In a bid to improve its ecosystem and security, MONOPOLIO is auditing its smart contract. This audit will improve the reliability and correctness of their smart contracts. The game made this announcement via the MONOPOLIO GitHub Page. Here are the details of the MONOPOLIO smart contract audit.
Details of the MONOPOLIO Smart Contract Audit
The smart contract codebase undergoes rigorous system architecture assessment. In this regard, MONOPOLIO’s team performed a line by line inspection of the Smart Contract. The aim of this inspection is to find any potential issue like race conditions, transaction-ordering dependence, timestamp dependence, and denial of service attacks.
In the course of this testing, it used the following tools and platforms:
- Remix IDE
- Truffle
- Truffle Team
- Ganache
- Solhint
- VScode
- Mythril
- Contract Library
In addition, there was also a Unit testing phase. In this phase, their technical team ran tests for each function in the smart contracts. From this test, it was able to ascertain if each function will work well. Another test is the Automated testing. This test helps to reveal vulnerability and security flaws.
Asides the tests above, there were other tests done in collaboration with multiple team members. They include:
- Testing the functionality of the Smart Contract to determine if it follows proper logic throughout the whole process.
- Deploying the code on testnet using multiple clients to run live tests.
- Analyzing failure preparations to check how the Smart Contract performs in case of any bugs and vulnerabilities.
- Checking whether all the libraries used in the code are on the latest version.
- Analyzing the security of the on-chain data.
Smart Contract Goals and Outcomes
As mentioned earlier, the goal of the MONOPOLIO smart contract is to ascertain the security of the smart contract. This includes its accuracy, readability, code sections with high complexity, quality and quantity of test coverage.
Following the completion of the results, it categories security issues into levels. They include Note, Low, Medium, High and Critical levels of security issues. Fortunately, its smart contract did not fall short of these issues. At the end of the audit, MONOPOLIO’s smart contract passed the following tests:
- Compiler warnings.
- Race conditions and Reentrancy.
- Possible delays in data delivery.
- Oracle calls.
- Front running.
- Timestamp dependence.
- Integer Overflow and Underflow.
- DoS with Revert.
- DoS with block gas limit.
- Methods execution permissions.
- Economy model.
- The impact of the exchange rate on the logic.
- Private user data leaks.
- Malicious Event log.
- Scoping and Declarations.
- Uninitialized storage pointers.
- Arithmetic accuracy.
- Design Logic.
- Cross-function race conditions.
- Safe Zeppelin module.
- Fallback function security.
