TrustPad x QuillAudits Audit
Scope of Audit
The scope of this audit was to analyse TrustPad.sol ($TPAD — native token) smart contract’s codebase for quality, security, and correctness.
QuillAudits Auditing Process
1. Specification Gathering
2. Manual Review
3. Manual Testing
4. Unit Testing
5. Testing with Automated Tools
6. Initial Audit Report
7. Final Stage
Checked Vulnerabilities
We have scanned the smart contract for commonly known and more specific vulnerabilities.
Techniques and Methods
Throughout the audit of smart contract, care was taken to ensure:
▪ The overall quality of code.
▪ Use of best practices.
▪ Code documentation and comments match logic and expected behaviour.
▪ Token distribution and calculations are as per the intended behaviour mentioned in the whitepaper.
▪ Implementation of ERC-20 token standards.
▪ Efficient use of gas.
▪ Code is safe from re-entrancy and other vulnerabilities.
The following techniques, methods and tools were used to review all the smart contracts.
Structural Analysis
In this step we have analyzed the design patterns and structure of smart contracts. A thorough check was done to ensure the smart contract is structured in a way that will not result in future problems. SmartCheck.
Static Analysis
Static Analysis of Smart Contracts was done to identify contract vulnerabilities. In this step a series of automated tools are used to test security of smart contracts.
Code Review / Manual Analysis
Manual Analysis or review of code was done to identify new vulnerability or verify the vulnerabilities found during the static analysis. Contracts were completely manually analyzed, their logic was checked and compared with the one described in the whitepaper. Besides, the results of automated analysis were manually verified.
Gas Consumption
In this step we have checked the behaviour of smart contracts in production. Checks were done to know how much gas gets consumed and possibilities of optimization of code to reduce gas consumption.
Tools and Platforms used for Audit: Remix IDE, Truffle, Truffle Team, Ganache, Solhint, Mythril, Slither, SmartCheck.
Closing Summary
Several issues of medium and low severity have been reported during the audit, out of which, most of them have been fixed. Some suggestions have also been made to improve the code quality and gas optimization. There were NO critical or major issues found that can break the intended behavior.
High Severity Issues Found
None
Full audit results here:
About QuillHash
Quillhash is a pioneer in building the custom decentralised ecosystem for enterprises and startups. With Our industry rich experience, you can leverage blockchain technology to deploy and secure your business by harnessing the power of Decentralized Technology.
About QuillAudits
Smart Contracts Auditing Services, DeFi Safety Audits, Cybersecurity Solutions For Blockchain & Crypto Products.
