Bot Ocean - Smart Contract Audit Report

Summary

Bot Ocean is building a platform with signals, portfolio tracking, bots marketplace, and a strategy builder within a single interface.

For this audit, we reviewed the project's bridge logic using code provided to us by the team; which includes bridge contracts for both the BSC and ETH networks. Please note we have not reviewed the off-chain logic related to the bridge.

Notes on the Contracts:
The team has developed a cross-chain bridge which will allow users to deposits their native Bot Ocean tokens across the ETH or BSC blockchain.
The contracts on each chain serve as the on and off ramp for each chain.
Users can send their tokens to the bridge contract on the ETH chain to make those tokens available on the BSC chain.
Upon bridging their tokens, the team's off-chain logic will provide the user with a series of data which can be used with withdraw their tokens on the other chain.
Users will need some BNB in order to claim their tokens on the BSC chain, and some ETH to claim on the Ethereum chain.
The bridge contract on the BSC chain is also the token contract, so when tokens are claimed, they are minted to the user.
There are no fees charged by the team for using the contract.
The chainName variable can be set constant in both contracts to save gas on deployment.
Some functions can be declared external instead of public to save on gas.
Utilization of SafeMath to prevent overflows.
We advise using Solidity 0.7.6 rather than 0.7.3.

Audit Findings Summary:
No security issues were identified.
Users must trust the team as they will operate off-chain logic to power the bridge used for cross-chain transfers.
Date: May 5th, 2021

Combined External Threat Results

Vulnerability Category	Notes	Result
Arbitrary Storage Write	N/A	PASS
Arbitrary Jump	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Deprecated Opcodes	N/A	PASS
Ether Thief	N/A	PASS
Exceptions	N/A	PASS
External Calls	N/A	PASS
Integer Over/Underflow	N/A	PASS
Multiple Sends	N/A	PASS
Suicide	N/A	PASS
State Change External Calls	N/A	PASS
Unchecked Retval	N/A	PASS
User Supplied Assertion	N/A	PASS
Critical Solidity Compiler	N/A	PASS
Overall Contract Safety		PASS

Inheritence Chart

Smart Contract Inheritance

Function Graph

Smart Contract Graph

Functions Overview


 ($) = payable function
 # = non-constant function

 Int = Internal
 Ext = External
 Pub = Public

 +  Context
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IBridgeV1
    - [Ext] SwapOut #
    - [Ext] SwapIn #

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 + [Int] IERC20
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 +  Bridge (IBridgeV1, Ownable)
    - [Pub]  #
    - [Ext] SwapOut #
    - [Ext] SwapIn #
       - modifiers: onlyOwner
    - [Pub] withdraw #
       - modifiers: onlyOwner
    - [Pub] updateFee #
       - modifiers: onlyOwner

Go Home