CertiK's Amaten AMAToken Audit

CertiK | Feb 10, 2020

Article's Poster

Amaten leads the application of blockchain technology into the gift card industry by developing a self sustaining ecosystem of tokenized gift cards.

As the first and largest gift card marketplace in Japan, Amaten has since generated incredible results and value. In 2018, the team reached the milestone of one million transactions with a 20% year-over-year transaction growth rate and over 100 million dollars in turn over.After 240,000 active users, there's no doubt the team provides a revolutionary yet seamless way for users to enter the blockchain ecosystem and will revolutionize the the gift card industry.

In 2019, the team partnered with Aelf -- a decentralized cloud computing blockchain network. Amaten works to build its blockchain framework on top of Aelf, allowing for a globally scalable platform. “The blockchain will provide an immutable record of a gift card’s issuance and any exchanges of ownership, thereby increasing the transparency of Amaten’s platform,” said in a release announced by Aelf.

CertiK was excited to review Amaten’s source code, guided and facilitated by aelf, their technical partner -- specifically the AMAToken smart contracts.

Audit Synopsis

Amaten’s audit report was prepared to discover issues and vulnerabilities of the AMAToken smart contracts. The team demonstrated their professional and knowledgeable understanding of the contracts by having:

  1. A production ready repository with high-quality source code
  2. Unit tests covering the majority of its business scenarios
  3. Accessible, clean, and accurate readme documents for intentions, functionalities, and responsibilities of the smart contracts.

CertiK’s audit process differs from traditional testing approaches by using Formal Verification to mathematically prove smart contracts are hacker resistant and bug free. Formal Verification is extremely rigorous and difficult to perform, since it required precise, unambiguous specifications. Historically, the proof method has been more common for mission critical hardware systems, but because smart contracts are self-executing and often open-sourced, blockchain software has seen the need for higher standards of security.

And we’re proud to work with leaders like Amaten to build a secure blockchain ecosystem for everyone to use.

We’re happy to note that the contracts scanned have no critical to low issues found. CertiK made minor comments that were represented in Amaten’s latest commit, including a recommendation to add in a check to ensure thefromaddress is not atoaddress in the transfer() function. Similarly, adding in a check to ensure thetoaddress is not azeroaddress for potential vulnerabilities.

About CertiK

CertiK leads blockchain security by pioneering the use of cutting-edge Formal Verification technology on smart contracts and blockchains. Unlike traditional security audits, Formal Verification mathematically proves program correctness and hacker-resistance. CertiK was founded by Computer Science professors of Yale University and Columbia University, securing over $5B in assets, including many of the world’s top projects.

The research efforts of CertiK have received grants from IBM and the Ethereum Foundation, and notable investors include Binance Labs, Bitmain, Lightspeed Venture Partners, Matrix Partners, and NEO Global Capital, among others.

To request the audit/verification of your smart contracts, please email audit@certik.io or visit certik.io to submit the request.

Twitter: https://twitter.com/certikorg

Reddit: https://www.reddit.com/r/CertiKOrg/

Telegram: https://t.me/certikorg

LinkedIn: https://www.linkedin.com/company/certik