CryptoDrop Token - Smart Contract Audit Report
CryptoDrop is creating a new ERC-20 governance token in support of their platform.
Notes on the Contracts:
- There is a total supply of 10 billion CryptoDrop ($CDrop) tokens that are initially minted to the owner upon deployment.
- The whitelist is initially enabled upon deployment, and several features (burn, delegate, and delegateBySig) are initially disabled.
- The $CDrop token is designed to be a governance token where 1 token = 1 vote.
- Another contract will be needed to collect votes and execute transactions on behalf of the governance token holders.
- While the whitelist is enabled, only whitelisted users are able to participate in transfers; There are no fees for transferring the tokens.
- When the delegate functionality is enabled, token holders can delegate their voting rights to any address.
- When the delegateBySig functionality is enabled, users can also delegate their voting rights using an EIP-712 signature.
- When the burn functionality is enabled, the owner can burn any tokens in their own wallet at any time; the votes associated with the burnt tokens are also destroyed.
- The owner can add or remove any address on the whitelist at any time.
- The owner can disable the whitelist at any time; once it has been disabled, it cannot be enabled again.
- The owner can enable the burn, delegate, and delegateBySig functionality at any time. This functionality is initially disabled and must be enabled by the owner; once it is enabled, it cannot be disabled again.
- As the contract is developed with Solidity v0.8.4, it is protected from overflows.
Audit Findings Summary:
- No security issues from outside attackers were identified.
- Ensure trust in the team as they have some control in the ecosystem.
- Date: October 26th, 2021.
External Threat Results
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
Details: CryptoDrop Token Contract
($) = payable function # = non-constant function Int = Internal Ext = External Pub = Public + [Int] IERC20Permit - [Ext] permit # - [Ext] nonces - [Ext] DOMAIN_SEPARATOR + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Int] IERC20Metadata (IERC20) - [Ext] name - [Ext] symbol - [Ext] decimals + Context - [Int] _msgSender - [Int] _msgData + ERC20 (Context, IERC20, IERC20Metadata) - [Pub]
# - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Int] _transfer # - [Int] _mint # - [Int] _burn # - [Int] _approve # - [Int] _beforeTokenTransfer # - [Int] _afterTokenTransfer # + [Lib] ECDSA - [Prv] _throwError - [Int] tryRecover - [Int] recover - [Int] tryRecover - [Int] recover - [Int] tryRecover - [Int] recover - [Int] toEthSignedMessageHash - [Int] toTypedDataHash + EIP712 - [Pub] # - [Int] _domainSeparatorV4 - [Prv] _buildDomainSeparator - [Int] _hashTypedDataV4 + [Lib] Counters - [Int] current - [Int] increment # - [Int] decrement # - [Int] reset # + ERC20Permit (ERC20, IERC20Permit, EIP712) - [Pub] # - modifiers: EIP712 - [Pub] permit # - [Pub] nonces - [Ext] DOMAIN_SEPARATOR - [Int] _useNonce # + [Lib] Math - [Int] max - [Int] min - [Int] average - [Int] ceilDiv + [Lib] SafeCast - [Int] toUint224 - [Int] toUint128 - [Int] toUint96 - [Int] toUint64 - [Int] toUint32 - [Int] toUint16 - [Int] toUint8 - [Int] toUint256 - [Int] toInt128 - [Int] toInt64 - [Int] toInt32 - [Int] toInt16 - [Int] toInt8 - [Int] toInt256 + ERC20Votes (ERC20Permit) - [Pub] checkpoints - [Pub] numCheckpoints - [Pub] delegates - [Pub] getVotes - [Pub] getPastVotes - [Pub] getPastTotalSupply - [Prv] _checkpointsLookup - [Pub] delegate # - [Pub] delegateBySig # - [Int] _maxSupply - [Int] _mint # - [Int] _burn # - [Int] _afterTokenTransfer # - [Int] _delegate # - [Prv] _moveVotingPower # - [Prv] _writeCheckpoint # - [Prv] _add - [Prv] _subtract + Ownable (Context) - [Pub] # - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Prv] _setOwner # + CdropToken (ERC20Votes, Ownable) - [Pub] # - modifiers: ERC20,ERC20Permit - [Pub] transfer # - modifiers: whitelisted - [Pub] transferFrom # - modifiers: whitelisted - [Ext] burn # - modifiers: asFeature,onlyOwner - [Ext] setWhitelistDisabled # - modifiers: onlyOwner - [Ext] setFeaturesEnabled # - modifiers: onlyOwner - [Ext] setWhitelist # - modifiers: onlyOwner - [Ext] setWhitelists # - modifiers: onlyOwner - [Int] _setWhitelist # - [Pub] delegate # - modifiers: asFeature - [Pub] delegateBySig # - modifiers: asFeature