Lunaray Security Scan Report

Report Statement:

Lunaray has now started projectluna, which by scanning the security of smart contracts in decentralized projects in the blockchain ecosystem, Our team tries our best to find security problems in smart contracts and reduce asset losses. This scan result is only for general security vulnerabilities and is not used as the final contract security audit result, nor as investment advice for users. If you have any questions, please contact support@lunaray.co.

The scan contract address:

contracts/contracts at dev · graphprotocol/contracts

The scan tool:

Lunaray Contract Security Scanner

Scan result:

By scanning the The Graph contract, it is found there are types of security risks:

● [“medium”] int overflow

● [“low”] onlyowner

● [“info”] no events added

● [“info”] hard coding

Security advice:

○ advice: using SafeMath lib

○ advice: It is recommended to set TimeLock time lock to time bound the administrator operation; it is recommended to store this administrator key securely.

○ advice: It is recommended to add event logging of user or administrator sensitive actions to add clarity to the operation of the project.

○ advice: Replace magic number with an enumeration or constant definition

Lunaray social media

Twitter: https://twitter.com/lunaray_sec

Github: https://github.com/LunaraySec

Telegram:http://t.me/LunaraySec

Facebook: https://www.facebook.com/lunarayblockchain

Quora:https://blockchainsecurityaudit.quora.com/

Reddit:https://www.reddit.com/user/Lunarayblockchain/

Instagram: https://www.instagram.com/lunarayblockchain02/

Website: https://lunaray.co