Closed Yomic closed 2 years ago
@Yomic the audit fee is 1286 USDT. You may send USDT (ERC20 or BEP20) to: 0xb9662e592f2f0412be62f0833ca463a9b1aabebb or USDT (TRC20) to: TBzUKbek9AYVBwf91ykh3KY4Ushk95SCiB
The estimated auditing time - 12 days after payment.
The payment has now been sent via this transaction: https://etherscan.io/tx/0x6e01ea804ded9ba51e0ab0611dc3c0a74487529b31cdbc99cd1eda0f6fd7fb8c
Let me know what you find!
Please note that as a test of swapping out Pet Care contracts the above "Pet Care contract" has been replaced by this contract on Ropsten:
https://ropsten.etherscan.io/address/0x59B62FA82B8adAeE4Da97259c8a081A0C0c9B68F#code
The test was performed successfully with minimal down-time.
Payment received. Thank you.
The report was sent to developer email.
Great, I have made some of the proposed changes, most notably "3.3 Approved minters" and "3.4 Anybody can burn Care Tokens from any account" because they were the highest risks to the users. Note for use on the checklist, the contracts had received public beta testing and a bug bounty is still in effect from the beta testing period.
Thank you for the thorough audit. It can be published publicly if wanted now.
Audit request
The smart contract is 4 different contracts that interact with each other to make a digital pet game. It is also extendable which opens the possibility for growth in the future. The first two are NFTs, the second of which has stats. The 3rd is an ERC20 token that generates tokens over time and mints to authorized contracts (which can be frozen). The 4th is the first of a few planned contracts that make the NFTs interactable and able to earn the ERC20 token.
Source code
Smart Contracts on Ropsten: v0 Pets: https://ropsten.etherscan.io/address/0xde1Dee12267fc762493d35A7E10941bB60591bc7#code v1 Pets: https://ropsten.etherscan.io/address/0x7cab257033FA4720220DBd5Ee4f2Dd3AB8af4F5E#code Pet Care: https://ropsten.etherscan.io/address/0xcbb4E96e845BB6274E5047381065539CCf80cfa3#code Care Token: https://ropsten.etherscan.io/address/0x4c00176d5021b465Fdc1D11d83B67B8F3636Fb6A#code
If they need to be on github, then I can push them there if needed.
Disclosure policy
I would like critical issues disclosed privately so we can correct the mistakes before it is published to the public blockchain. Afterwards, once the issues are fixed, the report can be public.
Standard disclosure policy.
Contact information (optional)
I can be contacted via e-mail at: trey@heartfeltgames.org
Website: https://www.spiritorbpets.com/ Twitter: https://www.twitter.com/SpiritOrbPets Discord: https://discord.gg/SpiritOrbPets
Platform
ETH, possibly with interactions migrating to Polygon.