Mate has successfully passed external cybersecurity audit by Hacken

As a responsible and reliable project, Mate considers cybersecurity as a top priority property which it has to provide to its customers.

To make sure that assets of MateDEX users are strongly secured, the company has initiated a conduction of an independent external audit process. After thorough research, we decided to contract Hacken — a leading cybersecurity consulting company with an essential focus on blockchain security.

Under this audit the following contracts were reviewed and tested:

  • core/FeeManager.sol
  • core/MateCore.sol
  • core/MateMaker.sol
  • core/UniswapHandler.sol
  • core/StakingPool.sol
  • core/

Audit results by Solidity Finance can be found here:

Auditing Process

Hacken has conducted a Smart Contract Code Review and Security Analysis. They have scanned these smart contracts for commonly known and more specific vulnerabilities. Here are some of the commonly known vulnerabilities that were considered:

Code review.

  • Reentrancy
  • Ownership Takeover
  • Timestamp Dependence
  • Gas Limit and Loops
  • DoS with (Unexpected) Throw
  • DoS with Block Gas Limit
  • Transaction-Ordering Dependence
  • Style guide violation
  • Costly Loop
  • ERC20 API violation
  • Unchecked external call
  • Unchecked math
  • Unsafe type inference
  • Implicit visibility level
  • Deployment Consistency
  • Repository Consistency
  • Data Consistency

Functional review.

  • Business Logics Review
  • Functionality Checks
  • Access Control & Authorization
  • Escrow manipulation
  • Token Supply manipulation
  • Assets integrity
  • User Balances manipulation
  • Data Consistency manipulation
  • Kill-Switch Mechanism
  • Operation Trails & Event Generation

Executive Summary

The Hacken team performed an analysis of code functionality, manual audit, and automated checks with Mythril and Slither. All issues found during automated analysis were manually reviewed. As a result of the audit, security engineers found only 1 medium and 2 low severity issues. According to the assessment, Mate’s smart contracts are secured.

Audit overview


No critical issues were found.


No high severity issues were found.


Tests could not be run.

Recommendation: make sure all tests could be executed and there is a script or description of how to run them. Also, to ensure coverage of at least 95% of code branches of all tests.


  • Block timestamp

Dangerous usage of block.timestamp. block.timestamp can be manipulated by miners. Some contracts are fully related on the block.timestamp

Contracts: UniswapHandler.sol, OrderBook.sol, MateCore.sol

Recommendation: to consider relying on the block.number instead

  • A public function that could be declared external

public functions that are never called by the contract should be declared external to save gas.

Contracts: StakingPool.sol, OrderBook.sol

Functions: enter, leave, getOrder

Recommendation: to use the external attribute for functions never called from the contract.


Smart contracts within the scope were manually reviewed and analyzed with static analysis tools. As a result of the audit, security engineers found 1 medium and 2 low severity issues.

About Hacken:

Hacken is a leading cybersecurity consulting company with an essential focus on blockchain security. Hacken Cybersecurity Services is a part of Hacken Group, including, HackenAI, and HackenProof. From June 2020, is the unique cybersecurity data provider for CoinGecko Trust Score.

If you are interested to see their previous work, you can check out their audit portfolio or social channels:

About Mate:

MATE is a DEX that enables traders to maximize their trade returns through limit orders that guarantee trade execution without risking their assets via unpredictable slippage.




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store