Need an audit or want to learn more about Macro’s services?
Reach out for an audit or to learn more about Macro
Security Audit
October 29, 2025
Version 1.0.0
Presented by 0xMacro
This document includes the results of the security audit for Pool Fans's smart contract code as found in the section titled ‘Source Code’. The security audit was performed by the Macro security team from October 15, 2025 to October 21, 2025.
The purpose of this audit is to review the source code of certain Pool Fans Solidity contracts, and provide feedback on the design, architecture, and quality of the source code with an emphasis on validating the correctness and security of the software in its entirety.
Disclaimer: While Macro’s review is comprehensive and has surfaced some changes that should be made to the source code, this audit should not solely be relied upon for security, as no single audit is guaranteed to catch all possible bugs.
The following is an aggregation of issues found by the Macro Audit team:
| Severity | Count | Acknowledged | Won't Do | Addressed |
|---|---|---|---|---|
| High | 1 | - | - | 1 |
| Medium | 2 | - | - | 2 |
| Low | 2 | - | - | 2 |
| Code Quality | 4 | - | - | 4 |
| Informational | 1 | - | - | - |
Pool Fans was quick to respond to these issues.
Our understanding of the specification was based on the following sources:
The following source code was reviewed during the audit:
23696f1e40beedee6f678cb1b456e37ffd6e68bc
9bd282f98c2c2c330670e487e0e7121947b565b0
Specifically, we audited the following contracts within the repository with focus on the following changes:
| Source Code | SHA256 |
|---|---|
| contracts/access/AccessControlled.sol |
|
| contracts/interfaces/IClankerTokenizerV3_1_0.sol |
|
| contracts/interfaces/tokenizers/IClankerTokenizerV3_1_0.sol |
|
| contracts/revenue/registry/RevenueShareRegistry.sol |
|
| contracts/revenue/tokenizers/BaseTokenizer.sol |
|
| contracts/revenue/tokenizers/v3.1.0/ClankerTokenizerV3_1_0.sol |
|
| contracts/revenue/tokenizers/v4/ClankerV4Tokenizer.sol |
|
| contracts/revenue/vaults/BaseRevenueShareVault.sol |
|
| contracts/revenue/vaults/v3.1.0/RevenueSharesVaultV3_1_0.sol |
|
| contracts/revenue/vaults/v4/RevenueSharesVaultV4..sol |
|
Note: This document contains an audit solely of the Solidity contracts listed above. Specifically, the audit pertains only to the contracts themselves, and does not pertain to any other programs or scripts, including deployment scripts.
Click on an issue to jump to it, or scroll down to see them all.
DEFAULT_ADMIN_ROLE named constant
We quantify issues in three parts:
This third part – the severity level – is a summary of how much consideration the client should give to fixing the issue. We assign severity according to the table of guidelines below:
| Severity | Description |
|---|---|
|
(C-x) Critical |
We recommend the client must fix the issue, no matter what, because not fixing would mean significant funds/assets WILL be lost. |
|
(H-x) High |
We recommend the client must address the issue, no matter what, because not fixing would be very bad, or some funds/assets will be lost, or the code’s behavior is against the provided spec. |
|
(M-x) Medium |
We recommend the client to seriously consider fixing the issue, as the implications of not fixing the issue are severe enough to impact the project significantly, albiet not in an existential manner. |
|
(L-x) Low |
The risk is small, unlikely, or may not relevant to the project in a meaningful way. Whether or not the project wants to develop a fix is up to the goals and needs of the project. |
|
(Q-x) Code Quality |
The issue identified does not pose any obvious risk, but fixing could improve overall code quality, on-chain composability, developer ergonomics, or even certain aspects of protocol design. |
|
(I-x) Informational |
Warnings and things to keep in mind when operating the protocol. No immediate action required. |
|
(G-x) Gas Optimizations |
The presented optimization suggestion would save an amount of gas significant enough, in our opinion, to be worth the development cost of implementing it. |
In the BaseRevenueShareVault, revenue accounting is implemented across several internal functions which includes distributeRevenue(), executeClaim(), updateRewards() and calculateUnclaimedRewards().
The accrued revenue that needs to be distributed and that has accumulated after previous execution, is tracked with the help of two variables, currentBalance and baselineBalance for the token. baselineBalance is immediately updated to the currentBalance value after calculating and updating incremental revenue per share.
// In the _distributeRevenue()
uint256 currentBalance = IERC20(token).balanceOf(address(this));
uint256 delta = currentBalance - baselineBalance[token];
if (delta > 0) {
cumulativeRewardPerShare[token] += (delta * SCALE) / supply;
baselineBalance[token] = currentBalance;
emit RevenueDistributed(token, delta);
}
In order to correctly track new revenue, baselineBalance also needs to be continuously updated whenever token balance is claimed by users and tokens are transferred out of the vault. This is done in executeClaim() function.
address token = rewardTokens[i];
uint256 reward = unclaimedRewards[user][token];
if (reward > 0) {
unclaimedRewards[user][token] = 0;
IERC20(token).safeTransfer(user, reward);
baselineBalance[token] -= reward;
emit RewardsClaimed(user, token, reward);
}
However, in an edge case when user address is the address of the vault itself, system invariants are broken. In this case when vault has shares (obtained by accident or transferred to the vault by malicious attacker) and claim is made for the vault, baselineBalance of the token is reduced even though current balance does not change. Malicious attacker may manipulate reward distribution by calling distributeRevenue() in the loop (together with the executeClaim(vault)) in order to inflate cumulativeRewardPerShare[token] value. This would allow him to claim reward assets from all users of the vault.
Remediations to consider
executeClaim() or in child claimRewards() , orbaselineBalance[token] by actual sent only.In the ClankerV4Tokenizer, admin can update fee preference after calling the initTokenization() and before finalizeTokenization(). Admin can achieve this by calling updateFeePreference() on the ClankerLpLockerFeeConversion contract.
In the finalizeTokenization() implementation, pending vault associated with the now stale fee preference will be used even though it is incorrect. Reward admin’s shares will be minted in a different vault than the expected according to the last fee preference.
Remediations to consider
finalizeTokenization() invocation, orIn the ClankerTokenizerV3_1_0 and ClankerV4Tokenizer , tokenization process is three step process. First step deploys or retrieves address of the appropriate vault in which future shares would be minted. Second step (done out of channel) requires from the admin of the rewards, to call corresponding Clanker contract to delegate permission to the new vault. Third and final step is for the reward recipient to invoke tokenization finalization on Tokenizer contract.
However, this three step tokenization process for both 3.1 and 4.0 versions of tokenizer, comes with significant risk. The risk is that process may lead to permanently incomplete state in case the finalization cannot be successfully processed, after admin has already transferred his permission to the new vault. For example, this may happen in case reward receiver is a contract which does not have functionality and therefore cannot call finalizeTokenization().
Remediations to consider
In the ClankerV4Tokenizer contract, getAdminShareBps() is implemented in the following way returning rewardBps of the first entry where admin address matches in the array of rewardAdmins.
function getAdminShareBps(
address clanker,
address admin
) external view returns (uint256) {
IClankerLpLockerFeeConversion.TokenRewardInfo
memory tokenRewardInfo = _getTokenRewardsData(clanker);
uint256 len = tokenRewardInfo.rewardAdmins.length;
for (uint256 i = 0; i < len; i++) {
if (tokenRewardInfo.rewardAdmins[i] == admin) {
return tokenRewardInfo.rewardBps[i];
}
}
return 0;
}
However, duplicate entries are possible in rewardAdmins array. As a result, output of the function will not be correct in cases when specific admin is present multiple times in the rewardAdmins array.
Remediations to consider:
In the BaseRevenueShareVault, distributeRevenue() function is implemented in a way which may lead to contract becoming corrupted if deflation/rebase or external balance decrease can happen for the registered token.
function _distributeRevenue() internal virtual {
uint256 supply = totalSupply();
// Skip distribution if no shares minted yet (prevents division by zero)
// Note: Prevents dos attack since vault address uses create2 pattern, that allows to send tokens before tokenize
if (supply == 0) {
return;
}
uint256 len = rewardTokens.length;
for (uint256 i = 0; i < len; i++) {
address token = rewardTokens[i];
uint256 currentBalance = IERC20(token).balanceOf(address(this));
uint256 delta = currentBalance - baselineBalance[token];
if (delta > 0) {
cumulativeRewardPerShare[token] += (delta * SCALE) / supply;
baselineBalance[token] = currentBalance;
emit RevenueDistributed(token, delta);
}
}
}
If a reward token is deflationary, rebases downward, or otherwise reduces the vault’s balanceOf without the vault explicitly updating baselineBalance[token] first, currentBalance - baselineBalance[token] underflows and reverts. This breaks distribution/updates and can permanently block future accrual/transfers.
Remediations to consider
currentBalance <= baseline, set baseline = currentBalance and continue without reward distribution. This gracefully handles deflation/rebase and maintains accounting invariants.DEFAULT_ADMIN_ROLE named constant
Both BaseRevenueShareVault and BaseTokenizer contracts implement onlyAdmin modifer which refers to admin role by using hardcoded constant value of 0.
modifier onlyAdmin() {
if (!AccessControl(address(registry)).hasRole(bytes32(0), msg.sender))
revert OnlyAdmin();
_;
}
Since AccessControl is already imported in both contracts, consider using DEFAULT_ADMIN_ROLE constant instead of literal value 0.
// In BaseTokenizer.sol
/// @notice Contract owner
address public immutable owner;
...
constructor(address _registry, address _lpLocker) {
registry = IRevenueShareRegistry(_registry);
lpLocker = _lpLocker;
owner = msg.sender;
}
Consider removing owner variable definition and its initialization unless it is necessary.
ClankerTokenizerV3_1_0 and ClankerV4Tokenizer but never used:ClankerTokenizerV3_1_0 but never used:ClankerV4Tokenizer but never used:RevenueSharesVaultV3_1_0 but never used:As a part of 2 step tokenization process, users are required to transfer admin rights to specific address of the corresponding RevenueSharesVaultV3_1_0 or RevenueSharesVaultV4 instance.
However, if in this process mistake is made there is no mechanism in the current implementation to recover admin rights.
Consider, implementing feature similar to the currently present rescueFunds() for recovering incorrectly assigned revenue admin while preventing revenue admin transfers for operational vaults where tokenization has been previously completed.
Tokens that have not common mechanics are not supported.
Macro makes no warranties, either express, implied, statutory, or otherwise, with respect to the services or deliverables provided in this report, and Macro specifically disclaims all implied warranties of merchantability, fitness for a particular purpose, noninfringement and those arising from a course of dealing, usage or trade with respect thereto, and all such warranties are hereby excluded to the fullest extent permitted by law.
Macro will not be liable for any lost profits, business, contracts, revenue, goodwill, production, anticipated savings, loss of data, or costs of procurement of substitute goods or services or for any claim or demand by any other party. In no event will Macro be liable for consequential, incidental, special, indirect, or exemplary damages arising out of this agreement or any work statement, however caused and (to the fullest extent permitted by law) under any theory of liability (including negligence), even if Macro has been advised of the possibility of such damages.
The scope of this report and review is limited to a review of only the code presented by the Pool Fans team and only the source code Macro notes as being within the scope of Macro’s review within this report. This report does not include an audit of the deployment scripts used to deploy the Solidity contracts in the repository corresponding to this audit. Specifically, for the avoidance of doubt, this report does not constitute investment advice, is not intended to be relied upon as investment advice, is not an endorsement of this project or team, and it is not a guarantee as to the absolute security of the project. In this report you may through hypertext or other computer links, gain access to websites operated by persons other than Macro. Such hyperlinks are provided for your reference and convenience only, and are the exclusive responsibility of such websites’ owners. You agree that Macro is not responsible for the content or operation of such websites, and that Macro shall have no liability to your or any other person or entity for the use of third party websites. Macro assumes no responsibility for the use of third party software and shall have no liability whatsoever to any person or entity for the accuracy or completeness of any outcome generated by such software.