Request Audit | KYC

Jeti Service

-
JETI Services is providing a suite of tools geared towards getting your projects off the ground. From security plug-ins to professional auditing, we aim to become your one-stop shop for all your project needs.
Website
Twitter
Telegram
Report Badge
Project Annoucement
Project: Jeti Service
Audit
3
KYC
Onboard [M/D/Y]
03/29/2023
Contract
JSRVGovernance

Smart Contract AuditSecurity Assessment powered by SECURI LAB

Audit Report
3 Avaliable
Assessment
JSRVGovernance
Chain
NO AUDIT DATA
Compiler Version
v0.8.17
Date
03/29/2023
0
All Findings
0
Unresolved
0
Resolved
0
Critical
0
High
0
Medium
0
Low
0
Very Low
0
Infromational

Powered by SECURI LAB

7.3
CVSS Score
7.3 From 10 Points
Function relation graph
Capabilities
🧪 Experimental Features

-

💰 Can Receive Funds

yes

🖥 Uses Assembly

-

💣 Destroyable Contracts

-

📤 Transfers ETH

yes

⚡ Low-Level Calls

-

👥 DelegateCall

-

🧮 Uses Hash Functions

-

🔖 ECRecover

-

🌀 New/Create/Create2

yes → NewContract:JSRVGovernanceToken

♻️ TryCatch

-

Σ Unchecked

-

View Findings

Smart Contract Audit Findings

Report Information

About Report Jeti Services Security Assessment
Version v1.1
Client Jeti Service
Language Solidity
Confidentiality Public
Contract File JSRVGovernanceFactory.sol
SHA-1: bbee4fcd8b5ae5689609640c3b64ad3733a5c2f0
JSRVGovernance.sol
SHA-1: 4cbebeb29afeec54528d233b9e6e0509e1474f44
Blacklist.sol
SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c
Audit Method Whitebox
Security Assessment Author Auditor

Mark K.        [Security Researcher | Redteam]
Kevin N.       [Security Researcher | Web3 Dev]
Yusheng T.  [Security Researcher | Incident Response]

Approve Document
Ronny C. CTO & Head of Security Researcher
Chinnakit J. CEO & Founder

*Audit Method

Whitebox:   SECURI LAB Team receives all source code from the client to provide the assessment.

Blackbox:    SECURI LAB Team receives only bytecode from the client to provide the assessment.

 

Project Introduction

Scope Information:

Project Name Jeti Services
Website https://jeti.one/
Chain
Language Solidity

 

Audit Information:

Request Date Tuesday, March 21, 2023
Audit Date Wednesday, March 29, 2023
Re-assessment Date Sunday, April 9, 2023

 

Audit Version History:

Version Date Description
1.0 Wednesday, March 29, 2023 Preliminary Report
1.1 Sunday, April 9, 2023 Preliminary Report With Re-assessment
1.2 Friday, April 14, 2023 Full audit report

Initial Audit Scope:

Smart Contract File JSRVGovernanceFactory.sol
SHA-1: cd9db78ffdc6b07da3bc5398189eb76dc55ed98f
JSRVGovernance.sol
SHA-1: 33e8e2ce9bfd191cf6f5fb8f0367b494ab086076
Blacklist.sol
SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c
Compiler Version v0.8.17

Initial Re-assessment Audit Scope:

Smart Contract File JSRVGovernanceFactory.sol
SHA-1: bbee4fcd8b5ae5689609640c3b64ad3733a5c2f0
JSRVGovernance.sol
SHA-1: 4cbebeb29afeec54528d233b9e6e0509e1474f44
Blacklist.sol
SHA-1: e3022a71f8a6a09a0b79f7f2f1c2358befd6b36c
Compiler Version v0.8.17

Vulnerability Findings

ID Vulnerability Detail Severity Category Status
SEC-01 Centralization Risk High Resolved
SEC-02 Contract’s name reused High Resolved
SEC-03 Avoid using block timestamp Low Acknowledge
SEC-04 Unsafe ERC20 operation(s) Low Acknowledge
SEC-05 Conformance to numeric notation best practices
(too-many-digits)		 Informational Resolved
SEC-06 Conformance to numeric notation best practices Informational Acknowledge
SEC-07 Costly operations in a loop (costly-loop) Informational Acknowledge
SEC-08 If different pragma directives are used (pragma) Informational Acknowledge
SEC-09 Reentrancy vulnerabilities through send and transfer (reentrancy-unlimited-gas) Informational Acknowledge
GAS-01 Use `selfbalance()` instead of `address(this).balance` Acknowledge
GAS-02 Use assembly to check for `address(0)` Resolved
GAS-03 `array[index] += amount` is cheaper than `array[index] = array[index] + amount` (or related variants) Resolved
GAS-04 Use Custom Errors Resolved
GAS-05 Use != 0 instead of > 0 for unsigned integer comparison Resolved

 

Security Assessment powered by SECURI LAB
View PDF
Audit TImeline
  • Request Date 03/21/2023
  • Audit Date 03/29/2023
  • Re-assessment Date 04/09/2023
Assessment
Authenticate
Chain
BNB Chain Testnet
Compiler Version
v0.8.17
Date
5/12/2023
0
All Findings
0
Unresolved
0
Resolved
0
Critical
0
High
0
Medium
0
Low
0
Very Low
0
Infromational

Powered by SECURI LAB

8.6
CVSS Score
8.6 pints from 10 points
Function relation graph
Capabilities
🧪 Experimental Features

-

💰 Can Receive Funds

yes

🖥 Uses Assembly

-

💣 Destroyable Contracts

-

📤 Transfers ETH

yes

⚡ Low-Level Calls

-

👥 DelegateCall

-

🧮 Uses Hash Functions

yes

🔖 ECRecover

-

🌀 New/Create/Create2

-

♻️ TryCatch

-

Σ Unchecked

-

View Findings

Smart Contract Audit Findings

Project Introduction

Scope Information:

Project Name

Jeti Services

Website

https://jeti.one/

Chain

Language

Solidity

 

Audit Information:

Request Date

Friday, April 21, 2023

Audit Date

Sunday, April 30, 2023

Re-assessment Date

Monday, May 8, 2023

 

Audit Version History:

Version

Date

Description

1.0

Tuesday, May 2, 2023

Preliminary Report

1.1

Friday, May 12, 2023

Full Audit Report With Re-assessment

Vulnerability Findings

ID

Vulnerability Detail

Severity

Category

Status

SEC-01

Centralization Risk

High

 

Mitigate

SEC-02

Avoid using block timestamp

Low

 

Mitigate

SEC-03

`abi.encodePacked()` should not be used with dynamic types when passing the result to a hash function such as `keccak256()`

Low

 

Resolved

SEC-04

avoid-encode-packed-rule

Very Low

 

Resolved

GAS-01

Use Custom Errors

 

Resolved

GAS-02

Use != 0 instead of > 0 for unsigned integer comparison

 

Resolved

Security Assessment powered by SECURI LAB
View PDF
Audit TImeline
  • Request Date 04/21/2023
  • Audit Date 04/30/2023
  • Re-assessment Date 05/12/2023
Assessment
Trudopes, Marketplace, Payments, PaymentFactory, Vendor
Chain
-
Compiler Version
v0.8.17
Date
6/14/2023
0
All Findings
0
Unresolved
0
Resolved
0
Critical
0
High
0
Medium
0
Low
0
Very Low
0
Infromational

Powered by SECURI LAB

9.2
CVSS Score
8.6 pints from 10 points
Function relation graph
Capabilities
🧪 Experimental Features

-

💰 Can Receive Funds

yes

🖥 Uses Assembly

-

💣 Destroyable Contracts

-

📤 Transfers ETH

yes

⚡ Low-Level Calls

-

👥 DelegateCall

-

🧮 Uses Hash Functions

yes

🔖 ECRecover

-

🌀 New/Create/Create2

yes → NewContract:Vendor → NewContract:Payments

♻️ TryCatch

-

Σ Unchecked

-

View Findings

Smart Contract Audit Findings

Project Introduction

Scope Information:

Project Name

Jeti Services

Website

https://jeti.one/

Chain

Language

Solidity

 

Audit Information:

Request Date

Thursday, May 18, 2023

Audit Date

Sunday, June 7, 2023

Re-assessment Date

 

Audit Version History:

Version

Date

Description

1.0

Saturday, June 10, 2023

Preliminary Report

1.1

Wednesday, June 14, 2023

Full Audit Report

Vulnerability Findings

ID

Vulnerability Detail

Severity

Category

Status

SEC-01

Centralization Risk

High

 

Mitigate

SEC-02

Avoid using block timestamp

Informational

 

Acknowledge

SEC-03

`abi.encodePacked()` should not be used with dynamic types when passing the result to a hash function such as `keccak256()`

Informational

 

Acknowledge

 

 

Security Assessment powered by SECURI LAB
View PDF
Audit TImeline
  • Request Date 05/18/2023
  • Audit Date 06/07/2023
  • Re-assessment Date-