Add Gearbox

[apeir99n]

Entry type

• New addition

App info

URL: https://app.gearbox.fi/

Manifest.json URL: https://app.gearbox.fi/manifest.json

Name: Gearbox

Description: Lending reimagined ✨ Building a permissionless credit layer for everyone to enjoy. Access 10x credit across DeFi or earn passive yields

Icon (PNG, 180x180):

It's minified via https://tinypng.com: yes

Homepage:
Twitter: https://x.com/GearboxProtocol
GitHub: https://github.com/Gearbox-protocol
Discord: https://discord.com/invite/gearbox

App supports batching multiple transactions via Safe: yes

Supported networks

- Mainnet
- Optimism
- Arbitrum

Revision checks

• Used smart contracts were audited.
• You have implemented the app using the Safe Apps SDK
• Your Safe App includes a manifest.json file at the root with the required data
• The app can be loaded as a custom Safe App in the Apps section of https://app.safe.global.
• The app auto-connects to the Safe as a wallet
• It doesn't try to connect to the browser wallet (e.g. MetaMask)
• You are able to trigger and execute one transaction with a Safe.
• RPC requests are optimized (not triggering many requests in a very short time period).

Audit document

https://github.com/Gearbox-protocol/security/tree/main/audits

Code for review

https://github.com/Gearbox-protocol/core-v3
https://github.com/Gearbox-protocol/periphery-v3
https://github.com/Gearbox-protocol/integrations-v3

Team information

Company:
Gearbox DAO

Official website:
https://gearbox.fi/

Point of contact:
apeir99n

Email/Telegram:
[email protected] / apeir99n

[kirkkonen]

The submission was checked and approved by the product team.

[PooyaRaki]

@apeir99n Could you please share the link to your frontend repository? We need to review the contracts and the application before handing it over to the QA team.
Note: If the repository is private, kindly grant me access so I can review the code.

[PooyaRaki]

@apeir99n I’m closing this issue for now due to inactivity. Please feel free to reopen it with any updates.

[apeir99n]

sent you invite to repo.

Don't see re-open button @PooyaRaki @kirkkonen - could you help with it pls

[PooyaRaki]

Hi @apeir99n ,
I have reviewed your contracts and the app and identified the following issue:

1. In this document, issue number 5.2 is only acknowledged. I see it more as a security improvement, but I would like to understand your plan for addressing it. Could you share your approach to resolving this issue?

The frontend repo:

1. There are no unit tests, and you’ve used some potentially risky commands like ts-ignore. Do you have any plans to add unit tests?

Thanks

[apeir99n]

re frontend issue:
I saw only 1 usage of ts-ignore in this repo and it is used to implement custom component in MUI (like it is mentioned here).
All key logic / calculations / integration math are in sdk https://github.com/Gearbox-protocol/sdk and it is tested there (check this as an example). We also plan to cover this repo with integration tests, but will be able to do it only after migrating to a new sdk version (which are currently in progress).

re YT & duration issue:
We attempt to follow the interface of the original contracts in our adapters - that’s why the deadline is present in UniswapV2/V3 adapters, but not in others.
Gearbox generally does not use deadlines, but we have slippage protection that the user can set for a sequence of swaps.

@PooyaRaki please let me know if you have any more quesitons

[PooyaRaki]

@apeir99n Thanks for you answer. I'm happy to send it to Q.A for review.

[francovenica]

The app worked fine.
I didn't fine compatibility issues with the safe, with the networks is currently working on or the response to tx being signed/executed.

The app is good to be listed

[PooyaRaki]

@apeir99n The app has been listed. Thanks for your submission.

[apeir99n]

Thank you!