{"componentChunkName":"component---node-modules-rocketseat-gatsby-theme-docs-core-src-templates-docs-query-js","path":"/manual-review","result":{"data":{"mdx":{"id":"f930189f-7c6f-5b82-b4de-86f6f7858da5","excerpt":"A thorough line-by-line review was conducted on the codebase to identify potential malfunctions and vulnerabilities in the novel tier-based investment…","fields":{"slug":"/manual-review/"},"frontmatter":{"title":"Manual Review","description":"Briefly describes the output of the manual review of the project.","image":null,"disableTableOfContents":null},"body":"function _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"Manual Review\",\n \"description\": \"Briefly describes the output of the manual review of the project.\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, [\"components\"]);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"p\", null, \"A \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"thorough line-by-line review\"), \" was conducted on the codebase to identify potential malfunctions and vulnerabilities in the novel tier-based investment platform and staking implementation of KSM.\"), mdx(\"p\", null, \"As the project at hand implements an investment platform, intricate care was put into ensuring that the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"flow of funds within the system conforms to the specifications and restrictions\"), \" laid forth within the protocol's specification.\"), mdx(\"p\", null, \"We validated that \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"all state transitions of the system occur within sane criteria\"), \" and that all rudimentary formulas within the system execute as expected. We \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"pinpointed a major flaw in the tier-based calculations\"), \" within the system which could have had \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"severe ramifications\"), \" to its overall operation, however, they were conveyed ahead of time to the Flisko team to be \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"promptly remediated\"), \".\"), mdx(\"p\", null, \"Additionally, the system was investigated for any other commonly present attack vectors such as re-entrancy attacks, mathematical truncations, logical flaws and \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://eips.ethereum.org/\"\n }, \"ERC / EIP\"), \" standard inconsistencies. The documentation of the project was satisfactory to the extend it need be.\"), mdx(\"p\", null, \"A total of \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"11 findings\"), \" were identified over the course of the manual review of which \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"2 findings\"), \" concerned the behaviour and security of the system. The non-security related findings, such as optimizations, are included in the separate \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"/flisko-ksm-contracts/code-style\"\n }, \"Code Style\"), \" chapter.\"), mdx(\"p\", null, \"The finding table below enumerates all these security / behavioural findings:\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"ID\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Severity\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Addressed\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Title\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, mdx(\"a\", {\n parentName: \"td\",\n \"href\": \"/flisko-ksm-contracts/manual-review/IDO#IDO-01M\"\n }, \"IDO-01M\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Major\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Yes\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Incorrect Percentage Calculation\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, mdx(\"a\", {\n parentName: \"td\",\n \"href\": \"/flisko-ksm-contracts/manual-review/IDO#IDO-02M\"\n }, \"IDO-02M\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Minor\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Yes\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Inexplicable Administrative Functionality\")))));\n}\n;\nMDXContent.isMDXComponent = true;","headings":[]}},"pageContext":{"slug":"/manual-review/","prev":{"label":"Static Analysis","link":"/static-analysis"},"next":{"label":"Code Style","link":"/code-style"}}},"staticQueryHashes":["1954253342","2328931024","2501019404","973074209"]}