System and Security
In this section, we will explore the core concept behind Advanced Order Types, examine how it functions as a whole, and dive into the finer details of how security is maintained.
Core Principles
In developing this project, our goal was to design a smart contract system that could perform all the necessary checks to ensure accurate order execution, while still providing maximum flexibility in both system architecture and order routing.
The execution of orders is not limited to specific contract interfaces or manually specified targets. There are countless ways to perform a swap onchain, and with 30+ chains supported on Oku, the need to allow for arbitrary execution to execute the orders was deeply apparent. In order to make this possible, trade-offs in flexibility were considered, such as whitelisting and numerous checks. More on this in the Security section.
The end result is a relatively simple and effective system that can be deployed and function on all EVM chains, allowing advanced order types such as Limit Orders to exist on many chains and tradable pairs that were otherwise not possible before in DeFi.
Oracles
Currently, onchain oracles are utilized to accurately price all tokens used in the Automated Swap Order system. This allows for our offchain monitoring systems to efficiently monitor all pending orders for specific target prices without needing to constantly query the contract itself to determine if orders are indeed fillable. Allowing the onchain check to act as a redundancy to ensure orders are executable before they take place. In the near future, a similar smart contract order system will be added to allow for limit orders to be placed and filled without the use of price oracles, bringing automation and advanced order types to even more pairs and chains than before.
Automation System
Offchain automation is handled by one of our automation partners. The system constantly monitors all orders to check whether prices are in-range and executes orders via the most efficient route available when market conditions allow. However, the actual function call to the smart contracts to execute pending orders is not permissioned. Everyone is welcome to participate in order fulfillment.
Security
A meticulous audit has been conducted on the smart contract system; the full report is available at the bottom of the page. To highlight some security hurdles that were overcome to bring this project to life, we will discuss a few in detail below.
Whitelisting
Every execution performs a swap, and the order does not pre-determine which contract will facilitate the swap. Therefore, a vetted list of safe 'swap targets' must be maintained to prevent malicious actors from sending arbitrary data to unknown contracts.
To achieve this but still allow for flexibility, we maintain a whitelist of safe swap targets and safe 'target setters', allowing our automation system to be whitelisted to add new targets as needed.
Extensive checks are performed on token balances to ensure that each order executes as expected. These include but are not limited to:
Balances before and after the swap of all tokens held by the smart contract.
Careful calculation of slippage tolerances to ensure tokens received as a result of a swap are in the expected amount.
Meticulous and explicit allowance checks, including resetting all allowances before and after a swap is executed in order to prevent any lingering allowance issues.
Last updated