BU-ERC20 Contract Audit

Ankit Raj
2 min readNov 3, 2020

Introduction

This audit report highlights the overall security of the BU-ERC20 (BUMO ) smart contract. With this report, I have tried to ensure the reliability of the smart contract by completing the assessment of their system’s architecture and smart contract codebase.

Auditing approach and Methodologies applied

In this audit, I consider the following crucial features of the code.

  • Whether the implementation of ERC 20 standards.
  • Whether the code is secure.
  • Whether the code meets the best coding practices.
  • Whether the code meets the SWC Registry issue.

The audit has been performed according to the following procedure:

• Manual audit

  1. Inspecting the code line by line and revert the initial algorithms of the protocol and then compare them with the specification
  2. Manually analyzing the code for security vulnerabilities.
  3. Assessing the overall project structure, complexity & quality.
  4. Checking SWC Registry issues in the code.
  5. Unit testing by writing custom unit testing for each function.
  6. Checking whether all the libraries used in the code of the latest version.
  7. Analysis of security on-chain data.
  8. Analysis of the failure preparations to check how the smart contract performs in case of bugs and vulnerability.

• Automated analysis

  1. Scanning the project’s code base with Mythril, Slither, Echidna , Manticore , SmartCheck
  2. Manually verifying (reject or confirm) all the issues found by tools.
  3. Performing Unit testing.
  4. Manual Security Testing (SWC-Registry, Overflow)
  5. Running the tests and checking their coverage.

Report: All the gathered information is described in this report.

Audit details

Project Name: BUMO

Token symbol: BU (BUMO)

Language: Solidity

Platform and tools: Remix, VScode, securify and other tools mentioned in the automated analysis section.

--

--

Ankit Raj

Blockchain Engineer | Distributed system | Ex- Red Hat | Ethereum foundation grantee