- The BloomBox Protocol is a Defi Program in which custom nodes can be created with customization and approved users or the owner of the bloom node can start auto compounding for the blooms by swapping their USDC.e tokens for some time period. It has functions like claim, airdrop, deposit, initialize, withdraw, setURI, burn, mint, mintBatch, addLiquidity, toggleSwap, liquidityReward, etc.
- The Bloomify contracts are ERC1155 smart contracts with treasury functionality. These contracts inherits the ERC721Upgradeable, OwnableUpgradeable, ReentrancyGuardUpgradeable, PausableUpgradeable, IERC20, SafeERC20, Ownable, Initializable, ERC20Upgradeable, IERC20Upgradeable, ERC20BurnableUpgradeable, SafeMathUpgradeable, ERC1155URIStorageUpgradeable standard smart contracts from the OpenZeppelin library.
- These OpenZeppelin contracts are considered community-audited and time-tested, and hence are not part of the audit scope.
Executive Audit Summery
- According to the standard audit assessment, Customer`s solidity smart contracts are “ Secured”. Also, these contracts do contain owner control, which does not make them fully decentralized.
- We used various tools like Slither, Solhint and Remix IDE. At the same time this finding is based on critical analysis of the manual audit.
- We found 0 critical, 0 high, 0 medium and 3 low and some very low level issues.