✨ New!✨  C4 Cosmos leagueRead more »

Contest ran 7 January 202213 January 2022

6 day contest

InsureDAO contest

Anyone can create an insurance pool like Uniswap.

$53,000 USDC (plus $27,000 in tokens)

Total Awards

InsureDAO contest details

Contest Scope

Representatives from InsureDAO will be available in the Code Arena Discord to answer any questions during the contest period. The focus for the contest is to try and find any logic errors or ways to drain funds from the protocol in a way that is advantageous for an attacker at the expense of users with funds invested in the protocol. Wardens should assume that governance variables are set sensibly (unless they can find a way to change the value of a governance variable, and not counting social engineering approaches for this).

Contract Overview

Contract Name Overview Line of Code
PoolTemplate.sol Insurance Market for arbitrary protocol.
aka.Single Pool
IndexTemplate.sol Aggragate multiple Single pools, and leverage the funds.
aka.Index Pool
CDSTemplate.sol Reserve pool in case index's leverage was too much and not able to payout for insurance
aka.CDS Pool
Factory.sol Contract factory for Templates above 170
Vault.sol All assets are stored here. 306
Parameters.sol This manages parameters for pools 266
Registry.sol Record pools address 82
InsureDAOERC20.sol LP token of the Templates 168
Ownership.sol Ownership management 44
BondingPremium.sol Insurance Premium calculator 164

Areas of concern for Wardens

Please focus more on the relationship between Single Pool, Index, and Vault, because there is complex calculation related to leverage. Also, we put more value for gas optimization of this area.

System Overview

InsureDAO is an open insurance protocol where users can create, buy, and sell insurance of any defi protocols. Insurance buyers pay a premium to an insurance market to get insured by potential incidents, while sellers are able to earn a premium by underwrite their funds.

Market Overview


There are three documentations with different level of details.

  1. Landing Page: good to understand what InsureDAO is.
  2. General Document: InsureDAO functions
  3. Dev Document: code specification

Feel free to ask any question on the Code4rena InsureDAO channel!

Prior Audit Reports



then, create .key and .infuraKey files.

In .key file, input your private key of your address for test In .infuraKey, input your infura API key

npx hardhat test
npx hardhat coverage