Powered by SECURI LAB
-
yes
-
-
yes
-
-
-
-
yes → NewContract:JSRVGovernanceToken
-
-
Report Information
About Report | Jeti Services Security Assessment |
Version | v1.1 |
Client | Jeti Service |
Language | Solidity |
Confidentiality | Public |
Contract File | JSRVGovernanceFactory.sol SHA-1: bbee4fcd8b5ae5689609640c3b64ad3733a5c2f0 JSRVGovernance.sol SHA-1: 4cbebeb29afeec54528d233b9e6e0509e1474f44 Blacklist.sol SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c |
Audit Method | Whitebox |
Security Assessment Author | Auditor
Mark K. [Security Researcher | Redteam] Approve Document |
*Audit Method
Whitebox: SECURI LAB Team receives all source code from the client to provide the assessment.
Blackbox: SECURI LAB Team receives only bytecode from the client to provide the assessment.
Project Introduction
Scope Information:
Project Name | Jeti Services |
Website | https://jeti.one/ |
Chain | – |
Language | Solidity |
Audit Information:
Request Date | Tuesday, March 21, 2023 |
Audit Date | Wednesday, March 29, 2023 |
Re-assessment Date | Sunday, April 9, 2023 |
Audit Version History:
Version | Date | Description |
1.0 | Wednesday, March 29, 2023 | Preliminary Report |
1.1 | Sunday, April 9, 2023 | Preliminary Report With Re-assessment |
1.2 | Friday, April 14, 2023 | Full audit report |
Initial Audit Scope:
Smart Contract File | JSRVGovernanceFactory.sol SHA-1: cd9db78ffdc6b07da3bc5398189eb76dc55ed98f JSRVGovernance.sol SHA-1: 33e8e2ce9bfd191cf6f5fb8f0367b494ab086076 Blacklist.sol SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c |
Compiler Version | v0.8.17 |
Initial Re-assessment Audit Scope:
Smart Contract File | JSRVGovernanceFactory.sol SHA-1: bbee4fcd8b5ae5689609640c3b64ad3733a5c2f0 JSRVGovernance.sol SHA-1: 4cbebeb29afeec54528d233b9e6e0509e1474f44 Blacklist.sol SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c |
Compiler Version | v0.8.17 |
Vulnerability Findings
ID | Vulnerability Detail | Severity | Category | Status |
SEC-01 | Centralization Risk | High | Resolved | |
SEC-02 | Contract’s name reused | High | Resolved | |
SEC-03 | Avoid using block timestamp | Low | Acknowledge | |
SEC-04 | Unsafe ERC20 operation(s) | Low | Acknowledge | |
SEC-05 | Conformance to numeric notation best practices (too-many-digits) |
Informational | Resolved | |
SEC-06 | Conformance to numeric notation best practices | Informational | Acknowledge | |
SEC-07 | Costly operations in a loop (costly-loop) | Informational | Acknowledge | |
SEC-08 | If different pragma directives are used (pragma) | Informational | Acknowledge | |
SEC-09 | Reentrancy vulnerabilities through send and transfer (reentrancy-unlimited-gas) | Informational | Acknowledge | |
GAS-01 | Use `selfbalance()` instead of `address(this).balance` | – | Acknowledge | |
GAS-02 | Use assembly to check for `address(0)` | – | Resolved | |
GAS-03 | `array[index] += amount` is cheaper than `array[index] = array[index] + amount` (or related variants) | – | Resolved | |
GAS-04 | Use Custom Errors | – | Resolved | |
GAS-05 | Use != 0 instead of > 0 for unsigned integer comparison | – | Resolved |
Powered by SECURI LAB
-
yes
-
-
yes
-
-
yes
-
-
-
-
Project Introduction
Scope Information:
Project Name | Jeti Services |
Website | https://jeti.one/ |
Chain | – |
Language | Solidity |
Audit Information:
Request Date | Friday, April 21, 2023 |
Audit Date | Sunday, April 30, 2023 |
Re-assessment Date | Monday, May 8, 2023 |
Audit Version History:
Version | Date | Description |
1.0 | Tuesday, May 2, 2023 | Preliminary Report |
1.1 | Friday, May 12, 2023 | Full Audit Report With Re-assessment |
Vulnerability Findings
ID | Vulnerability Detail | Severity | Category | Status |
SEC-01 | Centralization Risk | High | Mitigate | |
SEC-02 | Avoid using block timestamp | Low | Mitigate | |
SEC-03 | `abi.encodePacked()` should not be used with dynamic types when passing the result to a hash function such as `keccak256()` | Low | Resolved | |
SEC-04 | avoid-encode-packed-rule | Very Low | Resolved | |
GAS-01 | Use Custom Errors | – | Resolved | |
GAS-02 | Use != 0 instead of > 0 for unsigned integer comparison | – | Resolved |
Powered by SECURI LAB
-
yes
-
-
yes
-
-
yes
-
yes → NewContract:Vendor → NewContract:Payments
-
-
Project Introduction
Scope Information:
Project Name | Jeti Services |
Website | https://jeti.one/ |
Chain | – |
Language | Solidity |
Audit Information:
Request Date | Thursday, May 18, 2023 |
Audit Date | Sunday, June 7, 2023 |
Re-assessment Date | – |
Audit Version History:
Version | Date | Description |
1.0 | Saturday, June 10, 2023 | Preliminary Report |
1.1 | Wednesday, June 14, 2023 | Full Audit Report |
Vulnerability Findings
ID | Vulnerability Detail | Severity | Category | Status |
SEC-01 | Centralization Risk | High | Mitigate | |
SEC-02 | Avoid using block timestamp | Informational | Acknowledge | |
SEC-03 | `abi.encodePacked()` should not be used with dynamic types when passing the result to a hash function such as `keccak256()` | Informational | Acknowledge |