Onchain Trade smart contract centralization risk, is token transaction still safe?

This security analysis report mainly focuses on the potential loopholes and centralization risks of the Onchain Trade project in terms of token pledge, rewards and transactions, as well as potential threats to the stability and security of the platform.

Contract centralization risk

Onchain Trade's smart contract covers multiple functions related to token staking, rewards, and platform management. The following are the results of our centralized report analysis, including some core functions of the contract:

1. addRevenueToken(): This function is responsible for adding the new token as a revenue token and then adding the token details to the 'RevenueInfo' map and 'revenueInfoList'.
2. addRevenue(): This function allows the contract owner to add revenue tokens and their amount, and update the 'boost point', while also ensuring that staked tokens and reward balances are kept up to date.
3. updateScore(): This function is used to update the user's score, which is calculated based on the number of rewards the user gets per unit of time.
4. addToken(): This function allows the contract owner to add new tokens to the mining token pool, the details of the token, including rewards per second and start time, will be added to the 'PoolInfo'.
5. setPoolInfo(): This function allows the contract owner to set and update pool information for a specific LP token, including rewards per second and end time.
6. addMintPool(), updateMintPool(): These functions allow contract owners to add new mint pools or update existing mint pools, including details such as reward tokens, rewards per second, start time, and end time.
7. setUpdater(), setFastPriceEvents(), setPriceDuration(), setMinBlockInterval(), setMaxTimeDeviation(), setLastUpdatedAt(), setMaxDeviationBasisPoints(), setTokens(), setPrice(), setPrices(), setCompactedPrices(): These functions allow contract The owner sets various parameters related to price events, timing, tokens and token prices.
8. setOracle(), setRouter(): These functions enable the contract owner to specify Oracle and Router addresses.
9. setMinFee(), setRouter(): These functions allow the contract owner to set the minimum execution fee and specify the system router.
10. listPair(), setMaxTotalSize(), setPairStatus(), setTradingFeeRate(), setMaxLeverage(), setMarginRatio(): These functions allow the contract owner to manage token pairing, maximum size, pairing status, transaction fee rate, maximum leverage and Margin ratio.
11. setPriceFeed(), setFutureUtil(), setProtocolFeeTo(): These functions enable the contract owner to set the price source address, instrument address, and protocol fee receiver address.
12. realizePairProtocoFee(), decreaseInsuranceFund(): These functions enable the contract owner or protocol fee receiver to realize the pairing protocol fee and decrease the insurance fund.

in conclusion

Onchain Trade's contract covers multiple functions related to token staking and reward platform management, obviously, the contract owner has extensive control over platform parameters, token pool, reward rate, price source, etc. We have conducted a security assessment of the contract code and analyzed potential vulnerabilities and risks that may affect the security and functionality of the platform. It is suggested that the project party should take measures as soon as possible to balance these problems in order to improve the quality and stability of the contract.