Orakuru Token & Oracle - Smart Contract Audit Report

Summary

Orakuru Audit Report Orakuru has built an off-chain oracle platform to deliver real-world data on-chain.

For this audit, we analyzed the following contracts from the project team's V2 GitHub at commit 489953ef263110283cdadede68c9e845e7517e1d:

  • Orakuru.sol
  • CakePriceOracle.sol
  • OrakuruAggregator.sol
  • Notes of the Orakuru Token Contract:
  • All tokens will be minted upon deployment. No mint functions are present so the total supply cannot increase after deployment.
  • Tokens are allocated are discussed in detail below
  • No ownership-related functions exist.
  • Some functions could be declared external instead of public to save a minimal amount of gas.
  • The token contract complies with the BEP20 standard.
  • Utilization of SafeMath to prevent overflows.

  • Notes of the Oracle Contracts:
  • This contract is used for the reporting of off-chain data by trusted providers.
  • The contract will store sent data on-chain and make it callable by any user.
  • Currently, there is no on-chain way to request data. The team intends to further develop the contracts to implement a payment method for requesting data on-chain.
  • The contract allows for a number of data providers (referred to as "Birds") to provide data upon a request where a payment in $BIRD is included.
  • The team can update which data providers are currently trusted and permitted to provide data.
  • The CakePriceOracle contract is an example of consumer which will pull data from an Agreggator contract.
  • _priceFeed can be defined globally in the CakePriceOracle contract to save gas on each call of consult()
  • Some functions can be declared external instead of public to save on gas.
  • Utilization of SafeMath to prevent overflows.


  • Audit Findings:
    • No security vulnerabilities from external actors were identified.
    • As with any presale, ensure trust in the team prior to investing.
    • Date: April 8th, 2021

    Token Allocations

    The following amounts are minted and unlocked upon deployment: 262_500 - Allocated for the seed sale
    375_000 - Allocated for the first private sale
    382_500 - Allocated for the second private sale
    571_429 - Allocation for the public sale
    25_500 - Allocated for airdrops
    13_313_333 Allocated for future locked rounds
    11_000_000 Allocated for liquidity mining and oracle incentives
    571_000 - Minted to the team upon deployment

    In addition, a series of tokens will be minted to contracts which will vest tokens to parties over time as follows:
    5,190,000 - Marketing, vested over 9 months with 700,650 available after listing
    5,000,000 - Team allocation, vested over 18 months after a 6 month delay
    5,000,000 - Partners, vested over 18 months after a 2 month delay
    1,974,500 - Advisors, vested over 14 months after a 2 month delay

    External Threat Results

    Vulnerability CategoryNotesResult
    Arbitrary Storage WriteN/APASS
    Arbitrary JumpN/APASS
    Delegate Call to Untrusted ContractN/APASS
    Dependence on Predictable VariablesN/APASS
    Deprecated OpcodesN/APASS
    Economic IssuesN/APASS
    Ether ThiefN/APASS
    ExceptionsN/APASS
    External CallsN/APASS
    Integer Over/UnderflowN/APASS
    Multiple SendsN/APASS
    SuicideN/APASS
    State Change External CallsN/APass
    Unchecked RetvalN/APASS
    User Supplied AssertionN/APASS
    Critical Solidity CompilerN/APASS
    Overall Contract Safety PASS

    Function Graph

    ERC20 Token Graph

    Inheritence Chart

    Multi-file Token

    Functions Overview

    
     ($) = payable function
     # = non-constant function
     
     Int = Internal
     Ext = External
     Pub = Public
     
     +  Context 
        - [Int] _msgSender
        - [Int] _msgData
    
     +  Ownable (Context)
        - [Int]  #
        - [Pub] owner
        - [Pub] renounceOwnership #
           - modifiers: onlyOwner
        - [Pub] transferOwnership #
           - modifiers: onlyOwner
    
     + [Int] IBEP20 
        - [Ext] totalSupply
        - [Ext] decimals
        - [Ext] symbol
        - [Ext] name
        - [Ext] getOwner
        - [Ext] balanceOf
        - [Ext] transfer #
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transferFrom #
    
     + [Lib] SafeMath 
        - [Int] tryAdd
        - [Int] trySub
        - [Int] tryMul
        - [Int] tryDiv
        - [Int] tryMod
        - [Int] add
        - [Int] sub
        - [Int] mul
        - [Int] div
        - [Int] mod
        - [Int] sub
        - [Int] div
        - [Int] mod
    
     +  BEP20 (Context, IBEP20, Ownable)
        - [Pub]  #
        - [Ext] getOwner
        - [Pub] name
        - [Pub] symbol
        - [Pub] decimals
        - [Pub] totalSupply
        - [Pub] balanceOf
        - [Pub] transfer #
        - [Pub] allowance
        - [Pub] approve #
        - [Pub] transferFrom #
        - [Pub] increaseAllowance #
        - [Pub] decreaseAllowance #
        - [Int] _transfer #
        - [Int] _mint #
        - [Int] _burn #
        - [Int] _approve #
        - [Int] _burnFrom #
    
     + [Lib] Address 
        - [Int] isContract
        - [Int] sendValue #
        - [Int] functionCall #
        - [Int] functionCall #
        - [Int] functionCallWithValue #
        - [Int] functionCallWithValue #
        - [Int] functionStaticCall
        - [Int] functionStaticCall
        - [Int] functionDelegateCall #
        - [Int] functionDelegateCall #
        - [Prv] _verifyCallResult
    
     + [Lib] SafeBEP20 
        - [Int] safeTransfer #
        - [Int] safeTransferFrom #
        - [Int] safeApprove #
        - [Int] safeIncreaseAllowance #
        - [Int] safeDecreaseAllowance #
        - [Prv] _callOptionalReturn #
    
     +  TokenVesting (Ownable)
        - [Pub]  #
        - [Pub] beneficiary
        - [Pub] cliff
        - [Pub] start
        - [Pub] duration
        - [Pub] released
        - [Ext] release #
        - [Prv] _releasableAmount
        - [Prv] _vestedAmount
    
     +  Orakuru (BEP20)
        - [Pub]  #
        - [Prv] _createVestingContracts #
        - [Prv] _createInitialSupply #
    							


    Function Graph

    ERC20 Token Graph

    Inheritence Chart

    Multi-file Token

    Functions Overview

    
     ($) = payable function
     # = non-constant function
     
     Int = Internal
     Ext = External
     Pub = Public
     
     +  Context 
        - [Int] _msgSender
        - [Int] _msgData
    
     +  Ownable (Context)
        - [Int]  #
        - [Pub] owner
        - [Pub] renounceOwnership #
           - modifiers: onlyOwner
        - [Pub] transferOwnership #
           - modifiers: onlyOwner
    
     + [Lib] SafeMath 
        - [Int] tryAdd
        - [Int] trySub
        - [Int] tryMul
        - [Int] tryDiv
        - [Int] tryMod
        - [Int] add
        - [Int] sub
        - [Int] mul
        - [Int] div
        - [Int] mod
        - [Int] sub
        - [Int] div
        - [Int] mod
    
     + [Int] IOrakuruAggregator 
        - [Ext] decimals
        - [Ext] latestAnswer
    
     + [Int] IBEP20 
        - [Ext] totalSupply
        - [Ext] decimals
        - [Ext] symbol
        - [Ext] name
        - [Ext] getOwner
        - [Ext] balanceOf
        - [Ext] transfer #
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transferFrom #
    
     +  OrakuruAggregator (Ownable, IOrakuruAggregator)
        - [Pub]  #
        - [Ext] submit #
           - modifiers: isOracle
        - [Ext] toggleOracle #
           - modifiers: onlyOwner
        - [Pub] latestAnswer
    							


    Function Graph

    ERC20 Token Graph

    Inheritence Chart

    Multi-file Token

    Functions Overview

    
     ($) = payable function
     # = non-constant function
     
     Int = Internal
     Ext = External
     Pub = Public
     
     + [Lib] SafeMath 
        - [Int] tryAdd
        - [Int] trySub
        - [Int] tryMul
        - [Int] tryDiv
        - [Int] tryMod
        - [Int] add
        - [Int] sub
        - [Int] mul
        - [Int] div
        - [Int] mod
        - [Int] sub
        - [Int] div
        - [Int] mod
    
     + [Int] IOracle 
        - [Ext] consult
    
     + [Int] IOrakuruAggregator 
        - [Ext] decimals
        - [Ext] latestAnswer
    
     +  CakePriceOracle (IOracle)
        - [Pub]  #
        - [Ext] consult