Powered by SECURI LAB
-
yes
yes (1 asm blocks)
-
yes
-
-
-
-
yes → NewContract:RewardDistributor
-
yes
Report Information
About Report | Darkstar Security Assessment |
Version | v1.2 |
Client | Darkstar |
Language | Solidity |
Confidentiality | Public |
Contract Address | 0xc6aa251989FC258382226BB37a75309187fc979c |
Audit Method | Whitebox |
Security Assessment Author | Auditor
Mark K. [Security Researcher | Redteam] Approve Document |
*Audit Method
Whitebox: SECURI LAB Team receives all source code from the client to provide the assessment.
Blackbox: SECURI LAB Team receives only bytecode from the client to provide the assessment.
Project Introduction
Scope Information:
Project Name | Darkstar |
Website | https://darkstar.financial/ |
Chain | BNB Chain |
Language | Solidity |
Audit Information:
Request Date | Saturday, March 25, 2023 |
Audit Date | Sunday, March 26, 2023 |
Re-assessment Date | Thursday, April 13, 2023 |
Audit Version History:
Version | Date | Description |
1.0 | Monday, February 27, 2023 | Preliminary Report |
1.1 | Sunday, April 2, 2023 | Full Audit Report With Re-Assessment |
1.2 | Thursday, April 13, 2023 | Full Audit Report with re-assessment for contract deployed on BNB Chain mainnet |
Initial Audit Scope:
Smart Contract File | darkstar.sol https://bscscan.com/token/0xc6aa251989fc258382226bb37a75309187fc979c#code |
Compiler Version | v0.8.17 |
Type | File | Logic Contracts | Interfaces | Lines | nLines | nSLOC | Comment Lines | Complex. Score | Capabilities |
???????????? | contracts/Darkstar.sol | 3 | 4 | 762 | 717 | 612 | 3 | 509 | ????????????????Σ |
???????????? | Totals | 3 | 4 | 762 | 717 | 612 | 3 | 509 | ????????????????Σ |
Vulnerability Findings
ID | Vulnerability Detail | Severity | Category | Status |
SEC-01 | Centralization Risk | High | Acknowledge | |
SEC-02 | Imprecise arithmetic operations order (divide-before-multiply) | Medium | Resolved | |
SEC-03 | Avoid using block timestamp | Low | Acknowledge | |
SEC-04 | Empty Function Body – Consider commenting why | Low | Resolved | |
SEC-05 | Unsafe ERC20 operation(s) | Low | Mitigate | |
SEC-06 | Conformity to Solidity naming conventions (naming-convention) | Informational | Resolved | |
SEC-07 | Conformance to numeric notation best practices | Informational | Resolved | |
GAS-01 | Use `selfbalance()` instead of `address(this).balance` | – | Acknowledge | |
GAS-02 | Use assembly to check for `address(0)` | – | Resolved | |
GAS-03 | `array[index] += amount` is cheaper than `array[index] = array[index] + amount` (or related variants) | – | Resolved | |
GAS-04 | Using bools for storage incurs overhead | – | Resolved | |
GAS-05 | State variables should be cached in stack variables rather than re-reading them from storage | – | Resolved |