Dirham Token Security Audit

Dirham Token security audit, conducted by the Callisto Network Security Department during March 2021.

---

Dirham Token Specification

---

Audit Request

@openzeppelin/contracts-ethereum-package Token smart contract security audit report performed by Callisto Security Audit Department.

Dirham is a fiat collateralized stablecoin backed by AED. It is native to Dirham crypto where bonds are introduced to blockchain for the first time ever. Dirham holders may earn interest. Paying interest done by calling the rebase function in the smart contract.

• https://dirhamcrypto.io
• https://twitter.com/DirhamCrypto

 

---

Dirham Token Smart Contract Security Audit Report

Are Your Funds Safe?

1. In scope

Commit d67a5f947ae0eaa8000021e8493181eb9475b1ad

• Dirham.sol
• ERC20Detailed.sol

1.2 Excluded

Openzeppelin library:

• @openzeppelin/contracts-ethereum-package

2. Owner privileges

Severity: owner privileges.

Description:

Smart contract owners use the Gnosis multisig wallet that increases private key security. Owner may:

1. Owner has DEFAULT_ADMIN_ROLE and can set/remove MINTER_ROLE and REBASER_ROLE to any address.
2. User with MINTER_ROLE can mint any amount of tokens.
3. User with REBASER_ROLE can set rebase factor to any value without restriction and can call function rebase() at any time.

These owners’ privileges are required for the functionality of stablecoin.

3. Conclusion

The audited smart contract can be deployed. The issues that were pointed in the previous audit report were fixed.

4. Revealing previous audit reports

• https://gist.github.com/yuriy77k/36b16c93cd3c3a3bdf52cc79005bce07

Appendix

Smart Contract Audits by Callisto Network.

Miscellaneous

Why Audit Smart Contracts?

Our Most Popular Audit Reports.

---

Trust the Blockchain, Audit the Smart Contracts.

---

Follow Callisto’s Security Department on Twitter to get our latest news and updates!