Meso Finance
Search…
Farm Security Measures
Verify with our deployed contracts

Security Measures taken in the fMESO token contract:

  • Only the masterchef can mint succeeding tokens aside from the pre-minted ones for initial liquidity:
1
// @dev Throws if called by any account other than the Masterchef.
2
modifier onlyMasterchef() {
3
require(msg.sender == masterchef, "Caller is not the Masterchef");
4
_;
5
}
6
7
/// @notice Creates `_amount` token to `_to`. Must only be called by the owner (MasterChef).
8
function mint(address _to, uint256 _amount) public onlyMasterchef {
9
_mint(_to, _amount);
10
}
Copied!

Security Measures taken in the Masterchef contract:

  • fMeso address is made immutable:
1
// The fMESO TOKEN!
2
fMeso public immutable token;
Copied!
  • Deposit fees are capped to 4%:
1
function add(uint256 _allocPoint, IERC20 _lpToken, uint16 _depositFeeBP, bool _withUpdate) external onlyOwner nonDuplicated(_lpToken) {
2
// valid ERC20 token
3
_lpToken.balanceOf(address(this));
4
5
require(_depositFeeBP <= 400, "add: invalid deposit fee basis points");
6
7
8
function set(uint256 _pid, uint256 _allocPoint, uint16 _depositFeeBP, bool _withUpdate) external onlyOwner {
9
require(_depositFeeBP <= 400, "set: invalid deposit fee basis points");
Copied!
  • Pools account for deflationary tokens:
1
// Deposit LP tokens to MasterChef for fMESO allocation.
2
function deposit(uint256 _pid, uint256 _amount) external nonReentrant {
3
PoolInfo storage pool = poolInfo[_pid];
4
UserInfo storage user = userInfo[_pid][msg.sender];
5
updatePool(_pid);
6
if (user.amount > 0) {
7
uint256 pending = user.amount.mul(pool.accfMesoPerShare).div(1e18).sub(user.rewardDebt);
8
if (pending > 0) {
9
safeMesoTransfer(msg.sender, pending);
10
}
11
}
12
if (_amount > 0) {
13
uint256 balanceBefore = pool.lpToken.balanceOf(address(this));
14
pool.lpToken.safeTransferFrom(address(msg.sender), address(this), _amount);
15
_amount = pool.lpToken.balanceOf(address(this)) - balanceBefore;
Copied!