AQX Smart Contract Audit

AQUA is excited to collaborate with Quantstamp. All of our smart contracts will be audited with their advanced new protocol for contract verification.

Quantstamp the smart contract auditing protocol is the first scalable security-auditing solution, specifically designed to find vulnerabilities in Ethereum smart contracts. It is a specialized network that connects developers, investors and users around a transparent and scalable proof-of-audit solution. It’s network provides the much needed transparency, by enabling automated checks on vulnerabilities and automatically rewarding verifiers who identify bugs.

AQUA has selected Quantstamp to professionally audit our token sale contract and publish the results. We requested this check to ensure that all the measures promised in the whitepaper are fully functional and our smart contract is secure.

Blockchain security

With the rise of blockchain the concept of smart contracts was introduced to the public and investors, payments and investments have completely changed, and companies have had to upgrade accordingly. With such advancements, security checks must evolve too. How does an investor trust that their money is not going into the hands of scammers or that the smart contract won’t catch any bugs and cause issues? Through Smart Contract Security Auditing.

Traditional online trading brokers are monitored by external auditors and regulators. This ensures that the company is securely and responsibly handling its client funds. The audit is handled by a third party which is a trusted auditing company which poses no conflict of interest. The same applies to blockchain audits for smart contracts.

What is a smart contract security audit?

A smart contract security audit is a technical procedure which considers crucial features of the smart contract code to analyze if the code is secure, corresponds to the documentation provided by the company, and if the code meets best practices in efficient use of gas, code readability and so on.

The audit is performed through several processes including an automated analysis through private and public code analyzers and manual audit.

The audit checks for common vulnerabilities which could pose security risk if found.

Why are smart contract security audits important?

Blockchain technology is one of the safest in existence however measures must be taken to maintain this security. Smart contracts can catch bugs if they are not frequently scanned and checked. This is a mistake some exchanges and blockchain business have had to learn the hard way.

Smart contracts which catch bugs are vulnerable ones due to lack of inspection and security checks to ensure they are well protected. Granted keeping a smart contract safe is not an easy job and it requires consistent scrutiny of the codes for vulnerabilities.

AQUA x Quantstamp

At AQUA, we will run frequent internal and external security checks. This will ensure that when low severity issues are found, they are addressed and fixed before they escalate to medium or critical levels where security can be compromised.

User safety will always be our priority, and we will keep all our users and participants secure at AQUA the way we have done for all our enterprise clients.

The AQX smart contract for the ‘AQX Token’ went through an automated analysis through Quantstamp for a professionally audit of our token sale contract. All the issues found by the tools were manually checked and proved to be safe. Any recommendations for improvement were thoroughly addressed by our technical team. Here are the results:

{
"timestamp": 1535925091,
"contract_uri": "https://s3.amazonaws.com/qsp-network-published-contracts/5045cc92-0ad8-45c7-a767-4a48f79dadfc",
"contract_hash": "e49bc704290a4322eecb827618fc1eba4863271cf9678da31bd24dd5e18b1526",
"requestor": "0x7714cC433122c1aFC4486e770e6F82AB2B541dDC",
"auditor": "0xa0f089D377b7e038cc8D71d813aAe2Cd59Eff7d4",
"request_id": 24,
"version": "0.1.2",
"audit_state": 4,
"status": "success",
"analyzers_reports": [
{
"analyzer": {
"name": "oyente",
"version": "7d8e53322957adb11983cc05aa04a410aa320e078bdfe2e9e395dcdde9610e67",
"command": "python /oyente/oyente/oyente.py -ce -j -s /shared/tmp186kh3q3",
"vulnerabilities_checked": [
"integer_underflow",
"integer_overflow",
"callstack",
"money_concurrency",
"time_dependency",
"reentrancy",
"parity_multisig_bug_2",
"assertion_failure"
]
},
"status": "success",
"warnings": [
"root:You are using solc version 0.4.24, The latest supported version is 0.4.19"
],
"coverages": [
{
"percentage": 100,
"file": "5045cc92-0ad8-45c7-a767-4a48f79dadfc",
"contract": "AQUA"
},
{
"percentage": 100,
"file": "5045cc92-0ad8-45c7-a767-4a48f79dadfc",
"contract": "SafeMath"
}
],
"potential_vulnerabilities": [
{
"name": "integer_overflow",
"file": "5045cc92-0ad8-45c7-a767-4a48f79dadfc",
"contract": "AQUA",
"instances": [
{
"ref_id": 0,
"start_line": 26,
"end_line": 26
}
]
}
],
"count_potential_vulnerabilities": 1,
"hash": "bf75cedc8f761c2b58810736ce6182079a5a6b5284edc918d9e64d252ab49b8d",
"start_time": 1535925017,
"end_time": 1535925091
},
{
"analyzer": {
"name": "mythril",
"version": "a4e01e358fc52517a1889fad415846876d27ad9e8f6555a59246b761a89ec882",
"command": "docker run -v \"\":/shared/ -i \"mythril/myth@sha256:a4e01e358fc52517a1889fad415846876d27ad9e8f6555a59246b761a89ec882\" -o json -x \"/shared/tmp186kh3q3\"",
"vulnerabilities_checked": [
"call_data_forwarded",
"dependence_on_environment_variable",
"call_to_a_user-supplied_address",
"use_of_tx_origin",
"ether_send",
"exception_state",
"message_call_to_external_contract",
"state_change_after_external_call",
"integer_overflow",
"integer_underflow",
"multiple_calls",
"unchecked_suicide",
"transaction_order_dependence",
"unchecked_call_return_value"
]
},
"status": "success",
"potential_vulnerabilities": [],
"count_potential_vulnerabilities": 0,
"hash": "89d6868a94a00136d265c40eb6c9672702b2efe68928f125b0b2e1967dc96bfe",
"start_time": 1535925017,
"end_time": 1535925091
}
],
"compilation_warnings": [
"5045cc92-0ad8-45c7-a767-4a48f79dadfc:62:6: Warning: Defining constructors as functions with the same name as the contract is deprecated. Use \"constructor(...) { ... }\" instead.\n function AQUA () public {\n ^ (Relevant source part starts here
and spans across multiple lines).\n"
]
}

About AQUA:

AQUA Intelligence is developing a data-driven platform on the blockchain that will allow consumers to monetize and validate their personal data. AQUA has planned a complete roadmap to build AQUA Intelligence and is proven in their ability to execute with a demonstrable product in service. Part of their strategy is to gather data from their current products and discrete data sources to build the industry’s first comprehensive profile system for the international market. By leveraging Artificial Intelligence along with predictive analytics, these profiles will enable businesses to improve sales, retention, conversion and customer satisfaction, significantly. AQUA is poised to evolve in a multi-billion dollar industry with significant market potential. You can learn more about AQUA at aquaintel.io and help support our mission.

You can read more about AQUA Intelligence on our whitepaper.

Follow AQUA INTELLIGENCE on our Website, Telegram, Reddit, Facebook, or Twitter for the latest updates on AQUA development!