LedgerScore Completes Successful Rock’n’Block Audit

The safety and security of our investors are of paramount importance at LedgerScore. We are pleased to announce our completed smart contract audit by Rock’n’Block. The audit is complete and we are happy to announce the results.

Scope

The audit reviewed contract source code from Etherscan. Contract were reviewed in the context of the flattened file, which included a single solidity file. The review performed did not assess any scripts, tests, or other non-Solidity files.

Methodology

This audit was performed as a comprehensive review of the codebase and takes into consideration both the Solidity code, as well as the target platform: Ethereum main network. The Solidity was reviewed not just for common vulnerabilities and antipatterns, but also for its parity with the intent of the deployer, for its efficiency, and for the practices used during development

Risk Assessment

Findings were categorized using a risk rating model based on the OWASP method. Each vulnerability takes into consideration the impact and likelihood of exploitation, as well as the relative ease with which the vulnerability is resolved; findings that permeate throughout the codebase will require much more review and work to solve and are rated higher as a result

Findings

1. NO critical-severity vulnerabilities were found.

2. NO high-severity vulnerabilities were found.

3. NO medium-severity vulnerabilities were found.

4. Low Severity

Disparity of expectation in release functions: Users use releaseOnce() and releaseAll() to release their frozen tokens once the freeze period has elapsed. In the event a user does not hold any frozen tokens eligible for release, the releaseOnce() function reverts state changes. This is not the case for releaseAll(), which will simply do nothing. While this does not pose a significant danger for users, we recommend the inconsistency be addressed. Overuse of public function visibility: The reviewed token contract is assembled using a script which generates a file of constants with which the token contract will set its initial values. Because each constant is marked public, Solidity implicitly creates a publicly visible getter function with the same name. While using constants is generally efficient, excessive use of public fields: 1. Makes a contract more expensive to deploy (longer bytecode) 2. Makes a contract more expensive to use, as each additional function selector created by these implicit getters means more options to traverse at runtime. Consider removing the word public from each constant unless absolutely necessary. They will be set to the default, internal, meaning they will still be accessible internally to the contract

Manual testing

All “Successful”

The result from the audit included a small list of recommendations for us to rectify, which the team is happy to complete.

To view the full audit by Rock’n’Block, please click here.

About Rock’n’Block

Rock’n’Block provides custom development and implementation of software-based blockchain technologies for businesses and startups.

The Rock’n’Block team includes specialists with more than 15 years of experience in implementing complex projects in the global IT market. The company is actively growing; back at the beginning of 2021 our staff strength was 15 but today we are already more than 50. By the end of the year, we plan to expand the staff strength, due to the increase in the number of orders and the growing popularity of the company’s field of activity.

Our team has participated in the most complex IT projects for customers all over the world. Each time we have solved tasks that no one has done before — such challenges which are now facing us all over the world from the simplest token contracts to complex DEX and blockchain deployments. One of our great projects is DUCATUS Wallet — Full functional consumer wallet development for iOS, Android, and web which has been downloaded more than 10,000 times. provide custom development and implementation of software-based blockchain technologies for businesses and startups.

Website

Twitter

Website
www.LedgerScore.com

Investors
PitchDeck
WhitePaper

Social media
Medium
Telegram Group
Telegram Announcements
Twitter

Inquiries
support@ledgerscore.com

--

--

--

Credit 2.0 for Cryptocurrency | Independent Financial Reporting for DeFi and Traditional Lending

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What Crypto Winter Entails & How Average Millionaires Really Feel About the Crash

hello world

The best laid plans. How even good NFT projects can fail.

NapoleonX Newsletter — January 10, 2018

Estimated price prediction for Ripple XRP for 2021

Nexo: Making More Money In A Volatile Bull Market By Overleveraging

The Spirit of Shiba Inu

UBQKings.com — Week 1

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
LedgerScore

LedgerScore

Credit 2.0 for Cryptocurrency | Independent Financial Reporting for DeFi and Traditional Lending

More from Medium

Exnetwork Gears Up with Strategy NFT Game Ark Rivals for a Sci-fi Adventure

MetaGaming Guild Partner Spotlight Series: AVStar Capital

the bull case — my framework for analyzing projects

2A Ventures x BattleVerse