Powered by SECURI LAB
-
yes
yes (1 asm blocks)
-
yes
-
-
-
-
yes → NewContract:RewardDistributor
-
yes
Report Information
| About Report | Darkstar Security Assessment |
| Version | v1.2 |
| Client | Darkstar |
| Language | Solidity |
| Confidentiality | Public |
| Contract Address | 0xc6aa251989FC258382226BB37a75309187fc979c |
| Audit Method | Whitebox |
| Security Assessment Author | Auditor
Mark K. [Security Researcher | Redteam] Approve Document |
*Audit Method
Whitebox: SECURI LAB Team receives all source code from the client to provide the assessment.
Blackbox: SECURI LAB Team receives only bytecode from the client to provide the assessment.
Project Introduction
Scope Information:
| Project Name | Darkstar |
| Website | https://darkstar.financial/ |
| Chain | BNB Chain |
| Language | Solidity |
Audit Information:
| Request Date | Saturday, March 25, 2023 |
| Audit Date | Sunday, March 26, 2023 |
| Re-assessment Date | Thursday, April 13, 2023 |
Audit Version History:
| Version | Date | Description |
| 1.0 | Monday, February 27, 2023 | Preliminary Report |
| 1.1 | Sunday, April 2, 2023 | Full Audit Report With Re-Assessment |
| 1.2 | Thursday, April 13, 2023 | Full Audit Report with re-assessment for contract deployed on BNB Chain mainnet |
Initial Audit Scope:
| Smart Contract File | darkstar.sol https://bscscan.com/token/0xc6aa251989fc258382226bb37a75309187fc979c#code |
| Compiler Version | v0.8.17 |
| Type | File | Logic Contracts | Interfaces | Lines | nLines | nSLOC | Comment Lines | Complex. Score | Capabilities |
| 📝🔍🎨 | contracts/Darkstar.sol | 3 | 4 | 762 | 717 | 612 | 3 | 509 | 🖥💰📤🌀Σ |
| 📝🔍🎨 | Totals | 3 | 4 | 762 | 717 | 612 | 3 | 509 | 🖥💰📤🌀Σ |
Vulnerability Findings
| ID | Vulnerability Detail | Severity | Category | Status |
| SEC-01 | Centralization Risk | High | Acknowledge | |
| SEC-02 | Imprecise arithmetic operations order (divide-before-multiply) | Medium | Resolved | |
| SEC-03 | Avoid using block timestamp | Low | Acknowledge | |
| SEC-04 | Empty Function Body – Consider commenting why | Low | Resolved | |
| SEC-05 | Unsafe ERC20 operation(s) | Low | Mitigate | |
| SEC-06 | Conformity to Solidity naming conventions (naming-convention) | Informational | Resolved | |
| SEC-07 | Conformance to numeric notation best practices | Informational | Resolved | |
| GAS-01 | Use `selfbalance()` instead of `address(this).balance` | – | Acknowledge | |
| GAS-02 | Use assembly to check for `address(0)` | – | Resolved | |
| GAS-03 | `array[index] += amount` is cheaper than `array[index] = array[index] + amount` (or related variants) | – | Resolved | |
| GAS-04 | Using bools for storage incurs overhead | – | Resolved | |
| GAS-05 | State variables should be cached in stack variables rather than re-reading them from storage | – | Resolved |