This is an example smart-contract security audit report performed by Callisto Security Department.
https://github.com/EthereumCommonwealth/Auditing
Commit 01234567890ABCDEF01234567890ABCDEF
In total, 0 issues were reported including:
-
0 high severity issues.
-
0 medium severity issues.
-
0 low severity issues.
-
0 notes.
- Open-source contact.
- The contract should pass a bug bounty after the completion of the security audit.
- Public testing.
- Automated anomaly detection systems. - NOT IMPLEMENTED. A simple anomaly detection algorithm must be implemented to detect behavior that is atypical compared to normal for this contract. For instance the contract must halt deposits in case a large amount is being withdrawn in short period of time until the owner or the community of the contract approves further operationing.
- Multisig owner account.
- Stnadard ERC20-related issues. - NOT IMPLEMENTED. It is known that every contract can potentially receive unintended ERC20-token deposit without the ability to reject it even if the contract is not intended to receive or hold tokens. As the result it is recommended to implement a function that will allow to extract any arbitrary number of tokens from the contract.
- Crosschain address collisions.
The audited smart contract can be deployed. No security issues were found during the audit.
It is recommended to adhere to the security practices described in pt. 4 of this report in order to ensure the operability of the contract and prevent any issues which are not directly related to the code of this smart-contract.