Audit Report
Initial Report
An auditor has conducted an independent audit to verify the integrity of and highlight any vulnerabilities or errors, intentional or unintentional, that may be present in the codes that were provided for the scope of this audit.
The auditor, RubikHeads is the lead developer of a bluechip Avalanche Defi project who wishes to remain anonymous.
Hoppers Game is happy to announce there are no High Severity issues.
High Severity issues: Exploits, vulnerabilities, or errors that will certainly or probabilistically lead towards loss of funds, control, or impairment of the contract and its functions. Issues under this classification are recommended to be fixed with utmost urgency.
Automated Security Scan
Description
We have used automated security scanners to assist with the detection of well-known security issues and to identify low-hanging fruits on the targets for this engagement. Among the tools used was MythX, a security analysis service for Ethereum smart contracts. MythX performed a scan on all the contracts and sent the compiled results to the analyzers to locate any vulnerabilities.
Results
All issues raised MythX were false positives. Overflows and underflows are no longer a big issue as those contracts are using Solidity 0.8.12 version. After the Solidity version 0.8.0 Arithmetic operations revert to underflow and overflow by default.
Hoppers Dev Team Comments:
Comments below are in response to some of the Low to Medium findings. Low and Medium issues are not critical/high severity.
In response to "a zero-address check(s)" & emit based issues and other ownership comments, FLY-01, VEFLY-02, HOPP-03, BALL-03, VEFLY-03, HOPP-02, BALL-02, ZONE-02:
Specific address checks/emits are seen as a design choice. Hoppers Game is being set up to be extendable / added to. Once the content is no longer in need of an update, it will be moved into a gnosis safe.
In response to "Use of tx.origin", BALL-05:
We do not believe the tx.origin function is an issue for our use case.
In response to, "Contract exceeds size limit", HOPP-04:
We do not believe this to be an issue for our use case.
In response to, "Unsafe math", BALL-04:
This item was immediately addressed.
The initial report is being reviewed/addressed internally on a continuous basis as we change or alter code. As there are no critical items to address, the remaining items will be addressed on an individual basis. The longevity and security of the site are very important to us and will be constantly reviewing any new changes added.
Future audits, if they are needed, will be added here.
Last updated