Ondo Smart Contract Audit

Project Background

    • This Solidity contract named “Ondo” implements a token with time-based vesting functionalities. Let’s break down its key components:
      • Context: Abstract contract defining internal functions _msgSender() and _msgData() to retrieve the sender’s address and the data of the current message, respectively.
      • IERC165: Interface for contract-level support for ERC165.
      • IAccessControl: Interface defining functions related to access control such as role management.
      • AccessControl: Abstract contract implementing access control functionality based on roles. It manages roles and role membership.
      • IOndo: Interface defining functions related to Ondo token features such as updating tranche balances and retrieving balances.
      • LinearTimelock: Abstract contract implementing linear time-based vesting logic. It calculates vested balances based on elapsed time since the cliff period.
      • Ondo: The main contract implementing the Ondo token. It inherits from AccessControl and LinearTimelock. Key functionalities include:
        • Token metadata such as name, symbol, and decimals.
        • Management of total supply and balances.
        • Delegation functionality allows token holders to delegate voting power.
        • Minting functionality is restricted to accounts with the MINTER_ROLE.
        • Transfer and approval functionalities, with the ability to enable/disable transfers.
        • Time-based vesting functionality for specific tranches of investors.
        • Role-based access control for various operations.
        • Update of cliff timestamp for vesting.
    • This contract provides a comprehensive implementation of a token with access control and time-based vesting features, suitable for scenarios where token release needs to be controlled over time.

Website: ondo.finance

Executive Audit Summary

  • According to the standard audit assessment, the Customer`s solidity smart contracts are “Secured”.  Also, these contracts contain owner control, which does not make them fully decentralized.
  • We used various tools like Slither, Solhint and Remix IDE. At the same time this finding is based on critical analysis of the manual audit.
  • We found 0 critical, 0 high, 0 medium,  0 low and 2 very low-level issues.

Audit Report in PDF


Audit Report Flip book

Please wait while flipbook is loading. For more related info, FAQs and issues please refer to DearFlip WordPress Flipbook Plugin Help documentation.

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + one =