In September 2021, Tempus engaged Coinspect to perform a source code review of their new DeFi protocol. The objective of the project was to evaluate the security of the Solidity smart contracts to be deployed on the Ethereum network. Tempus smart contracts are clearly documented and the tests included in the project provide good coverage.
Tempus is an on-chain derivatives marketplace that allows users to optimize their existing exposure to variable yield according to their risk profile. Specifically, Tempus allows users to dynamically adjust risk and convert variable yield rates into fixed rates. In addition, it enables users to earn additional yield as liquidity providers if they desire. This is possible because Tempus allows users to deposit various yield bearing tokens (YBT) on its platform.
Three medium risk vulnerabilities were found. One with high impact, but low likelihood was reported that could impact user funds if current security assumptions change in the future. Another medium-risk issue was reported related to the power the pool owners possess to update fees without constraints and that could be abused to harm users if the account were compromised.
Additionally, several recommendations are provided with the goal of further increasing the security of the platform
We invite you to download and read the detailed report clicking the link below.