Switch branches/tags
Nothing to show
Find file History
Pull request Compare This branch is 43 commits ahead of Blue-Frontiers:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
code-review Tidy May 22, 2018
test
README.md

README.md

Blue Frontiers Varyon Contract Audit

Summary

Blue Frontiers intends to run a crowdsale in May or June 2018.

Bok Consulting Pty Ltd was commissioned to perform an private audit on the Ethereum smart contracts for Blue Frontiers's crowdsale.

This audit has been conducted on Blue Frontiers's source code in commits 2edcced, 66ef18e, d2e0b13, 2c03503 and eaa0ed1.

No potential vulnerabilities have been identified in the crowdsale/token contract.





Recommendations

  • MEDIUM IMPORTANCE Solc 0.4.23+commit.124ca40d.Darwin.appleclang has an internal error when compiling the smart contract code. This error disappears when the line require( TOKEN_PRESALE_CAP.mul(BONUS) / 100 == MAX_BONUS_TOKENS ); is commented out. Note that the same code works in Remix with Solidity 0.4.23. My suggestion is to define uint public constant MAX_BONUS_TOKENS = TOKEN_PRESALE_CAP * BONUS / 100; and skip the require(...) check. Add a comment next to the constant if you want the calculated number
  • MEDIUM IMPORTANCE buyOffline(...) can only be executed by the admin, and this calls buyOfflineWhitelist(...) which calls processTokenIssue(...). In processTokenIssue(...), the statement uint balance = balances[msg.sender].sub(balancesBonus[msg.sender]).sub(balancesMinted[msg.sender]); checks the balance of msg.sender which will be the admin account
  • MEDIUM IMPORTANCE VaryonToken.pMintTokens(...) has the statement balancesMinted[_account] = balances[_account].add(_tokens); which should be balancesMinted[_account] = balancesMinted[_account].add(_tokens);
  • LOW IMPORTANCE uint public BONUS = 15; can be made constant
  • LOW IMPORTANCE uint public constant MINIMUM_ETH_CONTRIBUTION = 1 ether / 100; // 0.01 ether can be specified as uint public constant MINIMUM_ETH_CONTRIBUTION = 0.01 ether;
  • LOW IMPORTANCE wallet.transfer(thisAddress.balance - totalEthPending); should use the sub(...) function
  • LOW IMPORTANCE Inconsistency between uint public constant MAX_LOCKING_PERIOD = 1827 days; // max 5 years and require(_term < atNow() + MAX_LOCKING_PERIOD, "the locking period cannot exceed 720 days");
  • VERY LOW IMPORTANCE // event Returned(address indexed _account, uint _tokens); can be removed
  • VERY LOW IMPORTANCE Your sub-indentation of the /* Keep track of tokens */ and /* Keep track of ether received */ blocks are not standard formatting


Potential Vulnerabilities

No potential vulnerabilities have been identified in the crowdsale/token contract.



Scope

This audit is into the technical aspects of the crowdsale contracts. The primary aim of this audit is to ensure that funds contributed to these contracts are not easily attacked or stolen by third parties. The secondary aim of this audit is to ensure the coded algorithms work as expected. This audit does not guarantee that that the code is bugfree, but intends to highlight any areas of weaknesses.



Limitations

This audit makes no statements or warranties about the viability of the Blue Frontier's business proposition, the individuals involved in this business or the regulatory regime for the business model.



Due Diligence

As always, potential participants in any crowdsale are encouraged to perform their due diligence on the business proposition before funding any crowdsales.

Potential participants are also encouraged to only send their funds to the official crowdsale Ethereum address, published on the crowdsale beneficiary's official communication channel.

Scammers have been publishing phishing address in the forums, twitter and other communication channels, and some go as far as duplicating crowdsale websites. Potential participants should NOT just click on any links received through these messages. Scammers have also hacked the crowdsale website to replace the crowdsale contract address with their scam address.

Potential participants should also confirm that the verified source code on EtherScan.io for the published crowdsale address matches the audited source code, and that the deployment parameters are correctly set, including the constant parameters.



Risks

Ethers (ETH) contributed to the crowdsale/token contract remain in the contract until the minimum threshold is reached, after which the ETH is transferred into the crowdsale wallet. This is to enable contributors to execute their refunds if the minimum threshold is not reached. During this period when ETH is accummulating in the crowdsale/token contract, the ETH will be a target for hacking.

The exit points for ETH from the crowdsale/token contract, in the reverse hierarchy of functions calls follow, along with a statement on the restrictions intended to prevent the unauthorised withdrawal of the ETH:

  • function buyTokensPending() private only sends funds for the return of excess ETH sent by contributors
    • function buyTokens() private
      • function () public payable
  • function buyTokensWhitelist() private only sends funds for the return of excess ETH sent by contributors
    • function buyTokens() private
      • function () public payable
  • function processWhitelisting(address _account) internal can only be executed by admins, and only sends funds for the return of excess ETH sent by contributors
    • function pWhitelist(address _account, uint _limit, uint _threshold, uint _term) private
      • function addToWhitelist(address _account) public onlyAdmin
      • function addToWhitelistParams(address _account, uint _limit, uint _threshold, uint _term) public onlyAdmin
      • function addToWhitelistMultiple(address[] _accounts) public onlyAdmin
      • function addToWhitelistParamsMultiple(address[] _accounts, uint[] _limits, uint[] _thresholds, uint[] _terms) public onlyAdmin
  • function sendEtherToWallet() private only sends funds to the crowdsale wallet
    • function buyTokensWhitelist() private
      • function buyTokens() private
        • function () public payable
    • function processWhitelisting(address _account) internal
      • function pWhitelist(address _account, uint _limit, uint _threshold, uint _term) private
        • function addToWhitelist(address _account) public onlyAdmin
        • function addToWhitelistParams(address _account, uint _limit, uint _threshold, uint _term) public onlyAdmin
        • function addToWhitelistMultiple(address[] _accounts) public onlyAdmin
        • function addToWhitelistParamsMultiple(address[] _accounts, uint[] _limits, uint[] _thresholds, uint[] _terms) public onlyAdmin
  • function pRevertPending(address _account) private can only return funds with a value recorded in ethPending[_account]
    • function processBlacklisting(address _account) internal
      • function pBlacklist(address _account) private called by
        • function addToBlacklist(address _account) public onlyAdmin
        • function addToBlacklistMultiple(address[] _accounts) public onlyAdmin
    • function cancelPending(address _account) public onlyAdmin
    • function cancelPendingMultiple(address[] _accounts) public onlyAdmin
    • function reclaimPending() public
  • function pReclaimEth(address _account) private can only returns funds with a value recorded in ethPending[_account].add(ethContributed[_account])
    • function reclaimEth() public
    • function reclaimEthAdmin(address _account) public onlyAdmin
    • function reclaimEthAdminMultiple(address[] _accounts) public onlyAdmin

The mathematical expressions within this crowdsale/token contract use the SafeMath function add(...), sub(...) and mul(...). Division by zero errors are automatically thrown by the Ethereum Virtual Machine.



Testing

Details of the testing environment can be found in test.

MintTokens And MintTokensLocked

The following functions were tested using the script test/01_testMinted.sh with the summary results saved in test/test1results.txt and the detailed output saved in test/test1output.txt:

  • Deploy crowdsale/token contract
  • Whitelist accounts
  • Contribute just below minimum threshold - crowdsale.thresholdReached=false
  • Contribute just above minimum threshold - crowdsale.thresholdReached=true
  • mintTokens(...)
  • mintTokensMultiple(...)
  • mintTokensLocked(...)
  • mintTokensLockedMultiple(...)
  • transfer(...), approve(...) and transferFrom(...)
  • transfer(...) tokens after unlock dates

OfflineWhitelisted And OfflinePending

The following functions were tested using the script test/02_testOffline.sh with the summary results saved in test/test2results.txt and the detailed output saved in test/test2output.txt:

  • Deploy crowdsale/token contract
  • Whitelist accounts
  • Buy offline for whitelisted account
  • Buy offline for non-whitelisted account
  • Whitelist an offline account
  • Blacklist an offline account

Whitelisted And Blacklisted

The following functions were tested using the script test/03_test3.sh with the summary results saved in test/test3results.txt and the detailed output saved in test/test3output.txt:

  • Deploy crowdsale/token contract
  • Whitelist, whitelist with parameters and blacklist accounts
  • Send contributions
  • Whitelist contributing account that has yet to be whitelisted

Reclaim ETH For Failed Crowdsale

The following functions were tested using the script test/04_testReclaimEth.sh with the summary results saved in test/test4results.txt and the detailed output saved in test/test4output.txt:

  • Deploy crowdsale/token contract
  • Whitelist, whitelist with parameters and blacklist accounts
  • Send contributions below the threshold limit
  • Whitelist contributing account that has yet to be whitelisted
  • Reclaim ETH

Revert Pending ETH For Successful Crowdsale

The following functions were tested using the script test/05_testRevertEth.sh with the summary results saved in test/test5results.txt and the detailed output saved in test/test5output.txt:

  • Deploy crowdsale/token contract
  • Whitelist, whitelist with parameters and blacklist accounts
  • Send contributions above the threshold limit
  • Whitelist contributing account that has yet to be whitelisted
  • Revert Pending ETH


Code Review

  • code-review/VaryonToken.md
    • library SafeMath
    • contract Utils
    • contract Owned
    • contract Wallet is Owned
    • contract ERC20Interface
    • contract ERC20Token is ERC20Interface, Owned
      • using SafeMath for uint;
    • contract LockSlots is ERC20Token, Utils
      • using SafeMath for uint;
    • contract WBList is Owned, Utils
      • using SafeMath for uint;
    • contract VaryonIcoDates is Owned, Utils
    • contract VaryonToken is ERC20Token, Wallet, LockSlots, WBList, VaryonIcoDates


(c) BokkyPooBah / Bok Consulting Pty Ltd for Blue Frontier - May 22 2018. The MIT Licence.