iExec PoCo
Summary
Executive Summary This report presents the results of our engagement with iExec to review their PoCo (Proof of Contribution) protocol. The review was conducted over the course of two weeks, from March 30, 2020 to April 10, 2020 by Gonçalo Sá and Shayan Eskandari. A total of 15 person-days were spent. During the first week, we focused our efforts on understanding the intention of the design (which is mostly provided through communication with the client and the resources provided in the README of the main repository under review, poco-dev), and defining the key risk factors and potential vulnerabilities requiring further investigation.
Issues (7)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 3 | 4 | - | - | 7 |
Fixed | - | - | - | - | 0 |
| Total | 3 | 4 | 0 | 0 | 7 |
Contracts (48)
| # | File Name |
|---|---|
| 1 | poco-dev/contracts/IexecInterfaceNative.sol |
| 2 | poco-dev/contracts/tools/testing/TestReceiver.sol |
| 3 | poco-dev/contracts/tools/testing/TestClient.sol |
| 4 | poco-dev/contracts/Store.sol |
| 5 | poco-dev/contracts/tools/Migrations.sol |
| 6 | poco-dev/contracts/modules/interfaces/IexecMaintenance.sol |
| 7 | poco-dev/contracts/registries/datasets/DatasetRegistry.sol |
| 8 | poco-dev/contracts/modules/delegates/IexecAccessorsABILegacyDelegate.sol |
| 9 | poco-dev/contracts/modules/interfaces/IexecAccessorsABILegacy.sol |
| 10 | poco-dev/contracts/modules/delegates/IexecERC20Delegate.sol |