Issue Number | Severity | Action | Additional Description | Commit Link |
ARS-01 : Redundant Variable Initialization | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/93cae128fcce0b568c443b024b258363dd95ae74 |
ASD-01 : Centralization Risk | Major | Ignored | Will be solved once protocol ownership is transferred to Bitocracy | |
ASD-02 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/1a5b8daed23e7f9cec21ccdc8fce3958707e27a1 | |
ASD-02 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/1a5b8daed23e7f9cec21ccdc8fce3958707e27a1 | |
ASD-03 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b9793a04ef2c7684b40426722addbd146e11db44 | |
BPP-01 : Centralization Risk | Major | Ignored | Will be solved once protocol ownership is transferred to Bitocracy | |
DFV-01 : Missing Validation for The Past `lastReleaseTime | Minor | Ignored | Non-updgradeable | |
DFV-02 : Ineffectual Security of Token Owner Lock/Unlock Mechanism | Discussion | Ignored | Non-updgradeable | |
DFV-03 : Centralization Risk | Major | Ignored | Non-updgradeable | |
DFV-04 : Function Visibility Optimization | Minor | Ignored | Non-updgradeable | |
DFV-05 : Redundant `SafeMath` Utilizations | Informational | Ignored | Non-updgradeable | |
ESD-01 : Redundant Statements | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/6d573eabc39aacc4c03b4ba9bba6c1dda1517faa |
ESD-02 : Storage Variables Are Not Packed | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/e72e4092bd90608f6bada444332b509416ab7d9a |
ESD-03 : Redundant Statements | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/eddcd1b2e562a142a6e05f53dce4dfb9388f0109 |
ESD-04 : Inefficient Storage Read | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/8e41f551a128bd1277cbd07ff5b1f63906b8b0bb |
ESD-05 : Inefficient Storage Read | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/dd1081e0cceeaec05d2d528395d837c3cee58e50 |
FSP-01 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/c45cadb9b0941df16943e2c38818cf1c8320a065 | |
FSP-02 : Unneeded Packing of Local Variable | Informational | Addressed | Addressed in another branch. Applied in the master branch already | |
FSP-03 : Potential Volatile Implementation | Discussion | Ignored | No need to do anything with this because removing withdrawal interval is not an option | |
FSP-04 : Requisite Value of ERC-20 `transferFrom()` / `transfer()` Call | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/0989ce599758db778baa45fb617b8746304b9d6f | |
FSP-05 : Inefficient Storage Read | Informational | Ignored | Adding new variable will cause stack too deep issue. | |
GAS-01 : Division Before Multiplication | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/d18a2b0797b6084ecea038f9f4a94d753e70c641 | |
GAS-02 : Potential Logic Flaw in `state()` | Medium | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/0f512f33ff89033c475262849e3b689a512fb8c0 | |
GAS-03 : Function Visibility Optimization | Informational | Ignored | Stack too deep | |
GAS-04 : Comparison with `boolean` Literal | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/61000d80ba06ce83187343f7b2af112dd3063656 | |
GAS-05 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/653128214cd717e701f86cb07a2739b5b5760087 | |
GVS-01 : Usage of `transfer()` for Sending Ether | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/8953d5af41009cac8658dfdf6af4465274a9e831 | |
LCB-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LCB-02 : Dangerous Usage of `tx.origin` | Minor | Ignored | Before EIP3074 release, using tx.origin instead of require(!isContract(msg.sender)) is better approach. Because using isContract has a flaw when it is called by the constructor of the contract | |
LCW-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LMS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LMS-02 : Redundant Statements | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/3b71e3e884bc6c5360aca51e1d7aeb302fb04722 | |
LMS-03 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LOS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LSC-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LSD-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LSO-01 : `AdminAdded` Event Is Not Emitted | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/5eb927d2efbd91cdd57919a3c39521497830dcf1 |
LSO-02 : Storage Variables Are Not Packed | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f305d0e7d6a7d14aaebfe6f52dd1f8550bb04eab |
LSO-03 : Return Variable Utilization | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/28e453c9e1aa7664392847b353d467fb43e9207f |
LSO-04 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LTA-01 : Function Visibility Optimization | Informational | Ignored | We can't change this as the loanParamsList state is being changed in the function implementation. | |
LTA-02 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/4e5d761c5471f497b7758cf90b5ed02fef24fccb | |
LTA-03 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LTB-01 : Inefficient Storage Layout | Informational | Ignored | Can't be changed due to storage collision issue | |
LTD-01 : Documentation Discrepancy | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/6ebc7645e6950410941ec6d396642cd188a2da07 | |
LTD-02 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/5566f32f7a97c8201c60de69ac238044324610ec | |
LTD-03 : Inefficient Storage Read | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f7e41083dcc6b14003557df8dda09a197a91b192 | |
LTD-04 : Missing Error Messages | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/e6729a28a0dad763679c193d6d75943b40f62bf0 | |
LTD-05 : Return Variable Utilization | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/63c7d4f364b4db8907af4dd3ec19458acb469dfd | |
LTD-06 : Inefficient Storage Read | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/a9ec436a4e4fa52d09821176e6fb78f673e363a5 | |
LTD-07 : Potential Allowance Overwritten | Minor | @TODO: Need to revert this changes as in it will cause the storage collision | ||
LTD-08 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
LTS-01 : Contract's State Can Be Re-initialized | Major | @TODO: Need to revert this changes as in it will cause the storage collision | ||
LTS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
MSK-01 : Function Visibility Optimization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/c507ee7db2c2363b91886b6cb1ff0606cfc5c55d | |
MSK-02 : Ethereum Addresses Count Can Exceed `MAX_OWNER_COUNT` | Minor | Non-upgradeable | ||
MSK-03 : Bitcoin Addresses Count Can Exceed `MAX_OWNER_COUNT` | Minor | Ignored | Non-upgradeable | |
MSW-01 : Inefficient Storage Struct Layout | Informational | Ignored | Non-upgradeable | |
MSW-02 : Missing Error Messages | Informational | Ignored | Non-upgradeable | |
MSW-03 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable | |
OIC-01 : Centralization Risk | Major | Ignored | The contract is no longer used | |
OIC-02 : Centralization Risk | Major | Ignored | The contract is no longer used | |
PFR-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
PFS-01 : Redundant Variable Initialization | Informational | Ignored | Non-upgradeable | |
PFS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
PSS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
PSS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
PTU-01 : Possibility of Protocol Tokens Being Locked | Minor | Ignored | Non-upgradeable | |
SED-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
SOV-01 : Centralization Risk | Major | Ignored | Non-upgradeable | |
SOV-02 : Function Visibility Optimization | Informational | Ignored | Non-upgradeable | |
SRP-01 : Inheritance Order Does Not Allow Expanding of `StakingRewardsStorage` Contract With Additional Storage Structures | Medium | Addressed | Fixed in Rubicon release | https://github.com/DistributedCollective/Sovryn-smart-contracts/pull/408 |
SRR-01 : Inheritance Order Does Not Allow Expanding of `StakingRewardsStorage` Contract With Additional Storage Structures | Medium | Addressed | Fixed in Rubicon release | https://github.com/DistributedCollective/Sovryn-smart-contracts/pull/408 |
SRR-02 : Inefficient Storage Read | Informational | Ignored | No changes required as audit was done on a legacy version | |
SRR-03 : Inaccurate Validity Check | Medium | Ignored | No changes required as audit was done on a legacy version | |
SSD-01 : Potential Volatile Implementation | Minor | Ignored | The report seems weird, could not find that piece of code in our repo. | |
SSS-01 : Missing Sanity Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/2478d758c34f05ba2a77ce7c5877f8c4e2f3d610 | |
SSS-02 : Lack of Error Message | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/7987cc0466a1a6a0f6c2aa1fd9cc8c58728b86e3 | |
SSS-03 : Centralization Risk | Major | Ignored | No changes required as Staking is governed by a SIP | |
SSS-04 : Redundant Variable Initialization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b4b4d87fdc10d51d8c66ca5d15dec0236d6be398 | |
SSS-05 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f9834b5e11d8742594db6ef694ad354cdb63b470 | |
STA-01 : Visibility Specifiers Missing | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/dae29b01ba397dc828701bce17eeb0c765caa2b6 | |
STA-02 : Redundant Variable Initialization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/552e2f04e0513c5ac28de4cd5230c92c8f8baa2a | |
SVR-01 : Lack of Error Message | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b2d13474167934c2f93cbc641a8e547e97873659 | |
SVR-02 : Visibility Specifiers Missing | Informational | Ignored | No longer used | |
TSD-01 : Missing Input Validation | Minor | Ignored | Non-upgradeable contract | |
TSV-01 : Function Visibility Optimization | Informational | Ignored | Non-upgradeable contract | |
TSV-02 : Centralization Risk | Major | Ignored | Non-upgradeable contract | |
VCV-01 : Inefficient Storage Struct Layout | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
VCV-02 : Missing Input Validation | Minor | Ignored | Not required. As the transfer function checks for receiver != address(0). It is basically saving gas | |
VCV-03 : Comparison with `boolean` Literal | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
VCV-04 : Function Return Value Ignored | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
VCV-05 : Potential Stuck Vesting Process | Medium | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
VCV-06 : Inefficient Usage of Local Storage Variable | Informational | Ignored | Non-upgradeable contract | |
VCV-07 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable contract | |
VLV-01 : Lack of Error Message | Informational | Ignored | Non-upgradeable contract | |
VLV-02 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable contract | |
VRL-01 : Inheritance Order Does Not Allow Expanding of `VestingRegistryStorage` Contract With Additional Storage Structures | Medium | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
VRL-02 : Redundant `modifier` Usage | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/61a9deaa46b1704209b7297340408be4789432ef | |
VRL-03 : Return Variable Utilization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/7459a83157fce30b4fed5f90acf007502fde8e75 | |
VRS-01 : Usage of `transfer()` for Sending Ether | Minor | Ignored | Contract no longer used | |
VRS-02 : Redundant Variable Initialization | Informational | Ignored | Contract no longer used | |
VRV-01 : Usage of `transfer()` for Sending Ether | Minor | Ignored | Contract no longer used | |
VRV-02 : Redundant Variable Initialization | Informational | Ignored | Contract no longer used | |
VRV-03 : Inefficient Storage Read | Informational | Ignored | Contract no longer used | |
VRV-04 : Explicitly Returning Local | Informational | Ignored | Contract no longer used | |
Variable VRV-05 : Inefficient Storage Read | Informational | Ignored | Contract no longer used | |
VRV-06 : Centralization Risk | Major | Ignored | Contract no longer used | |
WSS-01 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/84bd727d70d2a4137c7ac4c214e84920a8429b2b |