Security
Unaudited Software
DollarStore has not been audited. Use at your own risk. Do not deposit funds you cannot afford to lose.
Trust assumptions
What you trust
- The admin: Can add/remove supported stablecoins, pause the contract, and transfer admin role
- The smart contract code: Has not been formally verified or audited
- Underlying stablecoins: DollarStore assumes USDC/USDT maintain their peg
What you don't need to trust
- Price feeds: No oracles—1:1 is hardcoded
- Liquidity providers: No LPs, no impermanent loss
- Governance: No token, no voting, no time-delayed changes (except admin transfer)
Security measures
In the contract
- ReentrancyGuard: All state-changing functions protected
- SafeERC20: Safe token transfer handling
- Pausable: Admin can pause in emergencies
- Two-step admin transfer: Prevents accidental admin loss
- Checks-effects-interactions: State changes before external calls
Queue protections
- Max 150 positions: Bounded gas costs
- Minimum order scaling: Prevents dust spam
- FIFO ordering: No manipulation of queue order
Known limitations
Reserves can be depleted
If everyone wants the same stablecoin, reserves deplete and users queue. This is by design—the tradeoff is time, not price.
No partial fill protection for swapExactInput
The aggregator function either fully fills or reverts. No slippage protection is needed since rate is always 1:1, but reserves can deplete between quote and execution.
Queue position value can change
If you're in queue and the stablecoin depegs, your position is still denominated in that stablecoin. DollarStore doesn't handle depeg scenarios.
Bug bounty
No formal bug bounty program exists yet. If you find a vulnerability, please report responsibly to the team.
Recommended practices
- Start small: Test with small amounts first
- Verify addresses: Always verify contract addresses from official sources
- Monitor positions: Watch your queue positions for fills
- Understand the risks: This is experimental software