Adaora Anders
4 min readFeb 13, 2022


How Safe Is The rDEX?

Recently, Staking Finance (StaFi) submitted a proposal for the creation of the rDEX. This got the needed vote count, resulting in the kick-off of the development process. The rToken decentralized exchange (rDEX) is currently live on the testnet as last-minute alterations are made. The question on the mind of most users is: how safe is the rDEX?

The Need for rDEX

In the past, StaFi relied on decentralized exchanges across liberated POS chains for the trading of rTokens. While this provided temporary succor to rToken holders — they had access to liquidity whenever they needed it — the approach wasn’t perfect.

You can’t trade different rTokens on any one of the supported DEXs. This created problems for those holding several of these synthetic staking derivatives. rToken holders are made to struggle with paying fees across the different DEX and the inconvenience of switching between chains. There’s also the inability to trade rTokens for FIS, the native token of the StaFi chain. Liquidity provision for rToken trading turned out to be a nightmare as well, putting the entire purpose of the protocol in jeopardy.

The highlighted challenges necessitated the creation of the rDEX. And StaFi is making that happen right away.

Safety Status Of The rDEX

Development of the rToken decentralized exchange is nearing completion; rDEX is currently live on testnet. Users and the general public can participate in the bug bounty opportunity to unearth possible bugs that can affect the performance of the DEX.

StaFi has always prioritized the safety of the investor’s funds, and it shows in how they have recruited Peckshield, a reputable blockchain security outfit to audit the codes of its rDEX. Unsurprisingly, certain vulnerabilities were discovered.

What Peckshield Discovered

The blockchain security outfit, Peckshield uncovered certain vulnerabilities: one high risk, one medium risk, and one low risk. There were no critical risk errors discovered, which is a good thing.

One of the bugs discovered — the high-risk flaw — can lead to the loss of funds for users of the DEX. If uncovered, it can affect both the protocol and the DEX negatively. No user looks forward to using a product that will result in loss of funds. Thankfully, the vulnerability was discovered before the mainnet launch.

With the code errors in rDEX exposed, the StaFi rDEX team has proceeded to make the necessary changes to avoid any loss of funds for the user.

The Bug Bounty

Besides the input of established outfits like Peckshield, the StaFi team has made provision for anyone in the community and beyond that’s familiar with reading codes to hunt for bugs in its rDEX. If you succeed in finding flaws in the rDEX codes, you’d get rewarded, depending on the nature of the bug uncovered. The reward (which is in FIS tokens) vary from as little as $10 to as high as $25,000.

Peckshield recommended a bug bounty campaign to reinforce the need for fresh pairs of eyes to assess the codes. Lots of users have taken advantage of this opportunity to scrutinize the rDEX codes, ensuring the decentralized exchange is ready for use once it goes live on the mainnet.

How Safe Is The rDEX?

Peckshield’s audit of the decentralized exchange’s codes suggested a few bugs were detrimental to the functioning of the DEX, which the StaFi rDEX team confirmed and have rectified. We expect the exchange to be safe for use once it’s launched. Due to the errors uncovered, the mainnet launch might not happen immediately. This should encourage more persons to go through the exchange’s DEX, increasing the number of independent auditors scanning the smart contracts.

Right now, the rDEX isn’t available for use. Peckshield’s audit has thrown spanners into the quick launch of the exchange, but it’s definitely for the good of the protocol as bugs are likely to be found out as more people get to participate in the bug bounty.

StaFi is one protocol that has remained impregnable to attacks despite the sensitive nature of the service rendered — a staking contract for multiple POS chains is bound to be the subject of interest by nefarious persons. We can expect a secure rDEX despite the findings of the Peckshield audit. The StaFi team understands the importance of security in the scheme of things, and they are not downplaying it — the hiring of Peckshield for the audit is sufficient proof.


The rDEX should be one of the safest decentralized exchanges to use if StaFi’s reputation is anything to go by. Everyone is familiar with the protocol’s achievement in the liquid staking solution space, and this is despite the wild nature of the DeFi ecosystem. The audit report by Peckshield on the rDEX is only a small hiccup that has apparently been taken care of.

In a nutshell, funds are SAFU on the rDEX. Users can anticipate a secure trading environment that’s easy to use.

You can learn more about StaFi Protocol by visiting the websites below:



Telegram Chat:

Telegram Announcements: