CVNX governance token and smart contracts security audit

[vadand]

Audit request

Hello

We require CVNX token and governance ERC20 smart contracts audit, which are deployed to release a CVNX ERC20 token and provide governance voting to the Crypviser Network.

Source code

The source - code is not public yet.

Disclosure policy

We would prefer to publish the audit reports after reviewing the results internally.

Standard disclosure policy.

Contact information (optional)

Email: vadim@crypviser.net Skype: vadim_skypenet Crypviser: cv101

... Provide information about the media resources of the project you want us to audit (website/ twitter account/ reddit/ telegram channel/ etc.) ...

https://crypviser.network https://t.me/crypviser_group www.twitter.com/crypviser

Platform

Ethereum ERC20 ... In which network will your contract be deployed? (EOS/TRX/ETC/ETH/CLO/UBQ/something else ) ...

[yuriy77k]

@vadand to audit your contract you have to provide source code. To keep it private, you can send it to may email yuri@callisto.network

[vadand]

@yuriy77k I've sent a link to download the contracts source code to your email yuri@callisto.network Can you please confirm the receipt and provide an offer?

[yuriy77k]

@vadand The audit fee is 682 USDT. You may send USDT (ERC20 or BEP20) to: 0xb9662e592f2f0412be62f0833ca463a9b1aabebb or USDT (TRC20) to: TBzUKbek9AYVBwf91ykh3KY4Ushk95SCiB

The estimated auditing time - 7 days after payment.

[vadand]

I sent you few more questions. Please clarify

[vadand]

@yuriy77k please check your email

[yuriy77k]

CVNX Token and Governance V2 Security Audit Report

1. Summary

CVNX Token and Governance V2 smart contract security audit report performed by Callisto Security Audit Department

• https://crypviser.network
• https://t.me/crypviser_group
• https://www.twitter.com/crypviser

2. In scope

CVNX Token https://etherscan.io/address/0xb2e7abc38b44a86be7965297b5a97e3b16453667#code

CVNXGovernance https://etherscan.io/address/0x4faba8c745aff69110328cff817472ca03d0f65d#code

The same as provided privately in the file CVNXContract 2.0.zip

Smart contracts:

• CVNX.sol
• CVNXGovernance.sol
• ICVNX.sol
• ICVNXGovernance.sol

3. Findings

In total, 0 issues were reported including:

• 0 high severity issues.

• 0 medium severity issues.

• 0 low severity issues.

In total, 1 note were reported including:

• 0 notes.

• 1 owner privileges.

No critical security issues were found.

3.1. Owner privileges

Severity: owner privileges

Description

The function Swap() allow users to swap CVN to CVNX tokens. But CVNX tokens initially belongs to the owner wallet, so if owner transfer tokens to another wallet swap will not work.

4. Security practices

• [x] Open-source contact.
• [ ] The contract should pass a bug bounty after the completion of the security audit.
• [ ] Public testing.
• [ ] Multisig owner account.
• [x] Standard ERC20-related issues. - IMPLEMENTED. It is known that every contract can potentially receive unintended ERC20-token deposit without the ability to reject it even if the contract is not intended to receive or hold tokens. As the result it is recommended to implement a function that will allow to extract any arbitrary number of tokens from the contract.

5. Conclusion

The audited smart contract can be deployed. No security issues were found during the audit.

It is recommended to adhere to the security practices described in pt. 4 of this report in order to ensure the operability of the contract and prevent any issues which are not directly related to the code of this smart-contract.

[yuriy77k]

Gist with report: https://gist.github.com/yuriy77k/8318b6ba25bd9c2cdaf618637b086d9a