CertiK completes audit of Avarta ERC-20 token and smart contracts ahead of launch

Avarta is excited to announce that our smart contracts have been officially certified and audited by CertiK, the leading blockchain security auditing firm for blockchain protocols and DeFi Projects.

Stringent security audits are essential for verifying the health and reliability of smart contracts. At Avarta, our priority is to make sure our systems are secured and fully protect the assets of our community. The decision of using Certik is attributed to their world-renowned auditing practices. To date, CertiK has provided security products and services to over 1,800 clients, detected over 31,000 vulnerabilities in blockchain code, and protected over $310 billion worth of digital assets. Their clientele includes some of the largest crypto exchanges and blockchain protocols in the industry.

A CertiK Report is released upon completing an in-depth analysis of the Avarta’s source code. The report details result from stress testing key performance metrics

A comprehensive examination has been performed, utilizing Static Analysis and Manual Review techniques. CertiK did not identify any critical issues on Avarta’s smart contracts, putting the Avarta Project in the same category as other market-leading blockchain protocols. Additional enhancements have been put in place to boost the security measures based on CertiK’s recommendations.

Highlights of the Audited Report:

CertiK found no critical issues during the audit on Avarta smart contracts. Only a few major and medium issues have been found and the team already addressed the identified issues by following CertiK team’s advice. 

Some key findings identified by CertiK during the audit are as follows

Centralisation Risk (Severity: Major)

Issue Description: The role owner has authority over the functions in various smart contracts. This can lead to the owner arbitrarily changing the token balance of any address or mint any amount of tokens to an arbitrary address.

Issue Alleviation: Avarta deployed a multi-sig wallet to control the privileged functions as recommended by CertiK.

Logical Errors (Severity: Medium)

Issue Description: 

  1. Assigning maturityDate as the lockPeriod may cause a logical error where the timestamp check is always successful. 
  2. The function _mint() does not call the function _moveDelegates(). This means that delegates will not be moved when tokens are minted.
  3. In the contract AvartaFarm, the rewardAmount is calculated and recorded when a user calls the withdraw() function, but the reward is not paid out to the staker in the withdraw() function or any other function in this contract. 

Issue Alleviation: 

  1. Avarta updated the smart contract with the recommended code provided by CertiK.
  2. Avarta included the call to _moveDelegates() in the _mint() function for consistency and in accordance with CertiK recommendations.
  3. The reward payout function was included in the contract in accordance with CertiK recommendations.

With this technical due diligence completed, DeFi users and NFT holders can have peace of mind when storing or transferring their digital assets to and from the Avarta Wallet, including multi-chain support for cryptocurrencies and NFTs.

About Avarta

Avarta is rapidly expanding its drive to create a next-gen layer of authentication and form an institutional environment that redefines the existing financial system. Our biometric cross-chain wallet aggregator and innovative cross-chain credit scoring system privately store the users’ full transaction history and safeguard the data with a unique, secure and reliable solution. By injecting decentralized governance and biometric access mechanics, the DeFi ecosystem is on the path to reaching full maturity.

Avarta is partnered and backed by the likes of Magnus Capital, Marshland, GHAF Capital Partners, Maven Capital & CRT.

Want to be part of the action?

Join Avarta’s community: Website | Twitter | Telegram | LinkedIn |