Open Bi Sea ETH-BSC Bridge smart contract security audit, conducted by the Callisto Network Security Department during May 2021.
Open Bi Sea ETH-BSC Bridge Smart Contract Security Audit Report
Are Your Funds Safe?
1. Summary
ETH-BSC Swap smart contract security audit report performed by Callisto Security Audit Department.
Website: https://openbisea.io/ethereum-binancesmartchainbridge
2. In scope
Commit 20ec6c502ba97cb530a54070d3b040ccdab76258
These code are deployed at:
- BEP20TokenImplementation: https://bscscan.com/address/0xcB2052cbbf302FB6D02c6d71caD7112af45FDcaE
- ERC721Implementation https://bscscan.com/address/0x05bfc49Be22D48Bd12FF27f49d5c392FD3a269E5
- ERC1155Implementation https://bscscan.com/address/0x1eB05c3906C4b8D05D0F559cdA8E8B68fba8D14E
- OpenBiSeaBSCSwapAgentImpl https://bscscan.com/address/0xEEE87Dad2A6Ba15c301e3f6bc2bfB0ac1051EeA9#contracts
- OpenBiSeaETHSwapAgentImpl https://etherscan.io/address/0x0440e9fa9c4c4c2b60a8942c64a870b9cd8e03fe#contracts
2.1 Excluded
Folder test.
3. Findings
In total, 1 issue were reported including:
-
- 0 high severity issue.
- 0 medium issue.
- 0 low severity issue.
- 0 note.
- 1 owner privileges.
3.1 The swapping process completely under the Owner’s control.
Severity: owner privileges.
Description:
The owner can transfer tokens on the Ethereum side and mint them on the BSC side.
However, Owner provides a transaction hash as proof of the user’s swap operation. Therefore anyone can check each swap operation and ensure its correctness.
4. Conclusion
The audited smart contract can be deployed. Pointed issues were fixed.
Since the swapping process completely on the owner’s power, users should understand the risk of an “exit scam”.
5. Previous report revealing
https://gist.github.com/yuriy77k/326fde5902e91a2ea950a537b89258bd
Appendix
Smart Contract Audits by Callisto Network.
Miscellaneous
Our Most Popular Audit Reports.
Trust the Blockchain, Audit the Smart Contracts.
Follow Callisto’s Security Department on Twitter to get our latest news and updates!