Fantom Token (FTM) Security Audit Report

Are Your Funds Safe?

Our expert team at Callisto Network has conducted an in-depth security audit of the Fantom Token (FTM) smart contract. This audit aims to ensure the security of your funds by identifying and assessing any potential vulnerabilities. Here, we present our findings:

1
Total Finding(s)
0 - Hight severity issue(s)
0 - Medium severity issue(s)
1 - Low severity issue(s)
0 note(s)
0 owner privilege(s)

Executive Summary

This report presents the results of the security audit conducted by the Callisto Network Security Department on the Fantom Token (FTM) smart contract in January 2023. It analyzes the contract’s security in-depth and highlights any identified vulnerabilities.

[bsf-info-box icon_type=”custom” icon_img=”id^11667|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-1.png|caption^null|alt^null|title^Mask Group 1|description^null” img_width=”26″ icon_animation=”fadeIn” title=”Website” read_more=”title” link=”url:https%3A%2F%2Ffantom.foundation%2F|target:_blank” hover_effect=”style_2″][/bsf-info-box]
[bsf-info-box icon_type=”custom” icon_img=”id^11673|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-3.png|caption^null|alt^null|title^Mask Group 3|description^null” img_width=”25″ icon_animation=”fadeIn” title=”Whitepaper” read_more=”title” link=”url:https%3A%2F%2Ffantom.foundation%2Ffantom-research-papers%2F|target:_blank” hover_effect=”style_2″][/bsf-info-box]
[bsf-info-box icon_type=”custom” icon_img=”id^11674|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-4.png|caption^null|alt^null|title^Mask Group 4|description^null” img_width=”26″ icon_animation=”fadeIn” title=”CoinMarketCap” read_more=”title” link=”url:https%3A%2F%2Fcoinmarketcap.com%2Fcurrencies%2Ffantom%2F|target:_blank” hover_effect=”style_2″][/bsf-info-box]
[bsf-info-box icon_type=”custom” icon_img=”id^11675|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-5.png|caption^null|alt^null|title^Mask Group 5|description^null” img_width=”25″ icon_animation=”fadeIn” title=”CoinGecko” read_more=”title” link=”url:https%3A%2F%2Fwww.coingecko.com%2Fen%2Fcoins%2Ffantom|target:_blank” hover_effect=”style_2″][/bsf-info-box]

1. Scope of the Audit

The audit focused on the following Fantom Token (FTM) contract:

2. Audit Findings

Our audit reported a total of 1 finding(s), categorized as follows:

  • 0 high-severity issue(s).
  • 0 medium severity issue(s).
  • 1 low-severity issue(s).
No critical security issues were found.

2.1 Known Vulnerabilities of ERC-20 Token

[bsf-info-box icon_type=”custom” icon_img=”id^11677|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-6.png|caption^null|alt^null|title^Mask Group 6|description^null” img_width=”20″ icon_animation=”fadeIn” title=”Severity:” el_class=”mos_flex”]Low.[/bsf-info-box][bsf-info-box icon_type=”custom” icon_img=”id^11678|url^https://callisto.network/wp-content/uploads/2023/04/Mask-Group-7.png|caption^null|alt^null|title^Mask Group 7|description^null” img_width=”20″ icon_animation=”fadeIn” title=”Description:”]

  1. The smart contract is susceptible to double withdrawal attacks. Learn more about this type of attack here.
  2. The contract lacks a transaction handling mechanism. WARNING! This common vulnerability has already led to significant financial losses. For a comprehensive understanding of this issue, click here.

[/bsf-info-box][bsf-info-box icon_type=”custom” icon_img=”id^11679|url^https://callisto.network/wp-content/uploads/2023/04/star-svgrepo-com.png|caption^null|alt^null|title^star-svgrepo-com|description^null” img_width=”20″ icon_animation=”fadeIn” title=”Recommendation”]

Add the following code to the transfer(_to address, ...) function:

require( _to != address(this) );

[/bsf-info-box]

3. Security Practices

4. Conclusion

The audited smart contract can be deployed. Only low-severity issues were found during the audit.

It is recommended to adhere to the security practices described in pt. 4 of this report to ensure the contract’s operability and prevent any issues that are not directly related to the code of this smart contract.

About Callisto Network

Founded by Dexaran,  co-founder of Ethereum Classic, Callisto Network is a blockchain platform that prioritizes security. We’ve conducted over 330 smart contract audits across platforms like Ethereum, Ethereum Classic, and EOS. In addition to our audits, we’ve developed the ERC 223 token standard and CallistoNFT standard, enhancements over existing standards that address flaws and offer new capabilities, further establishing us as industry leaders in crypto-security.

Trust The Blockchain, Audit Your Smart Contracts.