CertiK Audits PlotX Protocol
To Ensure Integrity Of Token Smart Contracts
Use-Case Profile
PlotX is a non-custodial, decentralized prediction protocol that enables web3 users to predict the future price of crypto assets using prediction markets.
That is possible thanks to the innovative way in which PlotX uses an Automated Market Making algorithm — one that generates markets, settles markets and distributes rewards among the network’s users, all in an autonomous fashion.
Users get a consistent experience of making predictions on hourly, daily and weekly markets around the price of crypto assets like BTC, ETH, YFI etc. Furthermore, PlotX uses GovBlocks (also used in Nexus Mutual) for on-chain governance.
Code Review & Auditing Process
Among other aspects of the PlotX codebase, the CertiK Professional Services team was tasked with the examination of the native $PLOT token, as well as delicate smart-contracts related to Vesting and Staking operations.
Our PS team initiated the process by conducting a system-based analysis of the entire codebase. In addition, we followed our standardized procedure.
A comprehensive examination has been performed, utilizing Dynamic Analysis, Static Analysis, and Manual review techniques. The auditing process pays special attention to the following considerations:
- Testing smart contracts against both common and uncommon attack vectors.
- Assessing the codebase to ensure compliance with current best practices and industry standards.
- Ensuring contract logic meets the specifications and intentions of the client.
- Cross-referencing contract structure and implementation against similar smart contracts produced by industry leaders.
- Thorough line-by-line manual review of the entire codebase.
Notable Recommendations
We were unable to identify any severely exposed attack vectors subject to exploitment while reviewing and testing the smart-contracts in question, as well as their response to a variety of potential scenarios.
Furthermore, we relayed our findings, and optimization advice to the PlotX team, and the full audited source code can be found here.
After mutual discussion, we concluded that the ideal choice is to skip on some minor recommendations as they are not substantial optimizations and would require changes across the whole codebase.
“This was the third and final audit of the PlotX Smart Contracts by CertiK Professional Services.
CertiK has been at the forefront of improving the security of smart contracts in the broader blockchain spectrum and we absolutely loved working with their Professional Services team.
PlotX Protocol and the $PLOT token are scheduled for launch on the Ethereum mainnet, and getting the security audits in time has been an important milestone.”
- Ish Goel Co-founder of PlotX
About PlotX
PlotX is a non-custodial, decentralized prediction protocol that enables web3 users to predict the future of crypto assets using prediction markets.
Dubbed as the Uniswap of Prediction Markets, PlotX uses an Automated Market Making algorithm to create, settle markets and distribute rewards on the Ethereum Blockchain without any counterparty risk. Markets are focused on crypto-pairs like BTC, ETH, YFI etc and are automatically created in intervals of 1h, 1d and 1w.
Over 2400 unique addresses have made more than 10,000 predictions on PlotX since the launch of their alpha on kovan testnet.
Learn more by visiting the PlotX website or following them on Twitter, Telegram or Discord
About CertiK
CertiK is a technology-led blockchain security company founded by Computer Science professors from Yale University and Columbia University built to prove the security and correctness of smart contracts and blockchain protocols.
CertiK’s mission of every audit is to apply different approaches and detection methods, ranging from manual, static, and dynamic analysis to ensure that the project is checked against known attacks and potential vulnerabilities. CertiK leverages a team of seasoned engineers and security auditors to apply testing methodologies and verifications on the project, in turn creating a more secure and robust software system.
CertiK has serviced more than 100 clients with high quality auditing and consulting services, ranging from stablecoins such as Binance’s BGBP and Paxos Gold to decentralized oracles such as Band Protocol and Tellor.
Stay connected!
Remember to follow us on the platforms below to stay up-to-date with our latest updates and announcements.
Website: https://certik.io
Twitter: https://twitter.com/certik_io
Linkedin: https://www.linkedin.com/company/certik/
GitHub: https://github.com/CertiKProject
To request your FREE consultation send us an email to bd@certik.io