Putting your precious funds into a new yield farm can be very risky, but we can make it a bit safer by checking the MasterChef contract against that of previous, proven farms to check for malicious or otherwise dangerous code.
Can’t read Solidity? That’s OK: usually there is very little difference between the farms and in many cases a quick diffcheck can clear the new MasterChef as not containing obviously malicious code.
Step 1: Locate the MasterChef and copy it into DiffCheck.
Most farms list the address of their MasterChef in the docs page linked from their site.
We’ll use GarudaSwap as an example in the following steps.
Make sure it is verified on bscscan.com (don’t take it from GitHub as it may not match the deployed contract) and copy it from there.
Paste the new ‘chef into one of the columns on Diffchecker. Look at the bottom part of the ‘chef code to identify which parent code the new ‘chef is forked from.
Step 2: Find the MasterChef it has been forked from.
The endings of the commonly forked Masterchef’s can be found in our Trello.
If it is none of these you have a custom code - try bringing it to the attention of the admins in RugSteemer Telegram.
Step 3: Copy the forked MasterChef from our Trello into DiffCheck
You can find the repository of commonly forked MasterChefs in our Trello.
There’s additional info on the back of the card.
As before, grab the verified contract from BscScan.
In the empty DiffCheck column, copy and paste the parent fork MasterChef contract code.
And hit the “Find Difference” button.
Step 4: Compare the two for differences
Compare your codes. Where you see differences pay attention and figure out what those differences do.
Step 5: Where differences are found, check against our list of known malicious code
See the list “Exploits and Rug Codes” in our Trello.
Well done for reading to the end! Now you know how to (pretty quickly) evaluate a MasterChef for safety, even with little to no knowledge of the Solidity programming language.
Please stay #SAFU and #DYOR. Follow us on Twitter for regular updates of checked farms and other helpful yield-farming safety content and join us on Telegram to get more involved — if you can check farms we want to hear from you!
