Lunaray Security Scan Report

Report Statement:

Lunaray has now started projectluna, which by scanning the security of smart contracts in decentralized projects in the blockchain ecosystem, Our team try our best to find security problems in smart contracts and reduce asset losses. This scan result is only for general security vulnerabilities and is not used as the final contract security audit result, nor as investment advice for users. If you have any questions, please contact support@lunaray.co.

The scan contract address:

chainlink/contracts/src/v0.8 at develop · smartcontractkit/chainlink

The scan tool:

Lunaray Contract Security Scanner

Scan result:

By scanning the Chainlink contract, it is found there are 4 types of security risks:

● [“info”] no events added
○ advice: It is recommended to add event logging of user or administrator sensitive actions to add clarity to the operation of the project.

● [“low”] only owner
○ advice: It is recommended to set TimeLock time lock to time-bound the administrator operation; it is recommended to store this administrator key securely.

● [“low”] timestamp vulnerabilities
○ advice: Avoid relying on block.timestamp

● [“low”] unchecked empty address

Security advice:

○ advice: Adding a determination of whether the incoming address is address(0)

Lunaray social media

Twitter: https://twitter.com/lunaray_sec

Github: https://github.com/LunaraySec

Telegram:http://t.me/LunaraySec

Facebook: https://www.facebook.com/lunarayblockchain

Quora:https://blockchainsecurityaudit.quora.com/

Reddit:https://www.reddit.com/user/Lunarayblockchain/

Instagram: https://www.instagram.com/lunarayblockchain02/

Website: https://lunaray.co