SlideShare a Scribd company logo

Blockchain Land Audit Report.pdf

ā€¢
ā€¢
B
BlockchainLand

We're very thrilled to announce šŸšØ šŸ›” We have successfully completed our #securityaudit with #hacksafe Browse full audit report : https://hacksafe.io/blockchain-land-token/ šŸŒ https://blockchain.land #Metaverse #blockchainland #VR #AR #cryptocurrency #blockchain

Technology
1 of 18
Download to read offline
Security Status Smart Contract Security Audit Report Blockchain Land July 2022 www.hacksafe.io
Audit Details Page No. 02 www.hacksafe.io Audited project Blockchain Land Deployer address 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 Client contacts Blockchain Land Blockchain Binance Smart chain Website https://blockchain.land/
Disclaimer Page No. 03 www.hacksafe.io
Procedure Step 1 - In-Depth Manual Review Manual line-by-line code reviews to ensure the logic behind each function is sound and safe from various attack vectors. This is the most important and lengthy portion of the audit process (as automated tools often cannot ļ¬nd the nuances that lead to exploits such as ļ¬‚ash loan attacks). Step 2 - Automated Testing Simulation of a variety of interactions with your Smart Contract on a test blockchain leveraging a combination of automated test tools and manual testing to determine if any security vulnerabilities exist. Step 3 ā€“ Leadership Review The engineers assigned to the audit will schedule meetings with our leadership team to review the contracts, any comments or ļ¬ndings, and ask questions to further apply adversarial thinking to discuss less common attack vectors. Step 4 - Resolution of Issues Consulting with the team to provide our recommendations to ensure the code's security and optimize its gas eļ¬ƒciency, if possible. We assist project team's in resolving any outstanding issues or implementing our recommendations. Step 5 - Published Audit Report Boiling down results and ļ¬ndings into an easy-to-read report tailored to the project. Our audit reports highlight resolved issues and any risks that exist to the project or its users, along with any remaining suggested remediation measures. Diagrams are included at the end of each report to help users understand the interactions which occur within the project. Page No. 04 www.hacksafe.io
Background HackSafe was commissioned by Blockchain Land to perform an audit of smart contract: https://bscscan.com/address/0x471a5e862af35d2148bd8b505b361b1ddf5ļ¬€ef1#code The purpose of the audit was to achieve the The information in this report should be understand the risk exposure of the smart contract, and as a guide to improve the security posture of the smart contract by remediating the issues that were identiļ¬ed. Page No. 05 www.hacksafe.io Ensutre that the smart contract functions as intended. Identify potential security issues with the smart contract.
Contract Details : Token : BEP20 : 0x471A5e862af35D2148bd8b505b361b1DDf5fFef1 Token contract details for 05.07.2022 Contract name Token Type Contract address Page No. 06 www.hacksafe.io Compiler version Total supply Top 100 token holderā€™s dominance Transactions count Decimals Contract deployer address Owner address Token Holders : v0.8.10+commit.fc410830 : 7,210,000,000 : 100.00% : 1 Token Ticker : BCL : 18 : 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 : 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 : 1
Social proļ¬les : https://twitter.com/land_blockchain Twitter Proļ¬le Page No. 07 www.hacksafe.io Facebook Proļ¬le LinkedIN Proļ¬le Telegram Proļ¬le Instagram proļ¬le Medium Proļ¬le Youtube proļ¬le : https://www.facebook.com/BlockchainLandOļ¬ƒcial/ : https://www.linkedin.com/company/blockchain-land/ : https://t.me/BlockchainLandOļ¬ƒcial : https://www.instagram.com/theblockchainland/ : https://blockchainland.medium.com/ : https://www.youtube.com/channel/UCyM4Z0ZDNpcB7Cjr14 Q0G3A
Claimed Smart Contract Features Yes, This is valid. Claimed Feature Detail Our Observation Tokenomics : Page No. 08 www.hacksafe.io : Blockchain Land Name : BCL Symbol : 18 Decimals : BEP20 : 0x471A5e862af35D2148bd8 b505b361b1DDf5fFef1 Protocol Contract address : 7,210,000,000 Max Total supply
Audit Summary Insecure Poor secured Well-secured Secure According to the standard audit assessment, Customer`s solidity smart contracts are ā€œWell Secureā€. This token contract does contain owner control, which do not make it fully decentralized as owner does have control over smart contract. We used various tools like Slither, Mythril and Remix IDE. At the same time this ļ¬nding is based on critical analysis of the manual audit. All issues found during automated and manual analysis were manually reviewed and applicable vulnerabilities are presented in the issues checking status. We found 0 critical, 0 high, 0 medium and 0 low and some very low-level issues. You are here Page No. 09 www.hacksafe.io
Blockchain Land Distribution Blockchain Land Top 01 Token Holders
Blockchain Land Distribution Blockchain Land Contract Overview Page No. 10 www.hacksafe.io
Contract functions details + [Int] IERC20 +[Int] IERC20Metadata (IERC20) + Context +ERC20 (Context, IERC20, IERC20Metadata) -[Ext] totalSupply -[Ext] balanceOf -[Ext] transfer -[Ext] allowance -[Ext] approve -[Ext] transferFrom -[Ext] name -[Ext] symbol -[Ext] decimals -[Int] _msgSender - <constructor> # -[Pub] lockvalue # -[Pub] name -[Pub] symbol -[Pub] decimals -[Pub] totalSupply -[Pub] burner # -[Pub] balanceOf -[Pub] transfer # -[Pub] allowance -[Pub] approve # -[Pub] transferFrom # -[Pub] increaseAllowance -[Pub] decreaseAllowance -[Int] _transfer # -[Int] _mint# -[Int] _burn # -[Int] _approve # -[Int] _spendAllowance # -[Int] _beforeTokenTransfer # -[Int] _afterTokenTransfer #
Contract functions details ($) = payable function # = non-constant function Page No. 11 www.hacksafe.io + Token (ERC20) -<constructor> # - [Pub] mint # -modiļ¬ers: onlyOwner -[Pub] burn #
Issues Checking Status Status Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Title Unlocked Compiler Version Missing Input Validation Race conditions and Reentrancy. Cross-function race conditions. Possible delays in data delivery Oracle calls. Timestamp dependence. Integer Overļ¬‚ow and Underļ¬‚ow DoS with Revert. DoS with block gas limit. Methods execution permissions. Economy model of the contract. Private use data leaks. Malicious Event log. Scoping and Declarations. Uninitialized storage pointers. Arithmetic accuracy. Design Logic. Safe Open Zeppelin contracts implementation and usage. Incorrect Naming State Variable Compiler version too old No. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Passed Page No. 12 www.hacksafe.io
Severity Deļ¬nitions Critical vulnerabilities are usually straightforward to exploit and can lead to assets loss or data manipulations. Risk Level Description Critical High Medium Low High-level vulnerabilities are diļ¬ƒcult to exploit; however, they also have a signiļ¬cant impact on smart contract execution, e.g., public access to crucial functions Medium-level vulnerabilities are important to ļ¬x; however, they can't lead to assets loss or data manipulations. Low-level vulnerabilities are mostly related to outdated, unused, etc. code snippets that can't have a signiļ¬cant impact on execution. Page No. 13 www.hacksafe.io
Security Issues Critical Severity Issues No critical severity issue found. High Severity Issues No high severity issue found. Medium Severity Issues No medium severity issues found. Low Severity Issues No low severity issue found. Page No. 14 www.hacksafe.io
Centralization Owner Privileges : Blockchain Land Contract: This smart contract has some functions which can be executed by the Admin (Owner) only. If the admin wallet private key would be compromised, then it would create trouble. Following are Admin functions and burner functions: Mint Lockvalue Page No. 15 www.hacksafe.io Owner can mint new tokens upto maximum cap supply. Owner can lock value for some time when owner transfer amount of other address.
Conclusion HackSafe note: Please check the disclaimer above and note, the audit makes no statements or warranties on business model, investment attractiveness or code sustainability. The report is provided for the only contract mentioned in the report and does not include any other potential contracts deployed by Owner. Smart contract contains no severity issues! The further transfer and operations with the fund raised are not related to this particular contract. Page No. 16 www.hacksafe.io

Recommended

Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Simone Onofri
Ā 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architected
IBM Sverige
Ā 
Peck shield audit-report-umee-v1.0
Peck shield audit-report-umee-v1.0Peck shield audit-report-umee-v1.0
Peck shield audit-report-umee-v1.0
KennyNajarro2
Ā 
Ambisafe smart contracts audit
Ambisafe smart contracts auditAmbisafe smart contracts audit
Ambisafe smart contracts audit
Yar Naumenko
Ā 
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Muthusankaranarayana1
Ā 
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORKDECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
IRJET Journal
Ā 
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
Somish Blockchain Labs
Ā 
Peck shield audit-report-strips-1.0-for_medium
Peck shield audit-report-strips-1.0-for_mediumPeck shield audit-report-strips-1.0-for_medium
Peck shield audit-report-strips-1.0-for_medium
ChengZhu22
Ā 

Recommended

Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Simone Onofri
Ā 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architected
IBM Sverige
Ā 
Peck shield audit-report-umee-v1.0
Peck shield audit-report-umee-v1.0Peck shield audit-report-umee-v1.0
Peck shield audit-report-umee-v1.0
KennyNajarro2
Ā 
Ambisafe smart contracts audit
Ambisafe smart contracts auditAmbisafe smart contracts audit
Ambisafe smart contracts audit
Yar Naumenko
Ā 
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Security_evaluation_of_smart_contract_based_Ethereum_wallets___NSS__Camera_re...
Muthusankaranarayana1
Ā 
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORKDECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
DECENTRALIZED BLOCKCHAIN SERVICES USING CARDANO NETWORK
IRJET Journal
Ā 
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
EOS Smart Contract Audit (https://www.somish.com/blockchain/smart-contract-au...
Somish Blockchain Labs
Ā 
Peck shield audit-report-strips-1.0-for_medium
Peck shield audit-report-strips-1.0-for_mediumPeck shield audit-report-strips-1.0-for_medium
Peck shield audit-report-strips-1.0-for_medium
ChengZhu22
Ā 
Hyperledger
HyperledgerHyperledger
Hyperledger
Vinay Aitha
Ā 
growthbotics audit.pdf
growthbotics audit.pdfgrowthbotics audit.pdf
growthbotics audit.pdf
Wilson Kao
Ā 
An introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ruAn introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ru
LennartF
Ā 
Hyperledger Fabric and Tools
Hyperledger Fabric and ToolsHyperledger Fabric and Tools
Hyperledger Fabric and Tools
Rihusoft
Ā 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
Bohdan Szymanik
Ā 
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic ReviewIRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET Journal
Ā 
Navigating Crypto: Industry Map
Navigating Crypto: Industry MapNavigating Crypto: Industry Map
Navigating Crypto: Industry Map
Sarasotamug
Ā 
SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech
Quentin Samelson
Ā 
How to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead EngineerHow to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead Engineer
Product School
Ā 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed Blockchain
Amazon Web Services
Ā 
EthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptxEthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptx
WijdenBenothmen1
Ā 
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Nevruz Mesut Sahin
Ā 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Horea Porutiu
Ā 
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS
Ā 
Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24
ChengZhu22
Ā 
Build on Streakk Chain - Blockchain
Build on Streakk Chain - BlockchainBuild on Streakk Chain - Blockchain
Build on Streakk Chain - Blockchain
Earn.World
Ā 
IRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature SurveyIRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature Survey
IRJET Journal
Ā 
Creating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using BlockchainCreating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using Blockchain
IRJET Journal
Ā 
The GeeqChain Project Summary
The GeeqChain Project SummaryThe GeeqChain Project Summary
The GeeqChain Project Summary
Kris Bruynson
Ā 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using Blockchain
IRJET Journal
Ā 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
Ā 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
Ā 

More Related Content

Similar to Blockchain Land Audit Report.pdf

Hyperledger
HyperledgerHyperledger
Hyperledger
Vinay Aitha
Ā 
growthbotics audit.pdf
growthbotics audit.pdfgrowthbotics audit.pdf
growthbotics audit.pdf
Wilson Kao
Ā 
An introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ruAn introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ru
LennartF
Ā 
Hyperledger Fabric and Tools
Hyperledger Fabric and ToolsHyperledger Fabric and Tools
Hyperledger Fabric and Tools
Rihusoft
Ā 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
Bohdan Szymanik
Ā 
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic ReviewIRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET Journal
Ā 
Navigating Crypto: Industry Map
Navigating Crypto: Industry MapNavigating Crypto: Industry Map
Navigating Crypto: Industry Map
Sarasotamug
Ā 
SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech
Quentin Samelson
Ā 
How to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead EngineerHow to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead Engineer
Product School
Ā 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed Blockchain
Amazon Web Services
Ā 
EthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptxEthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptx
WijdenBenothmen1
Ā 
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Nevruz Mesut Sahin
Ā 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Horea Porutiu
Ā 
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS
Ā 
Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24
ChengZhu22
Ā 
Build on Streakk Chain - Blockchain
Build on Streakk Chain - BlockchainBuild on Streakk Chain - Blockchain
Build on Streakk Chain - Blockchain
Earn.World
Ā 
IRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature SurveyIRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature Survey
IRJET Journal
Ā 
Creating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using BlockchainCreating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using Blockchain
IRJET Journal
Ā 
The GeeqChain Project Summary
The GeeqChain Project SummaryThe GeeqChain Project Summary
The GeeqChain Project Summary
Kris Bruynson
Ā 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using Blockchain
IRJET Journal
Ā 

Similar to Blockchain Land Audit Report.pdf (20)

Hyperledger
HyperledgerHyperledger
Hyperledger
Ā 
growthbotics audit.pdf
growthbotics audit.pdfgrowthbotics audit.pdf
growthbotics audit.pdf
Ā 
An introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ruAn introduction to blockchain and hyperledger v ru
An introduction to blockchain and hyperledger v ru
Ā 
Hyperledger Fabric and Tools
Hyperledger Fabric and ToolsHyperledger Fabric and Tools
Hyperledger Fabric and Tools
Ā 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
Ā 
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic ReviewIRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
Ā 
Navigating Crypto: Industry Map
Navigating Crypto: Industry MapNavigating Crypto: Industry Map
Navigating Crypto: Industry Map
Ā 
SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech SMTAI PowerPoint: Blockchain for High Tech
SMTAI PowerPoint: Blockchain for High Tech
Ā 
How to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead EngineerHow to Create Blockchain Products by Fr8 Network Lead Engineer
How to Create Blockchain Products by Fr8 Network Lead Engineer
Ā 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed Blockchain
Ā 
EthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptxEthereumBlockchainMarch3 (1).pptx
EthereumBlockchainMarch3 (1).pptx
Ā 
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Ā 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Ā 
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_EN
Ā 
Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24Rep strips-finance-2021-11-24
Rep strips-finance-2021-11-24
Ā 
Build on Streakk Chain - Blockchain
Build on Streakk Chain - BlockchainBuild on Streakk Chain - Blockchain
Build on Streakk Chain - Blockchain
Ā 
IRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature SurveyIRJET- Blockchain Technology a Literature Survey
IRJET- Blockchain Technology a Literature Survey
Ā 
Creating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using BlockchainCreating An E-Commerce web application using Blockchain
Creating An E-Commerce web application using Blockchain
Ā 
The GeeqChain Project Summary
The GeeqChain Project SummaryThe GeeqChain Project Summary
The GeeqChain Project Summary
Ā 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using Blockchain
Ā 

Recently uploaded

Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
Ā 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
Ā 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
Ā 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
Ā 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
Ā 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
Ā 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
Ā 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
Ā 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
Ā 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
Ā 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-UniversitƤt
Ā 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
Ā 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
Ā 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
Ā 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
Ā 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
Ā 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
Ā 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
Ā 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
Ā 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
Ā 

Recently uploaded (20)

Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Ā 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Ā 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
Ā 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Ā 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Ā 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
Ā 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Ā 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Ā 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Ā 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Ā 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Ā 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Ā 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
Ā 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Ā 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Ā 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Ā 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Ā 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Ā 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Ā 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Ā 

Blockchain Land Audit Report.pdf

  • 1. Security Status Smart Contract Security Audit Report Blockchain Land July 2022 www.hacksafe.io
  • 2. Audit Details Page No. 02 www.hacksafe.io Audited project Blockchain Land Deployer address 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 Client contacts Blockchain Land Blockchain Binance Smart chain Website https://blockchain.land/
  • 3. Disclaimer Page No. 03 www.hacksafe.io
  • 4. Procedure Step 1 - In-Depth Manual Review Manual line-by-line code reviews to ensure the logic behind each function is sound and safe from various attack vectors. This is the most important and lengthy portion of the audit process (as automated tools often cannot ļ¬nd the nuances that lead to exploits such as ļ¬‚ash loan attacks). Step 2 - Automated Testing Simulation of a variety of interactions with your Smart Contract on a test blockchain leveraging a combination of automated test tools and manual testing to determine if any security vulnerabilities exist. Step 3 ā€“ Leadership Review The engineers assigned to the audit will schedule meetings with our leadership team to review the contracts, any comments or ļ¬ndings, and ask questions to further apply adversarial thinking to discuss less common attack vectors. Step 4 - Resolution of Issues Consulting with the team to provide our recommendations to ensure the code's security and optimize its gas eļ¬ƒciency, if possible. We assist project team's in resolving any outstanding issues or implementing our recommendations. Step 5 - Published Audit Report Boiling down results and ļ¬ndings into an easy-to-read report tailored to the project. Our audit reports highlight resolved issues and any risks that exist to the project or its users, along with any remaining suggested remediation measures. Diagrams are included at the end of each report to help users understand the interactions which occur within the project. Page No. 04 www.hacksafe.io
  • 5. Background HackSafe was commissioned by Blockchain Land to perform an audit of smart contract: https://bscscan.com/address/0x471a5e862af35d2148bd8b505b361b1ddf5ļ¬€ef1#code The purpose of the audit was to achieve the The information in this report should be understand the risk exposure of the smart contract, and as a guide to improve the security posture of the smart contract by remediating the issues that were identiļ¬ed. Page No. 05 www.hacksafe.io Ensutre that the smart contract functions as intended. Identify potential security issues with the smart contract.
  • 6. Contract Details : Token : BEP20 : 0x471A5e862af35D2148bd8b505b361b1DDf5fFef1 Token contract details for 05.07.2022 Contract name Token Type Contract address Page No. 06 www.hacksafe.io Compiler version Total supply Top 100 token holderā€™s dominance Transactions count Decimals Contract deployer address Owner address Token Holders : v0.8.10+commit.fc410830 : 7,210,000,000 : 100.00% : 1 Token Ticker : BCL : 18 : 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 : 0xFACE67a28694fe815c5EFB46b32B0506d0f6b568 : 1
  • 7. Social proļ¬les : https://twitter.com/land_blockchain Twitter Proļ¬le Page No. 07 www.hacksafe.io Facebook Proļ¬le LinkedIN Proļ¬le Telegram Proļ¬le Instagram proļ¬le Medium Proļ¬le Youtube proļ¬le : https://www.facebook.com/BlockchainLandOļ¬ƒcial/ : https://www.linkedin.com/company/blockchain-land/ : https://t.me/BlockchainLandOļ¬ƒcial : https://www.instagram.com/theblockchainland/ : https://blockchainland.medium.com/ : https://www.youtube.com/channel/UCyM4Z0ZDNpcB7Cjr14 Q0G3A
  • 8. Claimed Smart Contract Features Yes, This is valid. Claimed Feature Detail Our Observation Tokenomics : Page No. 08 www.hacksafe.io : Blockchain Land Name : BCL Symbol : 18 Decimals : BEP20 : 0x471A5e862af35D2148bd8 b505b361b1DDf5fFef1 Protocol Contract address : 7,210,000,000 Max Total supply
  • 9. Audit Summary Insecure Poor secured Well-secured Secure According to the standard audit assessment, Customer`s solidity smart contracts are ā€œWell Secureā€. This token contract does contain owner control, which do not make it fully decentralized as owner does have control over smart contract. We used various tools like Slither, Mythril and Remix IDE. At the same time this ļ¬nding is based on critical analysis of the manual audit. All issues found during automated and manual analysis were manually reviewed and applicable vulnerabilities are presented in the issues checking status. We found 0 critical, 0 high, 0 medium and 0 low and some very low-level issues. You are here Page No. 09 www.hacksafe.io
  • 10. Blockchain Land Distribution Blockchain Land Top 01 Token Holders
  • 11. Blockchain Land Distribution Blockchain Land Contract Overview Page No. 10 www.hacksafe.io
  • 12. Contract functions details + [Int] IERC20 +[Int] IERC20Metadata (IERC20) + Context +ERC20 (Context, IERC20, IERC20Metadata) -[Ext] totalSupply -[Ext] balanceOf -[Ext] transfer -[Ext] allowance -[Ext] approve -[Ext] transferFrom -[Ext] name -[Ext] symbol -[Ext] decimals -[Int] _msgSender - <constructor> # -[Pub] lockvalue # -[Pub] name -[Pub] symbol -[Pub] decimals -[Pub] totalSupply -[Pub] burner # -[Pub] balanceOf -[Pub] transfer # -[Pub] allowance -[Pub] approve # -[Pub] transferFrom # -[Pub] increaseAllowance -[Pub] decreaseAllowance -[Int] _transfer # -[Int] _mint# -[Int] _burn # -[Int] _approve # -[Int] _spendAllowance # -[Int] _beforeTokenTransfer # -[Int] _afterTokenTransfer #
  • 13. Contract functions details ($) = payable function # = non-constant function Page No. 11 www.hacksafe.io + Token (ERC20) -<constructor> # - [Pub] mint # -modiļ¬ers: onlyOwner -[Pub] burn #
  • 14. Issues Checking Status Status Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Passed Title Unlocked Compiler Version Missing Input Validation Race conditions and Reentrancy. Cross-function race conditions. Possible delays in data delivery Oracle calls. Timestamp dependence. Integer Overļ¬‚ow and Underļ¬‚ow DoS with Revert. DoS with block gas limit. Methods execution permissions. Economy model of the contract. Private use data leaks. Malicious Event log. Scoping and Declarations. Uninitialized storage pointers. Arithmetic accuracy. Design Logic. Safe Open Zeppelin contracts implementation and usage. Incorrect Naming State Variable Compiler version too old No. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Passed Page No. 12 www.hacksafe.io
  • 15. Severity Deļ¬nitions Critical vulnerabilities are usually straightforward to exploit and can lead to assets loss or data manipulations. Risk Level Description Critical High Medium Low High-level vulnerabilities are diļ¬ƒcult to exploit; however, they also have a signiļ¬cant impact on smart contract execution, e.g., public access to crucial functions Medium-level vulnerabilities are important to ļ¬x; however, they can't lead to assets loss or data manipulations. Low-level vulnerabilities are mostly related to outdated, unused, etc. code snippets that can't have a signiļ¬cant impact on execution. Page No. 13 www.hacksafe.io
  • 16. Security Issues Critical Severity Issues No critical severity issue found. High Severity Issues No high severity issue found. Medium Severity Issues No medium severity issues found. Low Severity Issues No low severity issue found. Page No. 14 www.hacksafe.io
  • 17. Centralization Owner Privileges : Blockchain Land Contract: This smart contract has some functions which can be executed by the Admin (Owner) only. If the admin wallet private key would be compromised, then it would create trouble. Following are Admin functions and burner functions: Mint Lockvalue Page No. 15 www.hacksafe.io Owner can mint new tokens upto maximum cap supply. Owner can lock value for some time when owner transfer amount of other address.
  • 18. Conclusion HackSafe note: Please check the disclaimer above and note, the audit makes no statements or warranties on business model, investment attractiveness or code sustainability. The report is provided for the only contract mentioned in the report and does not include any other potential contracts deployed by Owner. Smart contract contains no severity issues! The further transfer and operations with the fund raised are not related to this particular contract. Page No. 16 www.hacksafe.io