Around 3 to 4 months ago, I encountered a Bitcoin price prediction platform called Prebit.io. This platform was being promoted by several Persian content creators, including Bitbod (@bitbod_int on Instagram), Bitsol, and Validity. At the time, I was occupied with other projects, so I only reviewed the project’s website and documentation. Unfortunately, I didn’t find any mention of a GitHub repository, which led me to abandon further exploration of Prebit.io.
Later, as part of a security course I was enrolled in, I decided to conduct a review of the smart contracts deployed by Prebit.io on the Binance Smart Chain. This involved deploying their contracts on a local chain using Foundry and identifying issues within this protocol. Here is the protocol review and the issues I discovered.
I should note that This article focuses exclusively on the hourly price prediction feature offered by Prebit.io, leaving the up or down price movement prediction for another discussion.
The protocol employs several key terms:
Prebit: This term refers to the betting rounds, which occur approximately every hour.
Precard: A prediction ticket that users can purchase for a specific price (currently $2).
Pot: The total amount of assets available for winnings.
Treasury Wallets: These are addresses that receive a fixed income each time a ticket is purchased.
Additionally, there are several lesser-known terms used to define various types of jackpots and winnings, including BitBank, BitBox, Rows, and others.
Also to provide a comprehensive overview of the protocol's functionality, it's essential to first define the roles within the protocol. There are five primary roles:
Owner: The Owner possesses exclusive access to all contract functions, leveraging the MainPrebit::onlyOwner modifier to maintain complete control over the contract's operations.
Operator: The Operator oversees the prediction rounds (MainPrebit::onlyOperator), with the authority to terminate ongoing rounds (MainPrebit::executeDrawFinalPrice) and initiate new ones (MainPrebit::startNextPrebit).
User: A User, also known as a buyer, acquires prediction tickets, commonly referred to as Precards, to engage in the prediction market.
Parent: The Parent is the individual who introduced the User to the protocol, playing a pivotal role in the referral system, which may offer incentives or benefits.
tParent: The tParent is the parent of the parent of the user, further extending the referral system's depth.
Upon reviewing the protocol, I discovered that the income generated from the purchase of Precards is distributed among various wallets, as outlined in Table 1:
It's important to note that this distribution information was not included in the documentation or promotional materials provided by the protocol.
Using a Python script and reviewing several versions of the deployed contracts on the Binance Smart Chain, I estimated the total earnings of the protocol. The script used for this analysis can be found in my GitHub repository for this project. Here is the link to the script: cashflow.py
The security review of the Prebit.io smart contracts, particularly the MainPrebit
smart contract, has identified critical vulnerabilities that pose significant risks to the protocol and its users. These vulnerabilities include the potential for a rug pull via the migrateToNewVersion
function, the reliance on manual BTC price input, and issues related to manual contract deployment and Prebit management. The findings underscore the importance of thorough security audits, the implementation of robust safeguards, and the adoption of automated systems to mitigate risks associated with smart contracts. Addressing these vulnerabilities is crucial for enhancing the security posture of Prebit.io, building trust with its users, and ensuring the long-term sustainability and success of its platform. Table 3 outlines the severity of the issues found during the review.
MainPrebit::migrateToNewVersion
FunctionThe migrateToNewVersion
function within the MainPrebit
smart contract could be exploited to execute a rug pull. This function, if not properly secured or audited, allows the contract owner to withdraw funds from the contract without returning them to the users. The potential for a rug pull through this function poses a significant risk to the protocol and its users, leading to a loss of trust in the platform. This could also have legal and financial implications for the project, as well as reputational damage. The recommended mitigation strategy involves conducting a thorough audit of the function and implementing safeguards to prevent unauthorized access or manipulation.
In the GitHub repository, you can find a test script that demonstrates how a rug pull can be executed through this method. This script serves as a clear example of the vulnerability and the potential risks involved. Here is the link to the test script: MainPrebitTest.t.sol
For more detailed information on this issue, you can read the report file available in the GitHub repository. This document provides comprehensive data and analysis related to the vulnerability.
The MainPrebit::executeDrawFinalPrice
function relies on manual input for the BTC price, which poses a risk of severe malfunction if the price is not entered correctly. This manual input method introduces several risks and challenges, including the potential for inaccuracies in the prediction rounds, increased potential for human error, and limitations in the protocol's ability to adapt to real-time market conditions. The recommended mitigation strategy involves implementing a price oracle, such as Chainlink Price Feeds, to ensure that the BTC price is accurately and reliably fetched from a trusted source.
The MainPrebit SmartContracts are deployed manually without the use of a deployer contract. This approach may inadvertently lead to a centralized protocol, as it does not provide a standardized or automated method for deploying new contract versions or instances. The manual deployment process introduces several risks and challenges, including potential for human error, deployment issues, and security risks. The recommended mitigation strategy involves implementing a deployer contract that automates the deployment process, ensuring consistency and reducing the risk of human error.
The process of ending the current prebits and starting the next prebit is manually managed by the operator address. This manual approach lacks automation and efficiency, potentially leading to delays or errors in the prediction rounds. The manual management of prebits can introduce several risks and challenges, including the potential for human error, delays in the prediction rounds, and limitations in the protocol's scalability and flexibility. The recommended mitigation strategy involves implementing automation protocols, such as Chainlink Automation, for managing prebits, and ensuring efficiency and reliability of the prediction rounds.
To address these vulnerabilities, the project should conduct a comprehensive audit of the MainPrebit::migrateToNewVersion
function and ensure that it is securely implemented. Additionally, the project should implement a price oracle for the MainPrebit::executeDrawFinalPrice
function to enhance the protocol's accuracy and reliability. Implementing a deployer contract for automating the deployment process and automation protocols for managing prebits will help to secure the protocol against potential exploits and ensure the integrity and reliability of the platform.
The findings underscore the importance of thorough security audits, the implementation of robust safeguards, and the adoption of automated systems to mitigate risks associated with smart contracts. By addressing these vulnerabilities, Prebit.io can enhance its security posture, build trust with its users, and ensure the long-term sustainability and success of its platform.
In the realm of decentralized finance, the potential for malicious activities, such as a rug pull, is a significant concern. While the integrity and intentions of the administrators of this particular protocol remain under scrutiny, it is crucial to approach such situations with a degree of skepticism. The possibility that these administrators might exploit the system for personal gain cannot be entirely ruled out, especially given the potential for such actions to undermine the trust and security of the platform.
The decision to engage with or invest in this protocol, therefore, should be made with a clear understanding of the risks involved. Until a comprehensive review and resolution of the identified vulnerabilities are confirmed, it is advisable to exercise caution. This includes refraining from participating in any transactions or activities that could potentially be affected by these vulnerabilities. By doing so, we can protect our assets and ensure the long-term health and sustainability of the platform.
In the spirit of transparency and responsible investment, it is essential to await further clarity and assurances from the protocol's administrators regarding the safety and security measures in place.