Lunaray Security Scan Report
Lunaray has now started projectluna, which by scanning the security of smart contracts in decentralized projects in the blockchain ecosystem, Our team try our best to find security problems in smart contracts and reduce asset losses. This scan result is only for general security vulnerabilities and is not used as the final contract security audit result, nor as investment advice for users. If you have any questions, please contact firstname.lastname@example.org.
The scan contract address:
chainlink/contracts/src/v0.8 at develop · smartcontractkit/chainlink
node of the decentralized oracle network, bridging on and off-chain computation - chainlink/contracts/src/v0.8 at…
The scan tool:
Lunaray Contract Security Scanner
By scanning the Chainlink contract, it is found there are 4 types of security risks:
● [“info”] no events added
○ advice: It is recommended to add event logging of user or administrator sensitive actions to add clarity to the operation of the project.
● [“low”] only owner
○ advice: It is recommended to set TimeLock time lock to time-bound the administrator operation; it is recommended to store this administrator key securely.
● [“low”] timestamp vulnerabilities
○ advice: Avoid relying on block.timestamp
● [“low”] unchecked empty address
○ advice: Adding a determination of whether the incoming address is address(0)
Lunaray social media