DESCRIPTION
Aura Network is a high performance Layer1 ecosystem with built-in modularity, leading the mass adoption of Web3 in emerging markets. It has robust partnership network, expansive engineering resources and rich track record. The core contracts covered in this audit include Aura_v0.4.3 contracts in the code repository. The iterative audit covers the code in the initial version, as well as subsequent versions to fix discovered issues, as detailed in our audit report. Please note that external dependencies are assumed reliable and are therefore excluded from the audit scope. Our audit methodology employs automated vulnerability scans, manual verification, and business logic analysis to uncover potential security issues coupled with gas and code quality optimization recommendations. In summary, we did not find any critical issues within the audited codebase. However, we have identified four non-critical issues that should be addressed. Additionally, we have put two recommendations to further strengthen the code logic, along with three notes that should be taken into consideration. It is important to note that the scope of our audit was strictly limited to the specific code versions mentioned in the report. Any updates made subsequent to our review would require a re-evaluation.
KEY FINDINGS
In total, we find 4 potential issues in the smart contract. We also have 2 recommendations and 3 notes, as follows:
| ID | Severity | Description | Category | Status |
|---|---|---|---|---|
| 1 | Medium | Lack of Check on parameter ExcludeCirculatingAddr | DeFi Security | Fixed |
| 2 | Medium | Incomplete Check in function ExcludeCirculatingAddr() | DeFi Security | Fixed |
| 3 | Medium | Incomplete Check in function CreatePeriodicVestingAccount() | DeFi Security | Fixed |
| 4 | Medium | No Limitation on Receiving Tokens for ExcludeCirculatingAddr | DeFi Security | Fixed |
| 5 | - | Insufficient Check of MaxSupply | Recommendation | Fixed |
| 6 | - | Gas Optimization | Recommendation | Fixed |
| 7 | - | Potential Effect on Minted Rewards | Note | Confirmed |
| 8 | - | Assumption on the Secure Implementation of Contract Dependencies | Note | Confirmed |
| 9 | - | Account Type of ExcludeCirculatingAddr | Note | Confirmed |
More details are provided in the audit report.