MIP#13

MIP#: MIP#13
Title: Audit to MVC
Author(s): sCrypt
Contributors: 
Editor: N/P
Date Proposed: 
Date Ratified: 
Dependencies:
Replaces: N/P
Exception to MIP: N/P

Vote option:

1) Yes [Audit by sCrypt]

2) NO

  • Executive Summary:

A smart contract audit can provide several advantages, including identifying potential vulnerabilities and security risks, ensuring compliance with industry standards and best practices, improving the overall quality and reliability of the contract, and increasing user trust and confidence in the contract. By conducting a thorough audit, developers can mitigate potential issues and ensure the contract functions as intended, ultimately leading to a more successful and trustworthy project.

  • Introduction of sCrypt

Website: https://scrypt.io/

Telegram handle: https://twitter.com/sinoTrinity

sCrypt Inc. is a blockchain development platform that provides a set of tools and infrastructure for developers to interact with UTXO blockchains such as MVC.

it provides a suite of developer tools to simplify the development process. This includes sCrypt, which allows users to write smart contracts directly in TypeScript, and Ordinals protocol that enables fungible and non-fungible tokens. It also offers audit services to ensure security of smart contracts, and premium services to optimize their performance.

The company's mission is to simplify and accelerate blockchain development by offering reliable and scalable API services and first-class developer tools.

  • AMA for MVC community: [08 Oct 2023 - HK Time 01:30AM]

sCrypt will host an AMA on https://t.me/mvcofficial to address all questions from the MVC community.

  • Proposal Details:

This report has been prepared for MVC network to discover issues and vulnerabilities in the source code of the

A) Voting Contract

B) FT Contract

C) NFT Contract

As well as any contract dependencies that were not part of an officially recognized library. A comprehensive examination has been performed, utilizing Static Analysis and Manual Review techniques. The auditing process pays special attention to the following considerations:

  • Testing the smart contracts against both common and uncommon attack vectors

  • Assessing the codebase to ensure compliance with current best practices and industry standards.

  • Ensuring contract logic meets the specifications and intentions of the client.

  • Cross referencing contract structure and implementation against similar smart contracts produced by industry leaders.

  • Thorough line-by-line manual review of the entire codebase by industry experts.

The security assessment resulted in findings that ranged from critical to informational. We recommend addressing these findings to ensure a high level of security standards and industry practices. We suggest recommendations that could better serve the project from the security perspective:

  • Enhance general coding practices for better structures of source codes;

  • Add enough unit tests to cover the possible use cases;

  • Provide more comments per each function for readability, especially contracts that are verified in public;

  • Provide more transparency on privileged activities.

  • Advantages of auditing smart contract

  1. Security: Auditing a smart contract can help identify and mitigate potential security vulnerabilities, reducing the risk of hacks or other malicious attacks.

  2. Compliance: Auditing can ensure that the smart contract complies with relevant industry standards.

  3. Accuracy: Auditing can help ensure that the smart contract accurately reflects the intended functionality and logic.

  4. Efficiency: Auditing can identify areas where the smart contract can be optimized for better performance and efficiency.

  5. Transparency: Auditing can provide transparency into the smart contract's code and logic, helping to build trust with stakeholders.

  6. Reputation: A well-audited smart contract can help build a positive reputation for the project or organization behind it.

  7. Cost savings: Identifying and fixing potential issues early on can save time and resources in the long run.

  8. Risk management: Auditing can help manage the risks associated with deploying a smart contract, reducing the likelihood of unexpected issues arising.

  • Overall Costs:

[Around 12 working days - USDT 4,000 per days]

[Package Price - USDT 45,000 worth of space]

----------------------------------

  • Remarks

1) MVCDAO emphasizes that Space is not an investment vehicle, but the gas within the MVC ecosystem. The value and price of SPACE may be influenced by utility demand of MVC network, there may be risks of price fluctuations. Participants are advised against purchasing SPACE for investment or speculative purposes.

Please note that MVCDAO does not make any commitments or guarantees regarding the price or value of SPACE. When holding SPACE, it should be used solely for participation in MVCDAO governance or utility within the MVC network.

2) The proposal is purely seeking assistance to increase the visibility of MVC, not any intention for investment analysis or induction purpose.

3) Conflict of interest declaration: The author of this proposal has not received any commission.

4) The audit report from [sCrypt] should not be used in any way to make decisions around investment or involvement with any particular project. This report in no way provides investment advice, nor should be leveraged as investment advice of any sort. The audit report represents an extensive assessing process intending to help sCrypt's customers increase the quality of their code while reducing the high level of risk presented by cryptographic tokens and blockchain technology.

PreviousMIP#12NextMIP#15

Last updated