About Banger
Banger is an app for minting and burning tweet collectibles along price curves. Tweet authors and curators get rewarded, as the best tweets rise to the top of the leaderboard.
The program provides a secure and efficient way to tokenize tweets, allowing users to engage in buying and selling these tokens while ensuring that creators receive appropriate compensation. It handles token minting and burning, fee calculations, and secure fund transfers, all governed by a bonding curve to manage token pricing dynamically.
In general the code base is well-structured, demonstrating a clear and organized approach to development and the code is generally easy to follow.
The project is well structured and has good and comprehensive test cases even if the test cases do not cover 100% of functionality. The team had excellent communication throughout the review process, which facilitated a smooth and efficient collaboration.
The FYEO Process
When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete.
Our goal is to give our clients the following:
A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.
An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.
Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.
Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.
Findings and Report
During the Security Code Review of Banger, we discovered:
3 findings with HIGH severity rating.
5 findings with LOW severity rating.
6 findings with INFORMATIONAL severity rating.
During the audit, the Banger team was quick to address and remediate all findings. You can find a public version of the report available below.
Comments