Omniscia Bware Labs Audit

BwareTokenVault Static Analysis Findings

BTV-01S: Potentially Dangerous Comparison

Type	Severity	Location
Logical Fault	Minor	BwareTokenVault.sol:L550

Description:

The lockVault function contains a require check that strictly evaluates the contract's balance to be equal to the totalAllocation.

Example:

ico/contracts/BwareTokenVault.sol

549function lockVault() external onlyOwner notLocked {
550    require(token.balanceOf(address(this)) == totalAllocation, "Not enough tokens on vault");
551
552    // set the config of the unlocking groups, unset fields are 0 by default
553    GroupConfig storage ptr = groupConfig[_others_];
554    ptr.ratioTGE                            = 1;
555
556    ptr = groupConfig[_investors_];
557    ptr.ratioTGE                            = 5;
558    ptr.vestingStages                       = 3;
559    ptr.untilVesting                        = 90 days;
560
561    ptr = groupConfig[_team_];
562    ptr.vestingStages                       = 12;
563    ptr.untilVesting                        = 360 days;
564
565    ptr = groupConfig[_advisors_];
566    ptr.ratioTGE                            = 10;
567    ptr.vestingStages                       = 3;
568    ptr.untilVesting                        = 90 days;
569
570    allocations[stakingWallet]              = stakingAlloc;
571    walletGroup[stakingWallet]              = _others_;
572
573    allocations[teamWallet]                 = teamAlloc;
574    walletGroup[teamWallet]                 = _team_;
575
576    allocations[advisorsWallet]             = advisorsAlloc;
577    walletGroup[advisorsWallet]             = _advisors_;
578
579    allocations[insuranceWallet]            = insuranceAlloc;
580    walletGroup[insuranceWallet]            = _others_;
581
582    allocations[protocolWallet]             = protocolAlloc;
583    walletGroup[protocolWallet]             = _others_;
584
585    allocations[marketingWallet]            = marketingAlloc;
586    walletGroup[marketingWallet]            = _others_;
587
588    emit Allocated(stakingWallet, stakingAlloc);
589    emit Allocated(teamWallet, teamAlloc);
590    emit Allocated(advisorsWallet, advisorsAlloc);
591    emit Allocated(insuranceWallet, insuranceAlloc);
592    emit Allocated(protocolWallet, protocolAlloc);
593    emit Allocated(marketingWallet, marketingAlloc);
594
595    for (uint256 i = 0; i < investorCount; i++) {
596        address _investor = investorAddress[i];
597
598        allocations[_investor] = investorAllocation[_investor];
599        walletGroup[_investor] = _investors_;
600
601        emit Allocated(_investor, investorAllocation[_investor]);
602    }
603
604    // lock the vault
605    _lock();
606}

Recommendation:

We advise that the comparison is adjusted to be a greater-than-or-equal comparison as sending a single unit above the totalAllocation will cause the lockVault function to be inexecutable permanently.

Alleviation:

The conditional was updated according to our recommendation.

Omniscia Bware Labs Audit

BwareTokenVault Static Analysis Findings

BwareTokenVault Static Analysis Findings

BTV-01S: Potentially Dangerous Comparison

Description:

Example:

Recommendation:

Alleviation:

BwareBridge.sol (BBE-S)

BwareBridge.sol (BBE-M)

On this page