Omniscia PolyTrade Finance Audit
Token Implementation Security Audit
We were tasked with auditing the codebase of Polytrade Finance and in particular their token implementation.
The token has been coded with the latest Solidity version in mind containing security checks for its mathematical operations inherently thus ensuring a greater level of security in its operations.
Its implementation consists of the typical ERC20 interface with an implementation of EIP-2612 via OpenZeppelin. Additionally, a burn and mint function has been created that are solely invoke-able by the governance that allow minting tokens to an arbitrary address and burning tokens from the governance address based on a 1-year minimum interval.
We were not able to identify any security vulnerabilities in the codebase, however, we did identify optimizations that can be appleid as well as an incorrect sanitization that is conducted during the token's constructor which have been pointed in the review chapters of this report.
| Files in Scope | Repository | Commit(s) |
|---|---|---|
| PolyTadeToken.sol (PTT) | polytrade-contracts | 82f311aa95 |
During the audit, we filtered and validated a total of 1 findings utilizing static analysis tools as well as identified a total of 4 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: