Crypto Commonwealth’s Token & Vesting Audit

CertiK | Dec 23, 2019

Article's Poster

Crypto commonwealth is an asset management and publishing ecosystem on blockchain that aims to fundamentally improve the traditional economic model. As a diverse group of individuals ranging from portfolio managers to senior IT engineers, the team utilizes methods including smart betas, risk premiums, and alpha strategies to leverage high returns and promote public welfare.

Similarly COMM, Crypto Commonwealth’s native token, is intended for investors to participate and benefit from their subscription, circulation and investment ecosystem. Their strategies utilize smart betas and alphas, which by design outperform bitcoin via risk premium capture, diversification and risk management.

Knowledge is power. The discovery and distribution of new knowledge are the highest forms of contribution to humanity. However, in traditional aspects, scientific and investment methods don’t carry tangible values.

However, blockchain is able to transform theory into inherent digital value. The market establishes that rudimentary blockchain protocols, and in particular public chains, are more valuable than decentralized applications.

The Commonwealth Foundation is dedicated to endowing all explorations of new knowledge with economic value and returns. The foundation seeks to compensate all endeavors to advance human’s knowledge base, as every effort to push our boundaries of knowledge matters, and all excursions into the truth, either successful or not, are worth much more than what they appear to be at that point in time.

In line with the transparency they build, the team’s 20% tokens are to be locked for 5 years after inception and released linearly by a smart contract upon vulnerability audit of a security partner. The vesting contract may be applied to token sales with lock periods as well. Crypto Commonwealth chose to work with CertiK to ensure the security of their token and vesting smart contracts.

CertiK’s Smart Contract Audit

The report was delivered to Crypto Commonwealth for discovering issues and vulnerabilities in the source code of their Comm.sol, CommTokenVesting.sol, and CommTokenVestingFactory.sol smart contracts. A comprehensive examination was performed, utilizing CertiK’s Formal Verification Platform, Static Analysis, and Manual Review techniques.

CertiK tested the smart contracts against both common and uncommon attack vectors. We assessed the codebase to ensure compliance with current best practice and industry standards, and made sure the contract logic meets the specifications and intentions of the client. Furthermore, we cross referenced contract structure and implementation against similar smart contracts produced by industry leaders.

The Token Factory creates vesting contracts that vest its balance of any ERC20 token to the beneficiary, gradually in a linear or nonlinear fashion. The vested schedule is time-based using block timestamps as opposed to block numbers, and we recommended to avoid using short time durations such as those less than a minute. Typical vesting schemes with a cliff period of a year and a duration of four years are safe to use.

With the final update of source code and delivery of the audit report, we concluded that the contracts are structurally sound and not vulnerable to any classically known anti-patterns or security issues.

CertiK believes the smart contracts pass security qualification to be listed on digital asset exchanges. Overall we found them to follow good practices!

To request an audit similar to Crypto Commonwealth’s, visit www.certik.io and get a free quote!

About CertiK

CertiK leads blockchain security by pioneering the use of cutting-edge Formal Verification technology on smart contracts and blockchains. Unlike traditional security audits, Formal Verification mathematically proves program correctness and hacker-resistance. CertiK was founded by Computer Science professors of Yale University and Columbia University, securing over $5B in assets, including many of the world’s top projects.

The research efforts of CertiK have received grants from IBM and the Ethereum Foundation, and notable investors include Binance Labs, Bitmain, Lightspeed Venture Partners, Matrix Partners, and NEO Global Capital, among others.

To request the audit/verification of your smart contracts, please email audit@certik.io or visit certik.io to submit the request.

Twitter: https://twitter.com/certikorg

Reddit: https://www.reddit.com/r/CertiKOrg/

Telegram: https://t.me/certikorg

LinkedIn: https://www.linkedin.com/company/certik