Genopets Game Whitepaper
  • Overview
    • Introduction
    • Rewarding an Active Lifestyle
    • Why Web3 in Games?
    • GameFi Sustainability
    • Marketplace Economy
    • Roadmap
      • PHASE 1 - PRIVATE BETA (COMPLETE)
      • PHASE 2 - WHITELIST PUBLIC BETA (IN PROGRESS)
      • PHASE 3 - FUTURE LAUNCH (COMING 2023)
  • Gameplay Pillars
    • Move-to-Play
    • Nurture & Evolution
    • Habitat Terraforming & Rental
    • Harvesting KI & Crafting
    • Battle System
  • Game Mechanics
    • Developer's Note
    • Mechanics Changelog
    • Energy
      • The Framework
      • Calculating Steps to Energy Conversion
      • Why Implement Energy?
    • Stage-based Energy Multipliers
    • Daily Banking Rewards
    • Challenges
    • Banking Streaks
    • Mood & Nurture
      • Calculating Mood
      • Nutrition
      • Joy
      • Love
      • Nurture Actions
        • Feeding
        • Playing
        • Petting
      • Nurture Items
    • Leveling Up
    • Stats
    • Items
    • Step Battles
    • Player Created Economy
      • Virtual Economies in Context
      • Players as Economic Agents
    • Crafting
      • Terraformation (Habitats)
      • Refinement (Crystals)
      • Alchemy (Items)
        • How It Works
        • Cosmetics
        • Augments
        • Reroll
        • Expedite
    • Augment Upgrading & Recycling
      • Upgrading
      • Recycling
    • Habitat Management
      • General Parameters
      • Components
      • Primary & Sub-Habitats
      • Unrefined Crystal Spawning
      • Harvesting KI
      • Terraform Seeds
      • Maintenance & Decay
      • Upgrading Habitats
      • How to Acquire Habitats
      • Delegation (Alchemists & Harvesters)
      • Habitat Hibernation
  • Tokenomics
    • Dual Token System
    • GENE Tokenomics
    • GENE Staking
      • Inspirations
      • Motivations
      • Benefits
      • Design
        • sGENE In-Game
      • Definitions
      • Current Settings
      • Staking Program Audit
      • Airdrop Reward Weight
    • KI Token Launch
  • Game Elements
    • Glossary
    • Season 0 - Item Removal
    • Crafting Recipe Book
    • Holiday Gift Guide
    • Resources
      • Giveaways
        • Genopets Duck Game Giveaway
    • Genoverse Alphabet
    • Game Rules
    • Augment Style Guide
Powered by GitBook
On this page
  1. Tokenomics
  2. GENE Staking

Staking Program Audit

PreviousCurrent SettingsNextAirdrop Reward Weight

Last updated 2 years ago

conducted a full security audit and vulnerability analysis on the Genopets Staking Program. The audit process took approximately ~2 weeks to complete starting from April 27th and ending on May 13th. This report briefly covers the program’s workflow along with a short description of the vulnerabilities discovered by the SolShield team. All issues identified were resolved swiftly following the audit report.

An excerpt from the methodology section of the report providing and overview of the audit process: After the initial contact from the Genopets team, we held an online session to go through the logic and the code structure. The complexity of the implementation was assessed to be unnecessarily high, therefore and thanks to the effort of the core developers from Genopets, a code revamp was done which took ~2 weeks to complete. After that, we started to do extensive code analysis. The staking program makes extensive and spot-on use of PDAs to manage program associated data. The SolShield team also took extra care to confirm the program is resilient against classic Solana program attacks such as account re-initialization and substitution, missing authority and signer checks and token account confusions.

Instances of these primitive classes of vulnerabilities were discovered which we will explain later. In the next step, to guarantee the implementation follows the intended program specification, our lead auditor had multiple 1-on-1 sessions with the lead developer of the program, where we inspected the data flow through program logic ensuring correct behavior.

Then, as per SolShield promise, our team deployed the program on devnet and ran intense fuzzy and penetration tests, hitting the program with custom transactions with randomly generated data and different types of accounts to uncover any residual attack vector that might put the program in danger.

Lastly, we reported all the bugs and discoveries to the Genopets team with suggestions on how to resolve and mitigate the issues. The developers were swift in releasing patches to address the vulnerabilities we pointed out. The final code was scanned yet once again as a clean up review to ensure the validity of the fixes and that no new vulnerabilities were introduced in the process.

See the full report attached below:

SolShield
157KB
Genopets Staking Program Audit.pdf
pdf