[SCA] Right to Privacy / Railgun / Nov2021
Off-Chain (Public)
Audited on 2021/11/03
No active critical issues
Summary
RAILGUN is a privacy system built directly on-chain for Ethereum, BSC, Polygon, and Arbitrum that uses Zero-Knowledge (ZK) cryptography to enable private use of smart contracts and DeFi, all without leaving the security of the user’s preferred chain.
Issues (4)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | - | - | - | - | 0 |
Fixed | 2 | 2 | - | - | 4 |
| Total | 2 | 2 | 0 | 0 | 4 |
Test Unit Failed
fixed/medium
While 41 tests are passing, 1 is failing. It fails with the “Out of Gas” message which means your logic could be too complicated and overloaded with loops, maths, and external calls. …
Too low test coverage
fixed/medium
Global test coverage is about 68% for code branches, while the main RailgunLogic contract is covered only for 57.89% of logic branches. The recommended coverage is minimum 95% for branches, while it should be definitely 100% for the main logic contracts.
A public function that could be declared external
fixed/low
`public` functions that are never called by the contract should be declared `external` to save gas.
Missing zero address validation
fixed/low
Accidentally setting `_vestLockImplementation` to zero-address could lead to contract out of work because it doesn’t have the ability to update it in any way.
Contracts (24)
| # | Github Repository | Commit Hash | File | Url |
|---|---|---|---|---|
| 1 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | logic/Poseidon.sol | Check on Github |
| 2 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | teststubs/TokenStubs.sol | Check on Github |
| 3 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | governance/Delegator.sol | Check on Github |
| 4 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | logic/TokenWhitelist.sol | Check on Github |
| 5 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | teststubs/logic/CommitmentsStub.sol | Check on Github |
| 6 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | governance/Deployer.sol | Check on Github |
| 7 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | logic/Commitments.sol | Check on Github |
| 8 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | governance/Staking.sol | Check on Github |
| 9 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | token/VestLock.sol | Check on Github |
| 10 | Railgun-Privacy/contract | d2c63577ddd8310c87dced0d549cf9505b372111 | teststubs/logic/TokenWhitelistStub.sol | Check on Github |