Omniscia DappRadar Audit
Token Airdrop Security Audit
We were tasked with performing an audit of the DappRadar codebase and in particular their token and airdrop implementation.
Over the course of the audit, we identified a potentially incorrect execution path in the constructor of the Radar token as well as an improper validation of ECDSA signatures in the Lib dependency of the project both of which should be remediated.
Overall, the codebase is of a high standard and we advise the DappRadar team to integrate all our suggestions to ensure the code is production ready.
| Files in Scope | Repository | Commit(s) |
|---|---|---|
| Airdrop.sol (AIR) | dapp-radar | b2399d6a7d, e4d2ffe537 |
| Lib.sol (LIB) | dapp-radar | b2399d6a7d, e4d2ffe537 |
| RadarToken.sol (RTN) | dapp-radar | b2399d6a7d, e4d2ffe537 |
During the audit, we filtered and validated a total of 2 findings utilizing static analysis tools as well as identified a total of 5 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: