Abhishek Sharma
Jul 19, 2019 · 9 min read

by QuillAudits, July 2019

Introduction :

This Audit Report highlights the overall security of FessChain Smart Contract. With this report, we have tried to ensure the reliability of their smart contract by complete assessment of their system’s architecture and the smart contract codebase.

Auditing Approach and Methodologies applied :

Quillhash team has performed thorough testing of the project starting with analysing the code design patterns in which we reviewed the smart contract architecture to ensure it is structured and safe use of third party smart contracts and libraries.

Our team then performed a formal line by line inspection of the Smart Contract in order to find any potential issues like race conditions, transaction-ordering dependence, timestamp dependence, and denial of service attacks.

In the Unit testing Phase we coded/conducted Custom unit tests written for each function in the contract to verify that each function works as expected. In Automated Testing, We tested the Smart Contract with our in-house developed tools to identify vulnerabilities and security flaws.

The code was tested in collaboration of our multiple team members and this included -

  1. Testing the functionality of the Smart Contract to determine proper logic has been followed throughout.
  2. Analyzing the complexity of the code by thorough, manual review of the code, line-by-line.
  3. Deploying the code on testnet using multiple clients to run live tests
  4. Analyzing failure preparations to check how the Smart Contract performs in case of bugs and vulnerabilities.
  5. Checking whether all the libraries used in the code are on the latest version.
  6. Analyzing the security of the on-chain data.

Audit Details

  • Project Name: FESSCHAIN
  • website/Etherscan Code : website
  • Languages: Solidity (Smart contract), Javascript (Unit Testing)

Summary of FESSCHAIN Smart Contract :

QuillAudits conducted a security audit of a smart contract of FESSCHAIN. Fesschain smart contract is used to create the ERC20 token which is a FESS Token, Smart contract contain basic functionalities of ERC20 token with total supply of 10b and some advance functionalities of sending tokens of tokenomics and their locking and releasing period.

Total Supply : 10000000000 (10 b)

Token Name : FESS

Token Symbol : FESS

Decimal : 18


Total Supply : 10000000000 (10 b)

Tokens For Sale = 600000000

Team Tokens = 2400000000

Maintenance Tokens = 1000000000

Marketing Tokens = 10000000

AirDrop In IEO Tokens = 20000000

Bounty In IEO Tokens = 30000000

Minting Tokens = 2250000000

AirDrop With Dapps Tokens = 3690000000

There is a lock period for marketing tokens for 8 months, team tokens will be initially sent 5% and quarterly team members can call function to withdraw 10% of tokens.

Audit Goals

The focus of the audit was to verify that the smart contract system is secure, resilient and working according to its specifications. The audit activities can be grouped in the following three categories:

Security: Identifying security related issues within each contract and within the system of contracts.

Sound Architecture: Evaluation of the architecture of this system through the lens of established smart contract best practices and general software best practices.

Code Correctness and Quality: A full review of the contract source code. The primary areas of focus include:

  • Correctness
  • Readability
  • Sections of code with high complexity
  • Quantity and quality of test coverage

Security Level references :

Every issue in this report was assigned a severity level from the following:

High severity issues will bring problems and should be fixed.

Medium severity issues could potentially bring problems and should eventually be fixed.

Low severity issues are minor details and warnings that can remain unfixed but would be better fixed at some point in the future.

Unit Testing

Test Suite

Contract: FessChain Token Contracts

✓ Should correctly initialize constructor values of FessChain Token Contract (314ms)

Final Result of Test:

✓ 102 Passing (16s) PASSED

❌ 0 Failed

Slither Tool Result :

Manual Transactions

Network : Ropsten, Remix ethereum

contract creation 

Cannot withdraw tokens before 3 months


Coverage Report

Coverage report defines how much our test cases touching solidity code.

Our test cases covered 100% functions and 97.55% of line of code of solidity contract.

98.64% of statements are covered with unit testing

Coverage report give assurance that our unit testing is 100% touching smart contract code.

Surya Tool Result

Thanks for reading. Also do check out our earlier blog posts.

QuillAudits is a secure smart contract audits platform designed by QuillHash Technologies. It is a fully automated platform to verify smart contracts to check for security vulnerabilities through it’s superior manual review and automated tools. We conduct both smart contract audits and penetration tests to find potential security vulnerabilities which might harm the platform’s integrity.

To be up to date with our work, Join Our Community :-

Telegram | Twitter | Facebook | LinkedIn


Delivering Enterprise-grade blockchain technology to leading companies worldwide.

Abhishek Sharma

Written by

Smart Contract Developer and Auditor, DeFi, DEX



Delivering Enterprise-grade blockchain technology to leading companies worldwide.

More From Medium

More from QuillHash

More on Blockchain from QuillHash

More on Blockchain from QuillHash

Coronavirus Tracking with Blockchain- QuillTrace

Preetam Rao
Mar 22 · 5 min read


More on Ethereum from QuillHash

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade