Auditing Modular’s Interactive Crowdsale with ConsenSys Diligence

ConsenSys Diligence is a ConsenSys service providing audits of smart contracts and programs built off the Ethereum network. Periodically, ConsenSys Diligence will publish a summary of an audit, including weaknesses and recommendations for clients. Recently, the Diligence team completed an audit of the Interactive Crowdsale platform by Modular. Read a recap of the team’s conclusions below.

The Modular team has invited the ConsenSys Diligence team to perform an audit for their Interactive Crowdsale libraries described in the Interactive Coin Offerings paper by Teutsch and Buterin. The publication proposes a new token sale model that attempts to achieve two basic properties that other token sale models have not or only partially delivered in the past:

• A fixed amount of currency buys at least a fixed fraction of the total tokens.
• Everyone can participate.

A token sale that achieves both of those properties is known as an Interactive Crowdsale or Interactive Token Sale. Teams planning to launch an Interactive Token Sale will be able to set up their Crowdsale with the libraries from Modular.

Interactive Crowdsale Stages

The token sale is staged over three distinct time periods that attempt to satisfy the above mentioned properties. An overview on the mechanics of each sale period is described in the table below:

More detailed information on the Interactive Crowdsale Libraries and the contract code can be found in the following Github repos:

• Ethereum libraries project page: was the basis for the initial audit.
• Interactive Crowdsale version 2.0.0 repo: includes all changes for the remediation phase. It has to be noted that this version contains new code that has not been reviewed as part of the audit.

More information on the scope and the remediation phase can be found in chapter 1.5 and 1.6 of the audit report.

Issue Severity Overview

ConsenSys Diligence classifies issues in smart contract code according to the particular issues’ severity. Severity comes in four categories: Minor, Medium, Major, or Critical. Minor severity issues are generally informational notes and recommendations that we add for the sake of thoroughness. Medium severity issues represent something that would be a trivial annoyance but can’t be disregarded entirely. Major severity issues represent a smaller, but still notable probability of significantly compromised functionality. Critical severity issues represent a very high probability of your system’s overall functionality being compromised irreparably.

The following table gives an overview of the issue count that has been identified during the audit and classifies them based on their severity.

Issue Overview

No critical vulnerabilities have been identified and only one finding with severity “Major” has been identified. The issue is a design flaw in the TokenLib library that allows the token sale owner to create an arbitrary amount of tokens after the crowd sale has ended. This option for the token sale owner to create new tokens contradicts with the objective to create a fair token sale for users because the promise of buying a fixed amount of tokens at a valuation of their choosing could be broken post sale.

Remediation

The audit went through an initial review of the entire code base and a remediation phase that focused on reviewing the issue fixes and implementation of the key recommendations.

1. Almost all issues have been fixed according to the remediation instructions. The residual open issues are lower severity issues that are currently in the backlog.
2. Modular significantly simplified the code base by removing the CrowdsaleLib.sol and merging it into InteractiveCrowdsaleLib.sol and refactoring storage variables.
3. Visibility of all functions was refactored to reduce potential attack surface of the contract system.
4. Safe Math is consistently used across the contract system. Before the audit this was only done in specific areas where the development team suspected potential security issues.
5. The token sale stages were not clear and ambiguous in some parts of the code base. Where possible Modifiers are used now that check if a function can be called during a specific token sale stage.

Recommendations

The following list is a set of key recommendations that should be backlogged and addressed in future releases:

• The most recent code changes that are included in 2.0.0 have not been audited. It is recommended to audit the new version, should there be any major changes to the code base.
• The contract system has been set up as a NPM package to address Excess friction using the libraries. The recent changes have not been reviewed as part of the audit.
• The majority of the tests are positive test cases, meaning that the tests confirm that the system works with an expected sequence of actions and inputs. The test suite should be expanded to include more negative scenarios to ensure that the safe checks within the contract system are working correctly.
• The documentation is not up to date with the code base and the current functionality. It should be updated on a regular basis.

Report

The complete report for the audit has been published here. Github issues were created in a separate audit working repository and links contained in the report are only accessible to the Modular team and the ConsenSys Diligence audit team.

Conclusion

It’s always exciting and fun to audit new and innovative smart contract systems and the Interactive Crowdsale libraries definitely fall into this category. It has to be noted that Modular went beyond just fixing single issues reported during the audit but that they addressed them throughout the code base. All in all it was a pleasure working with the Modular team and we are looking forward to work with them in the future.

—

I’m part of the team at ConsenSys Diligence. If you have a knack for diving deeply into Solidity and the EVM, and an interest in smart contract security, we’re looking for people to join our team (Apply here).

Disclaimer: The views expressed by the author above do not necessarily represent the views of Consensys AG. ConsenSys is a decentralized community with ConsenSys Media being a platform for members to freely express their diverse ideas and perspectives. To learn more about ConsenSys and Ethereum, please visit our website.