Smart Contract Audit of the Envion Token
We are glad to see the team of our auditing contractor not having found any critical issues in our smart contracts that could lead to the compromisation of the Envion ICO. As the auditing process follows standardized checks and procedures, five non-critical issues have been brought up which we would like to address.
Issues #1 and #4: For the development and implementation of smart contracts, we work with version 3.4.11 of the Truffle Framework by ConsenSys. We have not upgraded to 4.x because of some yet unresolved bugs which make contracts unusable at times. As this Truffle version supports only version 0.4.15 of the Solidity Compiler, we cannot use the “pure” function modifier, which is only available from Solidity 0.3.16
Issue #5: We thoroughly tested the implementation of Oraclize and decided to go with what provided the desired performance.
Issue#2 : We don’t see the gain in knowledge as high as in concentrated auditing by a professional company with deep knowledge.
Issue #3: Although explicit definition of function visibility is often recommended, there is no safety-relevant necessity here to explicitly define the visibility for the mentioned functions as they are either read-only or protected by further access modifiers and therefore can remain public by default.
Who was auditing the smart contract?
Prof. Dr. Michael Backes is the initiator and founder of Backes SRT GmbH. He is a professor at the University of Saarland where he is Professor for Information Security and Cryptography. He is the Director of the BMBF funded IT security competence centre CISPA (Center for IT security, privacy, and accountability), and at the same time leads a research group at the Max Planck Institute for Software Systems as Max Planck Fellow. In addition, he is senior scientist and Deputy Coordinator of the DFG funded excellence multimodal computing and interaction (MMCI).
Prof. Backes has made pioneering contributions in foundational as well as applied IT security by the development and analysis of security protocols, privacy and data protection, new attack methods and by answering fundamental questions of security. Michael Backes has more than 130 scientific research articles published. Most of these articles appeared in the world’s leading conferences and journals of IT security. He has numerous scientific awards received such as the TR35 award, the ERC starting Grant, a fellowship of the Max Planck Society, the IBM Faculty Award, the Microsoft award for outstanding research in privacy enhancing technologies, and an IBM outstanding achievement award. He was appointed as the leading German scientists under 40 years of age in 2010 by the financial times Germany, and in 2010 and 2011 by the computer week as one of the most important IT persons in Germany.
