Protect your smart contracts and DeFi protocols with Three Sigma, a trusted security partner in blockchain audits, smart contract vulnerability assessments, and Web3 security.
Ostium is a decentralized perpetuals exchange purpose-engineered for Real World Assets (RWAs). Leveraging a stablecoin-settled engine, proprietary oracle feeds, and a dynamic fee structure, it enables fully onchain, synthetic trading of traditional commodities like crude oil, soybeans, and natural gas.
Why Did They Need an Audit?
Following its initial deployment, Ostium introduced several post-launch upgrades affecting collateral management, PnL calculation, and risk enforcement logic. These changes—particularly around leverage control and rounding behavior—posed critical security implications. Ostium engaged Three Sigma for a 1.2-person-week focused review of these diffs to ensure safe patch rollout and continuity of onchain trading.
Scope of the Engagement
Audit Date: 2024-12-25
Language: Solidity
Type: Code Audit
Results and Findings
Key High-Severity Issue
Leverage abuse via multiple removeCollateral() calls
Description: OstiumTrading allowed users to call removeCollateral() multiple times without validation, and the handleRemoveCollateral() function failed to enforce leverage caps post-removal. This enabled users to strip nearly all collateral while maintaining full exposure, achieving effectively risk-free trades.
Resolution: Added checks for pending removals and ensured resulting leverage does not exceed the protocol maximum during fulfillment.
Description: When closing a trade with closePercentage ≈ 100%, integer rounding led to a remainingCollateral = 0, bypassing the minimum leverage check. This allowed users to leave behind dust positions violating system constraints. While small in value, over time these positions could accumulate and strain platform invariants.
Resolution: Revised the condition to only skip leverage checks if the closePercentage == 100% exactly.
Notable Low-Severity Observation
Max profit cap bypass due to leverage increase
Description: The currentPercentProfit() function capped profits to maxPnlP = 900 (10x). However, with leverage now adjustable upwards post-trade, users could exceed this cap, breaking previously enforced economic assumptions.
Resolution: Final profit is now clamped after applying new leverage to ensure PnL remains within protocol-defined bounds.
Severity Issues
critical
high
1
informational
0
medium
1
low
1
Audit Period
1.2 PW
Report
Audit Period
1.2 PW
Severity Issues
critical
high
1
medium
1
low
1
informational
0
Report
In conclusion
Three Sigma conducted a 1.2-person-week diff-focused audit of Ostium’s 2,010 nSLOC upgrade, identifying one high-severity leverage bypass, one medium-severity dust position flaw, and a low-level PnL cap bypass. All issues were swiftly addressed prior to deployment. These changes reinforce Ostium’s commitment to maintaining strict economic safety guarantees, even as protocol logic evolves in production.
Secure Your Crypto Project Before It’s Too Late. Get in Touch Today.