Ostium Labs
February 22, 2024
Ostium
Findings Impact LevelCount
Critical
2
High
3
Medium
6
Low
6
Informational
2
CriticalHighMediumLowInformational
Prepared by
Nipun GuptaEngineer[email protected]
Kuilin LiEngineer[email protected]
About

Ostium is a perpetual DEX to trade long and short leverage synthetic versions of crypto and real-world assets. The only collateral supported at genesis, both for traders and liquidity providers, is Arbitrum-native USDC. Liquidity is sourced from a single-sided staking pool while a funding-rate system aims to mitigate imbalance between long and short traders for each pair. Prices are fetched from Chainlink’s DON or our own price service, depending on the asset in question. Chainlink Automation and Gelato Functions (for Chainlink and Ostium prices, respectively) monitor prices off chain to trigger automated orders (liquidations, stop losses, take profits, limit and stop orders). The entirety of the logic of the trading engine lives on chain and is entirely programmatic.

Executive Summary

Zellic conducted a security assessment for Ostium Labs from January 16th to February 15th, 2024. During this engagement, Zellic reviewed Ostium's code for security vulnerabilities, design issues, and general weaknesses in security posture.

Zellic © 2024Back to top ↑