi to perform an Advanced+ Audit of its smart contracts. Gradient’s system includes an orderbook, market maker pools, and a registry architecture, all designed to support efficient decentralized trading.
Given the complexity of Gradient’s architecture and the high value assets involved, Assure DeFi was tasked with conducting a comprehensive security assessment to ensure resilience against critical vulnerabilities, operational inefficiencies, and governance risks.
This case study dissects the audit in detail, from scope and methodology to the vulnerabilities discovered, fixes implemented, and overall impact on Gradient’s security posture.
Audit Scope
Contracts Reviewed
FallbackExecutor.sol
GradientMarketMakerPool.sol
GradientOrderbook.sol
GradientRegistry.sol
Language: Solidity
Methodology:
Static Analysis: Identification of compiler warnings, integer overflows/underflows, gas inefficiencies.
Manual Review: Line by line inspection of contract logic, event handling, and edge cases.
Functional Testing: Unit tests, custom edge cases, reverts, and simulated on chain scenarios.
Attack Simulations: Testing for reentrancy, frontrunning, oracle manipulation, denial of service (DoS), timestamp dependencies, and centralization risks.
Key Security Concerns Identified
The audit revealed 11 high level, 9 medium level, 3 low level, and 1 informational issues. Below, we detail the most impactful vulnerabilities and the solutions applied.
1. Incorrect Fee Calculation in Buy Orders ✅ Fixed
Location: GradientOrderbook.createOrder
Issue: Buyer fees were collected prematurely, leading to ETH lock up without proper accounting.
Risk: Funds could remain locked indefinitely if orders never matched.
Resolution: Fee collection was deferred until order fulfillment, aligning buyer/seller treatment.
2. Inefficient Order Queue Management ✅ Fixed
Location: GradientOrderbook (queue management)
Issue: Array based queues left “ghost orders” when items couldn’t be removed efficiently.
Risk: Orderbook integrity and gas costs could degrade over time.
Resolution: Migrated to a doubly linked list structure for O(1) insertion/removal.
3. Price Manipulation in Market Orders ✅ Fixed
Location: GradientOrderbook.fulfillMarketOrders
Issue: Market orders could execute at unfair prices without validation.
Risk: Susceptible to slippage attacks and unfair fills.
Resolution: Introduced oracle based validation and restricted fills within a configurable tolerance band relative to Uniswap rates.
4. Centralization Risks in Registry Control ✅ Fixed
Location: GradientRegistry
Issue: Owner could unilaterally modify critical contract addresses.
Risk: Potential malicious redirection of funds.
Resolution: Implemented role based access control (RBAC), multi signature ownership, and timelocks for registry changes.
5. Epoch Increment Logic Exploitation ✅ Fixed
Location: GradientMarketMakerPool._checkAndIncrementETHEpoch
Issue: Attackers could drain liquidity to prematurely trigger epoch increments.
Risk: Manipulation of rewards distribution.
Resolution: Added cooldown periods and minimum liquidity requirements to prevent abuse.
6. Excessive Withdrawal Logic ⚠️ Acknowledged
Location: GradientMarketMakerPool.withdrawExcessiveFunds
Issue: Owners could potentially withdraw funds earmarked for liquidity providers.
Risk: Misappropriation of LP rewards.
Resolution: Recommendation to account for pending rewards/fees before withdrawal. Acknowledged by team.
7. Price Manipulation in Fallback Executor ✅ Fixed
Location: FallbackExecutor._isDEXSuitable
Issue: Liquidity checks failed to account for flash loan attacks or large trades.
Risk: Attackers could manipulate execution prices.
Resolution: Implemented minimum liquidity thresholds (10 ETH default) and reserve margin checks. TWAP validation recommended for future iterations.
8. Gas Inefficiencies in Batch Functions ✅ Fixed
Location: GradientMarketMakerPool (batch liquidity removal)
Issue: Iterative loops risked out of gas failures during heavy usage.
Risk: Failed transactions under network load.
Resolution: Added partial processing and gas aware batching, ensuring scalability.
SCORE:
Audit Score: 85/100
Global Score: 85/100
Pass Threshold: 84/100
Testing Coverage
The audit included custom Brownie test suites to validate critical contract functions under adversarial conditions:
Order Lifecycle: Creation, cancellation, expiration, and matching.
Liquidity Pools: Epoch transitions, reward claiming, and withdrawals.
Attack Scenarios: Unauthorized calls, insufficient ETH, invalid parameters, front running attempts.
Batch Operations: Ensured resilience against gas limit induced failures.
Testing confirmed fixes and validated Gradient’s system against order failures, front running vulnerabilities, and execution risks.
Outcome & Client Impact
Following the audit:
- Gradient’s development team promptly fixed all major vulnerabilities, with some medium/low severity risks acknowledged as acceptable trade offs.
- Governance was strengthened with timelocks and RBAC, mitigating centralization risks.
- Efficiency improvements (linked lists, gas aware batching) enhanced scalability.
Final Status: ✅ PASS
Gradient emerged with a hardened codebase, improved investor trust, and greater resilience against real world attack vectors.
Why This Matters
This audit illustrates Assure DeFi’s strength in advanced Solidity reviews:
Smart Contract Security – Validated trade flows, oracle safeguards, and withdrawal permissions.
Governance Resilience – Verified RBAC controls, timelocks, and fallback protection.
Investor Confidence – Delivered audit proof of Gradient’s high standards in operational and financial security.
By dissecting Gradient’s system across contract layers, Assure DeFi delivered a secure, production ready protocol aligned with industry leading expectations.