A time-boxed security review of the protocol name protocol was done by pashov, with a focus on the security aspects of the application's implementation.
A smart contract security review can never verify the complete absence of vulnerabilities. This is a time, resource and expertise bound effort where I try to find as many vulnerabilities as possible. I can not guarantee 100% security after the review or even if the review will find any problems with your smart contracts. Subsequent security reviews, bug bounty programs and on-chain monitoring are strongly recommended.
Krum Pashov, or pashov, is an independent smart contract security researcher. Having found numerous security vulnerabilities in various protocols, he does his best to contribute to the blockchain ecosystem and its protocols by putting time and effort into security research & reviews. Reach out on Twitter @pashovkrum
explanation what the protocol does, some architectural comments, technical documentation
Q: What in the protocol has value in the market?
A:
Q: In what case can the protocol/users lose money?
A:
Q: What are some ways that an attacker achieves his goals?
A:
Severity | Impact: High | Impact: Medium | Impact: Low |
---|---|---|---|
Likelihood: High | Critical | High | Medium |
Likelihood: Medium | High | Medium | Low |
Likelihood: Low | Medium | Low | Low |
Impact - the technical, economic and reputation damage of a successful attack
Likelihood - the chance that a particular vulnerability gets discovered and exploited
Severity - the overall criticality of the risk
review commit hash - fffffffff
The following smart contracts were in scope of the audit:
SmartContractName
SmartContractName
The following number of issues were found, categorized by their severity:
- Critical & High: x issues
- Medium: x issues
- Low: x issues
ID | Title | Severity |
---|---|---|
[C-01] | Any Critical Title Here | Critical |
[H-01] | Any High Title Here | High |
[M-01] | Any Medium Title Here | Medium |
[L-01] | Any Low Title Here | Low |
Impact:
Likelihood: