We want to create innovative and sustainable DeFi products that people can trust, and here are the security measures that we have in place.
What's a rugpull? CoinMarketCap defines it as:
A malicious manoeuvre in the cryptocurrency industry where crypto developers abandon a project and run away with investors’ funds.
Our fork does not contain the commonly abused migrator code.
If you've been in the DeFi space for a while, you might have been aware of what the Migrator code is capable of:
"... started earlier on the Ethereum Network when SushiSwap migrated $830 million worth of crypto assets from Uniswap to its own community-owned automated market maker (AMM)." - https://rugdoc.io/education/migrator/
With a migrator function in the MasterChef contract, the owner of the MasterChef contract (generally a Timelock contract or the dev team) can call the function to move all funds out of the MasterChef contract to any other address and by doing this steal all funds.
Our MasterChef contract does not have the migrator function, which means that we physically cannot perform a rugpull.
Besides protecting users against a rugpull, this also prevents hackers from exploiting the smart contract to invoke the migrator function.
- Timelocks prevent any unseen and immediate changes to our smart contracts.
- Changes are locked for a period of time and can be monitored publicly, alerting users to any changes.
- Without timelocks, malicious parties can modify smart contracts immediately, giving no warning to the users.
- Currently set to 24 hours as per majority vote by our community and as advised by Paladin audit.
If a change is queued in the timelock and you disagree with it, you then have a period of time to withdraw your funds and alert others before the changes are pushed through.