We released a brand new security service
Check it out

Smart Contract Audit

Ammbr
February 7, 2022

Table of contents

Summary
Scope of Work
Workflow of the auditing process
Structure and organization of the findings
Manual Report
Test Results

Summary

Vidma team has conducted a smart contract audit for the given codebase.

The contracts are in good condition. Based on the fixes provided by the Ammbr team and on the quality and security of the codebase provided, Vidma team can give a score of 95 to the audited smart contracts.

During the auditing process, the Vidma team has found a couple of informational issues, 7 issues with a low level of severity, 1 issue with a medium level of severity, and 3 issues with a critical level of severity.

Severity of the issue
Total found
Resolved
Unresolved
Critical
3 issues
3 issues
0 issues
High
3 issues
3 issues
0 issues
Medium
3 issues
3 issues
0 issues
Low
3 issues
3 issues
0 issues
Informational
3 issues
3 issues
0 issues
Low
3 issues
3 issues
0 issues

The contracts are in good condition. Based on the fixes provided by the Ammbr team and on the quality and security of the codebase provided, Vidma team can give a score of 95 to the audited smart contracts.

Based on the given findings, risk level, performance, and code style, Vidma team can grant the following overall score:

Please mind that this audit does not certify the definite reliability and security level of the contract. This document describes all vulnerabilities, typos, performance issues, and security issues found by Vidma auditing team. If the code is under development, we recommend run one more audit once the code is finalized.

Summary

Vidma team has conducted a smart contract audit for the given codebase. The contracts are in good condition. Based on the fixes provided by the Ammbr team and on the quality and security of the codebase provided, Vidma team can give a score of 95 to the audited smart contracts.

During the auditing process, the Vidma team has found a couple of informational issues, 7 issues with a low level of severity, 1 issue with a medium level of severity, and 3 issues with a critical level of severity.

Severity of the issue Issue severity Total found Resolved Unresolved
Critical 3 issues 3 issues 0 issues
High 0 issues 0 issues 0 issues
Medium 1 issue 1 issue 0 issues
Low 7 issues 7 issues 0 issues
Informational 5 issues 5 issues 0 issues
Total 16 issues 16 issues 0 issues


Evaluating the findings, we can assure that the contract is safe to use and all the issues found are performed only by certain conditions and cases. Under the given circumstances we can set the following risk level:

High Confidence


Vidma auditors are evaluating the initial commit given for the scope of the audit and the last commit with the fixes. Hence, it helps to adequately evaluate the development quality.

Applicature auditing team has conducted a bunch of integrated autotests to ensure that the given codebase has decent performance and security levels. The test results and the coverage can be found in the accompanying section of this audit report. 

Issue severity

Based on the given findings, risk level, performance, and code style, Vidma team can grant the following overall score:

95.00

Vidma auditing team has conducted a bunch of integrated autotests to ensure that the given codebase has decent performance and security levels. The test results and the coverage can be found in the accompanying section of this audit report.

Please mind that this audit does not certify the definite reliability and security level of the contract. This document describes all vulnerabilities, typos, performance issues, and security issues found by Vidma auditing team. If the code is under development, we recommend run one more audit once the code is finalized.

Scope of work

Ammbr applies systems thinking to dynamically map out the influencing factors for each project. They establish relationships with partners who create added value and bring together the public and private sectors.

Within the scope of this audit, two independent auditors deeply investigated the given codebase and analyzed the overall security and performance of smart contracts.

The debrief took place from Jan 10th to 26th, 2022 and the final results are present in this document.

Applicature auditing team has made a review of the following contracts:

  • Migrations.sol
  • QC.sol

The source code was taken from the following source - https://github.com/AmmbrFi/qc-contract/commit/4a3a40c6cd8a8756d4d214f30d85c1c6edb1a3cd

Initial commit submitted for the audit - https://github.com/AmmbrFi/qc-contract/commit/4a3a40c6cd8a8756d4d214f30d85c1c6edb1a3cd

Last commit - https://github.com/AmmbrFi/qc-contract/commit/03a39cfb80030ef5c9952d4ef54f228aaf86ecab


In order to conduct a more detailed audit, Ammbr has provided the following documentation: https://github.com/AmmbrFi/qc-contract/blob/master/docs.md

Workflow of the auditing process

During the manual phase of the audit, Vidma team manually looks through the code in order to find any security issues, typos, or discrepancies with the logic of the contract.

Within the testing part, Vidma auditors run integration tests using the Truffle testing framework. The test coverage and the tests themselves are inserted into this audit report.

Vidma team uses the most sophisticated and contemporary methods and techniques to ensure the contract does not have any vulnerabilities or security risks:

Re-entrancy;
Access Management Hierarchy;
Arithmetic Over/Under Flows;
Unexpected Ether;
Delegatecall;
Default Public Visibility;
Hidden Malicious Code;
Entropy Illusion (Lack of Randomness);
External Contract Referencing;
Short Address/Parameter Attack;
Unchecked CALL Return Values;
Race Conditions / Front Running;
General Denial Of Service (DOS);
Uninitialized Storage Pointers;
Floating Points and Precision;
Tx.Origin Authentication;
Re-entrancy;
Signatures Replay;
Pool Asset Security (backdoors in the underlying ERC-20).

Structure and organization of the findings

For the convenience of reviewing the findings in this report, Applicature auditors classified them in accordance with the severity of the issues. (from most critical to least critical). The acceptance criteria are described below. 

All issues are marked as “Resolved” or “Unresolved”, depending on whether they have been fixed by Ammbr or not. The latest commit, indicated in this audit report should include all the fixes made. 

To ease the explanation, the Applicature team has provided a detailed description of the issues and recommendations on how to fix them.  

Hence, according to the statements above, we classified all the findings in the following way:

Finding
Description
Critical
The issue bear a definite risk to the contract, so it may affect the ability to compile or operate.
High
Major security or operational risk found, that may harm the end-user or the overall performance of the contract.
Medium
The issue affects the contract to operate in a way that doesn’t significantly hinder its performance.
Low
Major security or operational risk found, that may harm the end-user or the overall performance of the contract.
Informational
The issue bear a definite risk to the contract, so it may affect the ability to compile or operate.

Manual Report

Resolved, Critical: Incorrect logic in mint() and burn() functions

Critical | Resolved

In mint() and burn() functions _totalSupply is changing but the value of _gonsPerFragment is not changing. It affects incorrect _gonBalances[user] calculation. 

It triggers the following critical issues:

  • When the user already has a significant amount of tokens on the balance, it is impossible to mint a certain amount to him. It happens because the new value of the user's balance exceeds the allocated limit for uint256 type variables.
  • If mint or burn is called properly all balance calculations in all functions related to transfer are incorrect or even fail when the amount is too big because _gonsPerFragment is not valid according to the _totalSuply

Steps to reproduce:

User balance: 1000000000000000000000000 tokens.
Scaled balance: 115792089237316195423570985008687907853269984665640564000000000000000000000000

Minter try to mint 1 token for the user

Expected result:

  • User balance 1000001000000000000000000 tokens
  • Scaled balance:
    115792089237316195423570985008687907853269984665640563725448000000000000000000

The real result:- transaction failed because gonValue + gonBalances[to] in result this value is too large and can’t be stored in the variable due to lack of dimensionality, which leads to transaction failure.

Recommendation:

Change the value of _gonsPerFragment variable to appropriate one every time you change the _totalSuply in burn() and mint() functions. As a suggestion possible solution to implement mint() function:

function mint(address to, uint256 amount) public onlyRole(MINTER_ROLE) { require(to != address(0), "ERC20: mint to the zero address"); uint256 balance = _gonBalances[to] / _gonsPerFragment; uint256 newBalance = balance + amount; _totalSupply += amount; _gonsPerFragment = TOTAL_GONS /_totalSupply; _gonBalances[to] = newBalance * _gonsPerFragment; } <xmp/> <style> xmp { white-space: pre-wrap; padding: 12px 24px; background: #161616; color: white; font-size: 16px; line-height: 24px; } <style/></div><h4><strong>Re-audit: </strong></h4><p><strong>‍</strong>Above solution was implemented and fixed the problem with overflow, but it triggers another problem which caused the incorrect rebase mechanizm. It is related to both <em>mint()</em> and <em>burn() </em>functions.<br/>‍</p><p>For example:</p><ul role="list"><li>user1 has 1m tokens in fragments on his balance, <em>totalSupply</em> - 1m tokens</li><li>then mint 1m tokens for user2: user2 has 1m tokens on his balance, user1 has 2m tokens on his balance, totalSupply - 2m tokens. But expected result is user1 - 1m, user2 - 1m, totalSupply - 2m</li></ul><h4>Re-audit 2:</h4><p>removed mint and burn functionality.</p><p>‍</p><h2>Resolved, Critical: Incorrect tax fee calculation in all functions related to token transfers</h2><figure class="w-richtext-align-normal w-richtext-figure-type-image"><div><img src="https://assets-global.website-files.com/620d57488c97b242b6f1855d/62482111e0414f9534408481_pink%20indicator.svg" loading="lazy" alt=""/></div></figure><p>Critical / <strong><em>Resolved</em></strong></p><p>‍</p><p>‍</p></div></div></div><div id="test-results" class="test-results-section"><div class="container-narrow"><div class="div-block-65"><h2 id="summary" class="audit-headings">Test Results</h2><div class="rich-text-block w-richtext"><p>To verify the contract security and performance a bunch of integration tests was made using the Truffle testing framework.</p><p>‍</p><figure style="max-width:730pxpx" class="w-richtext-align-fullwidth w-richtext-figure-type-image"><div><img src="https://assets-global.website-files.com/620d57488c97b242b6f1855d/6230412d76e5eb5971c6682d_Group%2017069.svg" loading="lazy" alt=""/></div></figure><h1>Tests are written by Ammbr</h1><h2>Test Coverage</h2><p>‍</p><div class="w-embed"><style> table { border-collapse: collapse; position: relative; z-index: 100; } table, th, td { border: none; color: #090B0D; } th { background-color: #F6A605; } td{ color: #FFFFFF; } .black-row { background-color: #090B0D; } .grey-row { background-color: #161616; } .tabble-heading-left-four { display: flex; justify-content: center; width: 25%; justify-content: flex-start; } .data-cell-width-four { display: flex; flex-direction: row; width: 25%; justify-content: center; } .flex-row { display: flex; width: 100%; justify-content: space-between; } th, td { padding: 20px 20px; } } .table-wrapper { position: relative; } .heading-not-scroll { position: absolute; width: 25%; z-index: 200; color: #FFFFFF; } .data-left-side { padding: 20px 20px; } .orange-row { background: #F6A605; } .tabble-main { overflow-x: auto; } table { width: 728px; } .orange-row .tabble-heading-left-four { color: #090B0D; } </style> <div class="table-wrapper"> <div class="heading-not-scroll"> <div class="orange-row"> <div class="tabble-heading-left-four data-left-side"> 1 </div> </div> <div class="black-row"> <div class="tabble-heading-left-four data-left-side"> 2 </div> </div> <div class="grey-row"> <div class="tabble-heading-left-four data-left-side"> 3 </div> </div> <div class="black-row"> <div class="tabble-heading-left-four data-left-side"> 4 </div> </div> </div> <div class="tabble-main"> <table> <tr class="flex-row"> <th class="tabble-heading-left-four">File</th> <th class="data-cell-width-four">% Stmts</th> <th class="data-cell-width-four">% Branch</th> <th class="data-cell-width-four">% Funcs</th> <th class="data-cell-width-four">% Lines</th> </tr> <tr class="black-row flex-row"> <td class="tabble-heading-left-four">Critical</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> <tr class="grey-row flex-row" > <td class="tabble-heading-left-four">High</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> <tr class="black-row flex-row"> <td class="tabble-heading-left-four">sssss</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> </table> </div> </div></div><h4>Test Results</h4><div class="w-embed"><style> .code-board ul .results-passed::before { content: "✓"; color: #66CB70; font-weight: 600; margin-right: 10px; font-size: 18px; } .code-board ul .not-passed::before { content: "✘"; color: red; font-weight: 500; margin-right: 10px; font-size: 18px; } .code-board { background-color: #161616; padding: 24px; color: #FFFFFF!important; font-size: 16px!important!; word-break: break-all; font-family: 'Roboto Mono'; } .name-style { color: #FFFFFF; } .heading-board { color: #F6A605; font-family: 'Roboto Mono'; font-style: normal; font-weight: 700; font-size: 16px; line-height: 24px; } .code-board ul { list-style-type: none!important; } .time-res { color: #616161; } .code-board .grey-text-board { color: #616161; font-family: 'Roboto Mono'; font-style: normal; font-weight: 400; font-size: 16px; line-height: 24px; } grey-text-board::before { content: ""; } </style> <div class="code-board"> <h1 class="heading-board" > Contract: <span class="name-style">Name</span> </h1> <ul> <li class="grey-text-board">transfer from when the token owner has enough balance </li> <li><ul><li class="grey-text-board">transfer from when the token owner has enough balance</ul></li> </ul> <ul> <li class="results-passed"> Lorem <span class="time-res">(6ms)</span> </li> <li class="results-passed"> Lorem <span class="time-res">(6ms)</span> </li> <li class="results-passed"> Lorem <span class="time-res">(6ms)</span> </li> <li class="results-passed"> Lorem <span class="time-res">(6ms)</span> </li> <li class="not-passed"> Lorem <span class="time-res">(6ms)</span> </li> </ul> <div> <span class="time-res">48 passed <span class="time-res">(6ms)</span></span> </div> </div></div></div></div></div><div class="container-narrow tabble-container"><div class="w-richtext"><div class="w-embed"><style> table { border-collapse: collapse; position: relative; z-index: 100; } table, th, td { border: none; color: #090B0D; } th { background-color: #F6A605; } td{ color: #FFFFFF; } .black-row { background-color: #090B0D; } .grey-row { background-color: #161616; } .tabble-heading-left-four { display: flex; justify-content: center; width: 25%; justify-content: flex-start; } .data-cell-width-four { display: flex; flex-direction: row; width: 25%; justify-content: center; } .flex-row { display: flex; width: 100%; justify-content: space-between; } th, td { padding: 20px 20px; } } .table-wrapper { position: relative; } .heading-not-scroll { position: absolute; width: 25%; z-index: 200; color: #FFFFFF; } .data-left-side { padding: 20px 20px; } .orange-row { background: #F6A605; } .tabble-main { overflow-x: auto; } table { width: 728px; } .orange-row .tabble-heading-left-four { color: #090B0D; } </style> <div class="table-wrapper"> <div class="heading-not-scroll"> <div class="orange-row"> <div class="tabble-heading-left-four data-left-side"> 1 </div> </div> <div class="black-row"> <div class="tabble-heading-left-four data-left-side"> 2 </div> </div> <div class="grey-row"> <div class="tabble-heading-left-four data-left-side"> 3 </div> </div> <div class="black-row"> <div class="tabble-heading-left-four data-left-side"> 4 </div> </div> </div> <div class="tabble-main"> <table> <tr class="flex-row"> <th class="tabble-heading-left-four">File</th> <th class="data-cell-width-four">% Stmts</th> <th class="data-cell-width-four">% Branch</th> <th class="data-cell-width-four">% Funcs</th> <th class="data-cell-width-four">% Lines</th> </tr> <tr class="black-row flex-row"> <td class="tabble-heading-left-four">Critical</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> <tr class="grey-row flex-row" > <td class="tabble-heading-left-four">High</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> <tr class="black-row flex-row"> <td class="tabble-heading-left-four">sssss</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> <td class="data-cell-width-four">3 issues</td> </tr> </table> </div> </div></div></div></div><div class="container-narrow"><div class="w-dyn-bind-empty w-richtext"></div></div><div class="container-narrow tabble-container"><div class="w-dyn-bind-empty w-richtext"></div></div><div class="container-narrow"><div class="w-dyn-bind-empty w-richtext"></div></div></div></div><div class="section-2"><div class="container-narrow"><div class="paragraph-21 w-dyn-bind-empty w-richtext"></div></div></div></div><div class="footer-section"><div class="footer-upper"><div class="container-wide"><div class="row-footer-upper"><div class="div-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62fba2adbab4ef213548d667_logo%20(23).svg" loading="lazy" alt="" class="logo-footer"/><p class="paragraph">Vidma is a leader in blockchain security audit with experience across multiple DeFi protocols, layer one solutions, and marketplaces. Our team of engineers and cryptography specialists provides security auditing, penetration testing, and vulnerability assessments.<br/></p></div><div class="div-block-162"><div class="div-block-163"><h3 class="heading heading-footer">Contacts</h3><div class="div-block-161"><a href="/" class="link-block-11 w-inline-block"><div>Home</div></a><a href="/about-us" class="link-block-11 w-inline-block"><div>About Us</div></a><a href="/portfolio" class="link-block-11 w-inline-block"><div>Portfolio</div></a></div></div></div><div class="div-block center"><div class="div-block-3"><h3 class="heading heading-footer">Security Services</h3><div class="div-block-161"><a href="/security" class="link-block-11 w-inline-block"><div>Smart Contract Audits</div></a><a href="/code-review" class="link-block-11 w-inline-block"><div>Ongoing Code Review</div></a><a href="/penetration-testing" class="link-block-11 w-inline-block"><div>Penetration Testing</div></a></div></div></div></div></div></div><div class="footer-bottom hide-footer"><div class="container-wide"><div class="row-footer-bottom"><div class="div-block-6"><div class="text-block-3">© 2022 All Rights Reserved Vidma</div></div><div class="div-block-6"><a href="#" class="link-block-3 w-inline-block"><div>Terms and Conditions</div></a><a href="#" class="link-block-3 no-border w-inline-block"><div>Link to NDA form</div></a></div><div class="div-block-6"><a href="#" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c50e7b948b2718f6b17_medium.svg" loading="lazy" alt=""/></a><a href="#" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c507cc6ea240134e2ae_youtube.svg" loading="lazy" alt=""/></a><a href="#" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c507f60a83999801be6_linkedin.svg" loading="lazy" alt=""/></a><a href="#" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c5087b852ed83014c2d_twitter.svg" loading="lazy" alt=""/></a><a href="#" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c50ce781f56505dfee4_telegram.svg" loading="lazy" alt=""/></a></div></div></div></div><div class="footer-bottom"><div class="container-wide"><div class="row-footer-bottom"><div class="div-block-6 left-side"><a href="/policy" target="_blank" class="link-block-2 policy-footer w-inline-block"><div>Policy</div></a><a href="mailto:security@vidma.io" class="link-block-2 w-inline-block"><div class="text-block-7">Contact: security@vidma.io</div></a></div><div class="div-block-6"><div class="text-block-3">© 2024 All Rights Reserved Vidma</div></div><div class="div-block-6 right-side"><a href="https://medium.com/@vidma_security" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c50e7b948b2718f6b17_medium.svg" loading="lazy" alt="" class="img-social"/></a><a href="https://www.youtube.com/channel/UCEAr5pHN8ng2_XqIQzuhhWA" target="_blank" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c507cc6ea240134e2ae_youtube.svg" loading="lazy" alt="" class="img-social"/></a><a href="https://www.linkedin.com/company/vidma/" target="_blank" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c507f60a83999801be6_linkedin.svg" loading="lazy" alt="" class="img-social"/></a><a href="https://twitter.com/Vidma_security" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c5087b852ed83014c2d_twitter.svg" loading="lazy" alt="" class="img-social"/></a><a href="https://t.me/vidmasecurity" target="_blank" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62000c50ce781f56505dfee4_telegram.svg" loading="lazy" alt="" class="img-social"/></a><a href="https://github.com/vidma-security" target="_blank" class="social-icons w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/64888475f953e3c4f765adca_Variant11.svg" loading="lazy" alt="" class="img-social"/></a><div id="scroll-btn-block" class="scroll-block"><a id="scroll-top" href="#" class="scroll-up-btn w-inline-block"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/62150475feac0b38c22bf2d2_chevron-up.svg" loading="lazy" alt=""/></a></div></div></div></div></div></div><div class="custom-code"><div class="summary-table w-embed"><style> table { border-collapse: collapse; } table, th, td { border: none; color: #090B0D; } th { background-color: #F6A605; } td{ color: #FFFFFF; } .black-row { background-color: #090B0D; } .grey-row { background-color: #161616; } .tabble-heading-left { display: flex; justify-content: center; justify-content: flex-start; padding-left: 24px; max-width: 165px; width: 100%; } .data-cell-width-wide { display: flex; flex-direction: row; width: 25%; justify-content: center; max-width: 142px; } .flex-row { display: flex; width: 100%; justify-content: space-between; } th, td { padding: 20px 20px; } .mobile-text-table { display: none; } .bold-bottom { font-weight: 600; } @media only screen and (max-width: 600px) { .mob-heading-table { display: block; } th, td { } .table-wrapper .align-right-data { } .tabble-heading-left { padding-left: 10px; } .desktop-text-table { display: none; color: #090B0D; } .mobile-text-table { display: block; color: #090B0D; } .summary-section .data-cell-width-wide, .tabble-heading-left, .data-cell-width-four { } .summary-section .table-wrapper .align-right-data { align-items: center; } } .table-wrapper .align-right-data { justify-content: flex-end; padding-right: 24px; } .orange-row { background-color: #F6A605; } .heading-not-scroll { position: absolute; width: 15%; z-index: 200; color: #FFFFFF; overflow: hidden; } .data-left-side { padding: 20px } .heading-not-scroll { max-width: 165px; width: 100%; } .mob-heading-table { display: block; z-index: 200; } .table-wrapper { overflow-x: auto; } .table-main { width: 728px; } .color-style { color: #090B0D; } .table-sum .table-wrapper { word-break: break-word; } </style></div><div class="pre-styles w-embed"><style> pre { white-space: pre-wrap; padding: 12px 24px; background: #161616; color: white; font-size: 16px; line-height: 24px; } </style></div><div class="test-results-part-two w-embed"><style> table { border-collapse: collapse; position: relative; z-index: 100; } table, th, td { border: none; color: #090B0D; } th { background-color: #F6A605; } td{ color: #FFFFFF; } .black-row { background-color: #090B0D; } .grey-row { background-color: #161616; } .tabble-heading-left-four { display: flex; justify-content: center; justify-content: flex-start; min-width: 15%; max-width: 178px; } .data-cell-width-four { display: flex; flex-direction: row; width: 25%; justify-content: center; max-width: 108px; } .flex-row { display: flex; width: 100%; justify-content: space-between; } th, td { padding: 20px 20px; } } .table-wrapper { position: relative; } .heading-not-scroll { position: absolute; z-index: 200; color: #FFFFFF; overflow: hidden; max-width: 178px; } .data-left-side { padding: 20px 20px; } .orange-row { background: #F6A605; } .tabble-main { overflow-x: auto; } table { width: 728px; border-bottom: 1px solid #1d1d1d; } .orange-row .tabble-heading-left-four { color: #090B0D; } .folder-left-padding { padding-left: 10px; } .bold-style-data { font-weight: 600; } .table-wrapper { border-bottom: 1px solid #1d1d1d; font-size: 16px; line-height: 20px; word-break: break-all; } .table-wrapper .data-left-side { width: 178px; } .data-cell-width-four.align-last { justify-content: flex-end; } @media only screen and (max-width: 600px) { .table-wrapper .heading-not-scroll { width: 45%; } } </style></div><div class="w-embed"><style> .code-board ul .results-passed::before { content: "✓"; color: #66CB70; font-weight: 600; margin-right: 10px; font-size: 18px; } .code-board ul .not-passed::before { content: "✘"; color: red; font-weight: 500; margin-right: 10px; font-size: 18px; } .code-board { background-color: #161616; padding: 24px; color: #FFFFFF !important; font-size: 16px !important; word-break: break-all; font-family: 'Roboto Mono'; } .name-style { color: #FFFFFF; } .test-results-section .heading-board { color: #F6A605; font-family: 'Roboto Mono'; font-style: normal; font-weight: 700; font-size: 16px; line-height: 24px; margin-top: 0; margin-bottom: 0; } .code-board ul { list-style-type: none !important; } .time-res { color: #616161; font-weight: 400; font-size: 11px; margin-left: 4px; } .code-board .grey-text-board { color: #616161; font-family: 'Roboto Mono'; font-style: normal; font-weight: 400; font-size: 16px; line-height: 24px; } grey-text-board::before { content: ""; } .passed-results { font-size: 16px; line-height: 24px; } .results-passed { font-size: 16px; line-height: 24px; } .bottom-code-section { margin-top: 16px; } </style></div><div class="table-styles w-embed"><style> table { border-collapse: collapse; position: relative; z-index: 100; } table, th, td { border: none; color: #090B0D; } th { background-color: #F6A605; } td{ color: #FFFFFF; } .black-row { background-color: #090B0D; } .grey-row { background-color: #161616; } .tabble-heading-left-four { display: flex; justify-content: center; justify-content: flex-start; min-width: 15%; max-width: 178px; } .data-cell-width-four { display: flex; flex-direction: row; width: 25%; justify-content: center; max-width: 108px; } .flex-row { display: flex; width: 100%; justify-content: space-between; } th, td { padding: 20px 20px; } } .table-wrapper { position: relative; } .heading-not-scroll { position: absolute; z-index: 200; color: #FFFFFF; overflow: hidden; max-width: 178px; } .data-left-side { padding: 20px 20px; } .orange-row { background: #F6A605; } .tabble-main { overflow-x: auto; } table { width: 728px; border-bottom: 1px solid #1d1d1d; } .orange-row .tabble-heading-left-four { color: #090B0D; } .folder-left-padding { padding-left: 10px; } .bold-style-data { font-weight: 600; } .table-wrapper { border-bottom: 1px solid #1d1d1d; font-size: 16px; line-height: 20px; word-break: break-all; } .table-wrapper .data-left-side { width: 178px; } .data-cell-width-four.align-last { justify-content: flex-end; } @media only screen and (max-width: 600px) { .table-wrapper .heading-not-scroll { width: 45%; } } </style></div><div class="test-results w-embed"><style> .code-board ul .results-passed::before { content: "✓"; color: #66CB70; font-weight: 600; margin-right: 10px; font-size: 18px; text-indent: -24px; } .code-board ul .not-passed::before { content: "✘"; color: red; font-weight: 500; margin-right: 10px; font-size: 18px; text-indent: -24px; } .code-board { background-color: #161616; padding: 24px; color: #FFFFFF !important; font-size: 16px !important; word-break: break-word; font-family: 'Roboto Mono'; } .name-style { color: #FFFFFF; } .test-results-section .heading-board { color: #F6A605; font-family: 'Roboto Mono'; font-style: normal; font-weight: 700; font-size: 16px; line-height: 24px; margin-top: 0; margin-bottom: 0; } .code-board ul { list-style-type: none !important; margin-bottom: 0; padding-left: 26px; } .time-res { color: #616161; font-weight: 400; font-size: 11px; margin-left: 4px; } .code-board .grey-text-board { color: #616161; font-family: 'Roboto Mono'; font-style: normal; font-weight: 400; font-size: 16px; line-height: 24px; } .grey-text-board::before { content: ""; } .passed-results { font-size: 16px; line-height: 24px; } .results-passed { font-size: 16px; line-height: 24px; text-indent: -24px; } .bottom-code-section { margin-top: 16px; } .bottom-tests { padding-bottom: 0; } .continue-test { padding-top: 0; } </style></div></div><div class="div-block-48"><div class="top-section-audit"><div class="container-wide"><div class="div-block-7 audit-margin-top"><div class="audit-heading-section"><img src="https://assets-global.website-files.com/plugins/Basic/assets/placeholder.60f9b1840c.svg" loading="lazy" alt="" class="audit-logo"/><h1 class="audit-heading">Smart Contract Audit</h1><div><a href="#" target="_blank" class="link-block w-inline-block"><div class="text-block text-btn-audit">Download Report</div></a></div><div class="date-name-block"><div class="div-block-49"></div><div class="div-block-50"><div><div class="audit-name">This is some text inside of a div block.</div></div>This is some text inside of a div block.<div><div class="text-block-17">This is some text inside of a div block.</div></div></div></div></div></div></div></div>This is some text inside of a div block.<div class="section"><div class="summary-section"><div class="container-narrow hide"><h1 class="audit-headings">Summary</h1><p class="paragraph-21">Vidma team has conducted a smart contract audit for the given codebase.</p><p class="paragraph-21">The contracts are in good condition. Based on the fixes provided by the Ammbr team and on the quality and security of the codebase provided, Vidma team can give a score of 95 to the audited smart contracts.</p><p class="paragraph-21">During the auditing process, the Vidma team has found a couple of informational issues, 7 issues with a low level of severity, 1 issue with a medium level of severity, and 3 issues with a critical level of severity.</p><div class="issue-table-audit-page"><div class="row-isseu-table heading-row"><div class="wide-cell-table"><h5 class="heading-18 left-heading">Severity of the issue</h5></div><div class="small-cell-table"><h5 class="heading-18">Total found</h5></div><div class="small-cell-table"><h5 class="heading-18">Resolved</h5></div><div class="small-cell-table"><h5 class="heading-18">Unresolved</h5></div></div><div class="row-isseu-table black-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">Critical</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div><div class="row-isseu-table grey-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">High</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div><div class="row-isseu-table black-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">Medium</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div><div class="row-isseu-table grey-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">Low</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div><div class="row-isseu-table black-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">Informational</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div><div class="row-isseu-table grey-row"><div class="wide-cell-table"><h5 class="heading-18 white-heading">Low</h5></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">3 issues</div></div><div class="small-cell-table"><div class="text-block-18">0 issues</div></div></div></div><p class="paragraph-21">The contracts are in good condition. Based on the fixes provided by the Ammbr team and on the quality and security of the codebase provided, Vidma team can give a score of 95 to the audited smart contracts.</p><div class="div-block-55"><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/620e73813088934bba9694ab_Group%2016974.svg" loading="lazy" alt=""/></div><div class="div-block-54"><p class="paragraph-23">Based on the given findings, risk level, performance, and code style, Vidma team can grant the following overall score:</p><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/620e71f94458fc94f07cc622_Group%2016814.svg" loading="lazy" alt=""/></div><div class="div-block-54"><p class="paragraph-23">Please mind that this audit does not certify the definite reliability and security level of the contract. This document describes all vulnerabilities, typos, performance issues, and security issues found by Vidma auditing team. If the code is under development, we recommend run one more audit once the code is finalized.</p><img src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/620e72d6e34e68d700ab1b77_Group%2016814%20(1).svg" loading="lazy" alt="" class="image-9"/></div></div><div class="container-narrow"><h2 id="summary" class="audit-headings">Summary</h2><div class="rich-text-block w-richtext"><h2></h2><p></p><h4>Static and dynamic content editing</h4><p>A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!</p><h4>How to customize formatting for each rich text</h4><p>Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the &quot;When inside of&quot; nested selector system.</p></div></div><h2></h2><p></p></div><div class="scope-work-section"><div class="container-narrow"><h2 id="scope-of-work" class="audit-headings">Scope of work</h2><div class="div-block-54 scope-work-description"><img src="https://assets-global.website-files.com/plugins/Basic/assets/placeholder.60f9b1840c.svg" loading="lazy" alt="" class="audit-logo scope-logo"/><p class="paragraph-23 description-text">Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.</p></div></div>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.</div><h2>What’s a Rich Text element?</h2><div class="structure-section"><div class="container-narrow"><h2 id="structure" class="audit-headings">Structure and organization of the findings</h2><div class="rich-text-block w-richtext"><h2></h2><p>The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.</p><h4>Static and dynamic content editing</h4><p>A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!</p><h4>How to customize formatting for each rich text</h4><p>Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the &quot;When inside of&quot; nested selector system.</p></div><h2></h2></div></div><div class="manual-report-section"><div class="container-narrow"><h2 id="manual-report" class="audit-headings">Manual Report</h2><div class="rich-text-block manual-section w-richtext"><h2></h2><p>The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.</p><h4>Static and dynamic content editing</h4><p>A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!</p><h4>How to customize formatting for each rich text</h4><p>Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the &quot;When inside of&quot; nested selector system.</p></div></div></div><h2></h2><div id="test-results" class="test-results-section"><div class="container-narrow"><div class="div-block-65"><h2 id="summary" class="audit-headings">Test Results</h2><div class="rich-text-block w-richtext"><h2></h2><p></p><h4></h4><p></p><h4>How to customize formatting for each rich text</h4><p>Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the &quot;When inside of&quot; nested selector system.</p></div></div></div><h2></h2><p></p><h4></h4><p></p></div></div><div class="section-2"><div class="container-narrow"><div class="paragraph-21 w-richtext"><h2>What’s a Rich Text element?</h2><p>The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.</p><h4>Static and dynamic content editing</h4><p>A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!</p><h4>How to customize formatting for each rich text</h4><p>Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the &quot;When inside of&quot; nested selector system.</p></div></div></div></div><script src="https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61fe51ae9cb8537e6c14a2c8" type="text/javascript" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script><script src="https://assets-global.website-files.com/61fe51ae9cb8537e6c14a2c8/js/webflow.486aeb41f.js" type="text/javascript"></script> <script> document.getElementById("scroll-top").addEventListener("click", function() { document.body.scrollTop = 0; document.documentElement.scrollTop = 0; }); </script> <script> scrollId = document.getElementById("scroll-btn-block"); var myScrollFunc = function() { var y = window.scrollY; if (y >= 600) { scrollId.classList.add("show-btn-scroll") } else { scrollId.classList.remove("show-btn-scroll") } }; window.addEventListener("scroll", myScrollFunc); </script> <script type="text/javascript"> if (!Array.isArray(window.qbOptions)) { window.qbOptions = [] } window.qbOptions.push({"baseUrl":"https://botsrv2.com","use":"nj7qyrYqn0rkgxzB/BNYyPbDYMQme3lVQ"}); </script> <script> setTimeout(()=>{ var script = document.createElement('script'); script.setAttribute('type', 'text/javascript'); script.setAttribute('src', 'https://static.botsrv2.com/website/js/widget2.db8fbf7f.min.js'); script.setAttribute('integrity', 'sha384-u5adxPeVyNYlK6uno62PB8Pa2f+7Q5rm66II7UAEGWO7KdB0xenkx/4IincoNIta'); script.setAttribute('crossorigin', 'anonymous'); script.setAttribute('defer', 'true'); script.setAttribute('data-no-minify', '1'); document.body.appendChild(script); },5000); </script> <script type="text/javascript" src="https://assets.calendly.com/assets/external/widget.js" async></script> <script src="//embed.typeform.com/next/embed.js"></script> <script type="text/javascript"> window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.defer = true; mf.src = "//cdn.mouseflow.com/projects/efdf85e0-622d-441c-88dc-996e5d64cf31.js"; document.getElementsByTagName("head")[0].appendChild(mf); })(); </script><script> let scoreNumber = document.getElementById('score-number').textContent; let separatorByDot = scoreNumber; let firstPartSpan = separatorByDot.split(".")[0]; let secondPartSpan = separatorByDot.split(".")[1]; //console.log(separatorByDot.split(".")); // document.getElementById("score-number").innerHTML = "<span>" + firstPartSpan + "</span><span class =\"grey-style-number\">" + "." + secondPartSpan + "</span>"; //console.log(++scoreNumber); scoreNumber = +scoreNumber; let scoreNumberSafari = (440 - (440 * scoreNumber )/100); //document.getElementById('circle-progress').style.strokeDashoffset = "calc(440 - (440 * " + scoreNumber + ")/100)"; document.getElementById('circle-progress').style.strokeDashoffset = scoreNumberSafari; if(scoreNumber <= 89.99 && scoreNumber >= 80) { document.getElementById('circle-progress').style.stroke = "#F6A605"; } else if (scoreNumber <= 79.99 && scoreNumber >= 70) { document.getElementById('circle-progress').style.stroke = "#E37C4A"; } else if (scoreNumber <= 69.99 && scoreNumber >= 60) { document.getElementById('circle-progress').style.stroke = "#E83B5B"; } else if (scoreNumber <= 69.99) { document.getElementById('circle-progress').style.stroke = "#E83B5B"; } if(scoreNumber < 100) { document.getElementById("score-number").innerHTML = "<span>" + firstPartSpan + "</span><span class =\"grey-style-number\">" + "." + secondPartSpan + "</span>"; } // htmlContent = node.innerHTML, // htmlContent = "Some <span class="foo">sample</span> text." // textContent = node.textContent; // textContent = "Some sample text." </script></body></html>