TraderDAOai v3 Security Audit Report
Are Your Funds Safe?
Our expert team at Callisto Network has conducted an in-depth security audit of the TraderDAOai v3 smart contract. This audit aims to ensure the security of your funds by identifying and assessing any potential vulnerabilities. Here, we present our findings:
This report presents the results of the security audit conducted by the Callisto Network Security Department on the TraderDAOai v3 smart contract in May 2023. It provides an in-depth analysis of the contract’s security posture and highlights any identified vulnerabilities.
1. Scope of the Audit
The audit focused on the following TraderDAO v3 contracts:
2. Audit Findings
Our audit reported a total of 0 finding(s), categorized as follows:
- 0 high-severity issue(s).
- 0 medium severity issue(s).
- 0 low-severity issue(s).
In addition to these findings, our audit identified 19 additional points, detailed in the following sections:
- 3 note(s).
- 16 owner privilege(s).
No critical security issues were found.
2.2 Owner privileges of Liquidity_Wallet
2.2.1 Functions SetDecimal() and SetRate() allow gov address to modify POT<>USDT conversion rate
2.2.2 Owner Privileges
2.4.1 Users Claim Reward with USDT tokens
2.4.2 Owner Privileges
2.4.3 Deposit with Arbitrary Parameters
2.5 Follow Good Coding Practice
3. Security Practices
The audited smart contract can be deployed. No security issues were found in the audited contracts.
Users should be aware of the complete centralization of
TraderDAO, where the owner can withdraw any tokens from smart contacts without limitation. Users can claim USDT from
TraderDAO only if the owner adds enough USDT to contracts. The owner can mint
POT tokens without restriction.
Audited contracts don’t implement the functionality described in the Litepaper; therefore, it uses a centralized server-side for all
It is recommended to adhere to the security practices described in pt. 4 of this report to ensure the contract’s operability and prevent any issues that are not directly related to the code of this smart contract.
About Callisto Network
Callisto Network, founded by Dexaran, a co-founder of Ethereum Classic, is a blockchain platform that prioritizes security. We are dedicated to enhancing the safety and reliability of smart contracts by conducting comprehensive audits and providing actionable recommendations. Our security department has audited over 330 smart contracts across different platforms, including Ethereum, Ethereum Classic, and EOS.
Callisto Network’s contributions extend beyond audits. We have designed the ERC223 token standard, an improved alternative to the widely-used ERC20 standard, addressing its flaws and enhancing its capabilities. We’ve also developed the CallistoNFT standard, which aims to overcome the limitations of the prevalent ERC721 standard. Our innovative work in these areas underscores our commitment to the evolution and improvement of blockchain technology, further establishing us as industry leaders in crypto-security.