Marginly's Second Quantstamp Audit: Enhancing Security and Expanding Horizons

Marginly's Second Quantstamp Audit: Enhancing Security and Expanding Horizons

Ensuring Robustness and Reliability

In our ongoing commitment to security and transparency, Marginly recently completed its second audit conducted by the renowned blockchain security firm, Quantstamp. This audit focused on key updates and improvements to the Marginly codebase, particularly the integration of new oracle support and the introduction of innovative features such as the flip position functionality.

Key Findings and Enhancements

The audit encompassed a comprehensive review of changes made to the core contracts, with a specific emphasis on the newly added oracle support. Quantstamp's analysis uncovered 10 findings, of which 8 were promptly fixed, 1 low-severity issue was effectively mitigated, and 1 was acknowledged with an "informational" severity grade. 

Expanding Oracle Support for Broader Functionality

One of the most significant advancements highlighted in the audit is the expansion of oracle support. While the previous version of Marginly relied solely on Uniswap v3 oracles, the latest iteration incorporates support for a wider range of oracles, including AlgebraFinance, Pyth, Chainlink, Pendle, and Curve. 

This expanded oracle support unlocks the potential to integrate a much broader selection of tokens and pools into the Marginly ecosystem, paving the way for exciting new use cases and enhanced functionality. Our R&D is working relentlessly on bringing these new possibilities to life including products focused on long tail assets, memecoins, and various LP tokens - all of these can now be priced and supported by Marginly. 

Introducing Flip Positions for Increased Flexibility

Another notable development is the introduction of the flip position functionality. This feature empowers users with greater flexibility in managing their positions by allowing them to seamlessly switch between long and short positions through the implementation of the `sellBaseForQuote()` and `sellQuoteForBase()` functions as well as modifications to receivePosition().

Continued Commitment to Quality and Security

The Quantstamp audit report commended the Marginly codebase for maintaining its high quality, with benchmarks demonstrating near-perfect metrics. This achievement underscores our unwavering dedication to upholding the highest standards of security and reliability for our users.

Looking Ahead

The successful completion of this second audit directly facilitates our newest use case and associated products: leveraged farming of Pendle’s PT tokens. Marginly pools with PT tokens make it possible for traders to open leveraged long positions while providing ETH or PT tokens as collateral. This is a powerful way to capitalize on Pendle’s high implied APY because it allows traders to multiply lucrative fixed yields that PT tokens offer. 

We have carefully designed this use case to be robust and reliable by modeling a conservative capacity metric for each strategy making sure that there is sufficient liquidity available for each leveraged position to be unwinded. The spread between Pendle’s implied APY and Marginly LP APY is designed to dynamically adjust as implied APY decreases making sure that strategies remain profitable for both traders and LPs. 

Additionally, the audit also supercharges the ongoing work on Marginly SDK and DEX integrations allowing us to finalize partnerships and capitalize on the relentless BD work we have been doing since protocol’s inception.

This is another important milestone in Marginly's journey. As we continue to expand our offerings and explore new possibilities within the DeFi space, we remain steadfast in our commitment to prioritizing user security and delivering a robust and reliable platform.

Read more