Press Release: ImmuneBytes Completes GoodDollar Smart Contract Audit |2022|

ImmuneBytes officially announced the successful completion of the smart contract security audit for the GoodDollar smart contract.

Our auditors performed a detailed audit to ensure maximum risk coverage, leaving no scope for hidden vulnerabilities.

At ImmuneBytes, we conduct a detailed smart contract security audit, ensuring:

Risk identification and mitigation.
Efficient use of gas.
Use of best practices and principles.
Improved overall quality and structure of the code.
Token distribution and calculations as mentioned in the whitepaper.

The contract went through Structural, Static, and Dynamic analysis along with a systematic Code review. Post the final audit, we are pleased to report that no high severity issues were detected that could have majorly impacted the project performance.

Audit Report Overview

Project Name: GoodDollar
Contracts Name: CompoundStakingV2.sol, SimpleStakingV2
Languages: Solidity(Smart contract), Typescript (Unit Testing)
Github commits for the audit: 7ee04d23fb8ad3468a041e3f907d9310fb5ffa1d
Platforms and Tools: Remix IDE, Truffle, Truffle Team, Ganache, Solhint, VScode, Contract Library, Slither, SmartCheck


Audit Summary

The ImmuneBytes team thoroughly tested the project, beginning with a study of the smart contract architecture to ensure it is well-structured and secure for third-party smart contracts and libraries.

The Smart Contract was meticulously examined line-by-line to find potential problems, such as Signature Replay Attacks, Variable Shadowing, Unchecked External Calls, External Contract Referencing, Race conditions, Transaction-ordering dependence, Timestamp dependence, and DoS attacks, among others.

We run unit tests created by the developer during the unit testing process to ensure the functions perform as intended. In Automated Testing, we tested the Smart Contract with our in-house developed tools to identify vulnerabilities and security flaws.

Audit Goals

In order to confirm that the smart contract system is secure, resilient, and operating per its specifications, auditors thoroughly scrutinize for vulnerabilities in the system. This was discussed under the following three headings:

Security: Identifying security-related issues within each smart contract and the system of contracts.

Sound Architecture: This system's architecture was assessed using proven best practices for smart contracts and general software best practices.

Code Correctness and Quality: A thorough examination of the contract's source code focussing on:

Correctness
Readability
Sections of code with high complexity
Quantity and quality of test coverage




Security Level References

Every issue in this report was assigned a severity level from the following:

High severity issues, including problems that must be fixed for code to follow the intended behavior.

Medium severity issues could potentially bring problems and should eventually be fixed.

Low severity issues, including minor details and warnings that can remain unfixed but would be better fixed at some point in the future.


For GoodDollar quantified severity issues:


Issues High Medium Low
Open - 1 5
Closed - - -


Audit Report

Auditor's Recommendations

While conducting the audits of the GoodDollar smart contract, it was observed that the code contained Medium and low severity issues.
Our auditors suggest that medium and low severity issues should be resolved by the developers, along with other recommendations given in the detailed report to improve the operations of the smart contract.

Post refactoring the code, the final audit was conducted, details of which are given below:

Contracts Name: CompoundStakingV2.sol, SimpleStakingV2
Languages: Solidity(Smart contract), Typescript (Unit Testing)
Github commits for the audit: 7ee04d23fb8ad3468a041e3f907d9310fb5ffa1d
Platforms and Tools: Remix IDE, Truffle, Truffle Team, Ganache, Solhint, VScode, Contract Library, Slither, SmartCheck


Issues High Medium Low
Open - - 5
Closed - 1 -

About GoodDollar

GoodDollar is a 100% non-profit foundation looking to secure financial freedom for everyone worldwide by launching a digital coin built on the blockchain and based on the principles of universal basic income (UBI).

GoodDollar: Changing the Balance, For Good.

GoodDollar, a DAO and anti-poverty protocol, seeks to generate a continuous stream of digital basic income and distribute it among its users. In order to match incentives between those who have money and those in need, GoodDollar uses decentralized financing financial instruments, fostering more opportunity and growth for everyone.
Its mechanism allows people & organizations to lock funds into an interest-bearing decentralized protocol, currently compound finance and donating interest towards the Global Basic Income cause.

Visit https://www.gooddollar.org/ to know more about it.
About ImmuneBytes

ImmuneBytes is a security startup offering professional blockchain services. The group has practical expertise in executing security audits, penetration testing, and smart contract audits. The security auditors at ImmuneBytes have experience with A-grade projects and are knowledgeable on DeFi initiatives like AAVE, Compound, 0x Protocol, Uniswap, and dydx.

By offering security services on several frameworks, the team has been able to verify 175+ blockchain applications. The ImmuneBytes team supports startups by doing a thorough system analysis, assuring security, and overseeing the entire project.

Visit: https://www.immunebytes.com/ to know more about the services.