Aragon Token and Token Sale audit

Over the last few days, I’ve been reviewing Aragon’s smart contracts.

The last commit that was reviewed was: 0x5079c7e2cd8a564ea3fe6b388d5fce451f9f9c4f at

https://github.com/aragon/aragon-network-token

I’ve been working closely with Aragon developers, improving the code reviewing and fixing issues in this contracts.

After analyzing the code for 8h, I don’t see any issues that can affect the security of funds in these smart contracts.

I would also like to mention some characteristics of these smart contracts that do much to mitigate potential security issues.

All the ether will be held in a very simple contract `SaleWallet` and then will be transferred to a multisig upon completion of the sale. This multisig is developed by Consensys and used in other important projects like Gnosis and Golem to hold several million dollars worth of ether.

All transactions that move ethers and Tokens are logged in the blockchain, so in the worst case scenario, it will always be possible to reconstruct the correct token balances.

The core of the token contract is based on the MiniMe Token (ERC20 clonable token). This token was developed by myself and has been successfully implemented important projects like Swarm City and Giveth for months now.

This makes the probability of losing any ether even if there is an unseen bug in these contracts very low.

Some notes for token holders.

  1. - The collected ether will go to the multisig `aragonDevMultisig`controlled by a series of accounts that can move the ether where they desire. It’s important to know who will control this multisig.
  2. The token will be controlled by the owners of the so called `communityMultisig`it is important to know who control this multisig.
  3. In the contract there is a soft cap and a hard cap. It is possible that they collect more ether than the soft cap if they reveal the cap after this limit is reached.

Some notes for technical persons.

From my point of view the biggest criticism of this contract is the Vesting functionality at the top of the Minime contract. I think that the functionality of those 200 lines of code could be implemented in an external contract reducing the complexity and the risk of the contract.

Limitations of this work

I didn’t audit the external wallet.

I didn’t make any low level reviews of the assembly code generated by the solidity compiler.

I didn’t make any tests for this code. Just read the code and commented all the issues that I found.

I didn’t verify the deployment of the contract.

I just made an audit of the smart contracts. I’m not making any evaluation of the project or the people leading the project.

Smart contract security audits like this one, reduce the risks of the smart contracts issues but they do not warranty bug-free code. I encourage the community, especially the Aragon community that will be using these contracts directly to continue to analyze these contracts and make their own audits.