Back to AuditsGranite logo

Granite Core

Summary

Comprehensive security audit of the Granite Core lending protocol built on Stacks using Clarity smart contracts. The review covered lending pools, collateral management, liquidation mechanisms, and interest rate models.

Audited Functionality

Granite is a DeFi lending market that offers overcollateralized loans on SIP-10 tokens managed and operated by immutable smart contracts. Granite was created and is managed by Trust Machines, a leading team of engineers, builders and researchers within the Stacks Bitcoin L2 ecosystem.

The protocol is designed to work with three user groups:

  • Lenders: Individuals or entities looking to earn interest on their crypto assets
  • Borrowers: Users in need of liquidity that are unwilling to sell their crypto holdings
  • Liquidators: Earn a fee by closing positions

Besides these three, there are also two supporting roles operating on Granite:

  • Governance: the DAO, which handles critical system operations, a trusted entity
  • Guardians: special users or bots whitelisted by the DAO that can pause the system in case of extreme emergencies

The protocol consists of a core immutable part containing the state variables, the `state` contract, and independent modules that can be changed by governance if needed, to upgrade specific functionalities of the system.

The modules contain the core logic of Granite and are split into Lender, Borrower, Liquidation, Interest Rate, and Oracle modules, each with their respective functionality.

Findings Breakdown

60|Total Findings
2 Critical4 High11 Medium15 Low28 Info
All findings have been resolved or acknowledged by the client.

About Granite

www.granite.world

Granite is a Bitcoin liquidity protocol built on Stacks that allows users to borrow stablecoins against their Bitcoin collateral. Incubated by Trust Machines, the protocol uses sBTC (a decentralized Bitcoin bridge) to connect Bitcoin to DeFi while keeping BTC securely stored on the Bitcoin blockchain. Key features include isolated collateral with no rehypothecation (user collateral is never lent to others), soft liquidations that only liquidate the minimum amount required to restore solvency, and offline position tracking via push notifications. The protocol serves both borrowers seeking liquidity without selling their Bitcoin and lenders earning yield by providing stablecoins to the liquidity pool.

Details

Date
Aug 2024
Client
Granite
Disclosure
Public
Blockchain
StacksStacks
Auditors
ABA
Categories
ClarityLending

Full Report

Download the complete audit report with all findings and recommendations.