Security Assessment

Trillioner
CertiK Verified on Mar 30th, 2023
 SUMMARY TRILLIONER

CertiK Verified on Mar 30th, 2023

Trillioner
The security assessment was prepared by CertiK, the leader in Web3.0 security.

Executive Summary

TYPES ECOSYSTEM METHODS

DeFi Ethereum (ETH) Manual Review, Static Analysis

LANGUAGE TIMELINE KEY COMPONENTS

Solidity Delivered on 03/30/2023 N/A

CODEBASE COMMITS
https://github.com/trillionertoken/trillioner/tree/bfd1d1a2b4c08714d2580c bfd1d1a2b4c08714d2580ca54e490def7726a612
a54e490def7726a612 ...View All
...View All

Vulnerability Summary

4 4 0 0 0 0 0
Total Findings Resolved Mitigated Partially Resolved Acknowledged Declined Unresolved

Critical risks are those that impact the safe functioning of

a platform and must be addressed before launch. Users
0 Critical
should not invest in any project with outstanding critical
risks.

Major risks can include centralization issues and logical

1 Major 1 Resolved errors. Under specific circumstances, these major risks
can lead to loss of funds and/or control of the project.

Medium risks may not pose a direct risk to users’ funds,

0 Medium
but they can affect the overall functioning of a platform.

Minor risks can be any of the above, but on a smaller

2 Resolved scale. They generally do not compromise the overall

2 Minor integrity of the project, but they may be less efficient than
other solutions.

Informational errors are often recommendations to

1 Resolved improve the style of the code or certain operations to fall

1 Informational
within industry best practices. They usually do not affect
the overall functioning of the code.
 TABLE OF CONTENTS TRILLIONER

TABLE OF CONTENTS TRILLIONER

Summary
Executive Summary

Vulnerability Summary

Codebase

Audit Scope

Approach & Methods

Decentralization Efforts
Description

Recommendations

Findings
TRI-01 : Initial Token Distribution

GLOBAL-01 : Logical issue of openingPercentage

TRI-02 : Divide Before Multiply

TRI-04 : Incorrect naming convention utilization

Optimizations
TRI-03 : Variables That Could Be Declared as Immutable

Appendix

Disclaimer
 CODEBASE TRILLIONER

CODEBASE TRILLIONER

Repository

https://github.com/trillionertoken/trillioner/tree/bfd1d1a2b4c08714d2580ca54e490def7726a612

Commit

bfd1d1a2b4c08714d2580ca54e490def7726a612
 AUDIT SCOPE TRILLIONER

AUDIT SCOPE TRILLIONER

1 file audited 1 file with Resolved findings

ID File SHA256 Checksum

b94d4d400039221c5a229f8ecea82c57d861a
TRI trillioner.sol
e9b6c3f292af4a3d88a7c06b160
 APPROACH & METHODS TRILLIONER

APPROACH & METHODS TRILLIONER

This report has been prepared for Trillioner to discover issues and vulnerabilities in the source code of the Trillioner project as
well as any contract dependencies that were not part of an officially recognized library. A comprehensive examination has
been performed, utilizing Manual Review and Static Analysis techniques.

The auditing process pays special attention to the following considerations:

Testing the smart contracts against both common and uncommon attack vectors.

Assessing the codebase to ensure compliance with current best practices and industry standards.

Ensuring contract logic meets the specifications and intentions of the client.

Cross referencing contract structure and implementation against similar smart contracts produced by industry
leaders.

Thorough line-by-line manual review of the entire codebase by industry experts.

The security assessment resulted in findings that ranged from critical to informational. We recommend addressing these
findings to ensure a high level of security standards and industry practices. We suggest recommendations that could better
serve the project from the security perspective:

Testing the smart contracts against both common and uncommon attack vectors;

Enhance general coding practices for better structures of source codes;

Add enough unit tests to cover the possible use cases;

Provide more comments per each function for readability, especially contracts that are verified in public;

Provide more transparency on privileged activities once the protocol is live.

 DECENTRALIZATION EFFORTS TRILLIONER

DECENTRALIZATION EFFORTS TRILLIONER

Description

In the contract Ownable the role _owner has authority over the functions shown in the diagram below. Any compromise to
the _owner account may allow the hacker to take advantage of this authority.

Function State Variables

Authenticated Role renounceOwnership _owner

_owner
Function Function Calls

transferOwnership _transferOwnership

In the contract Trillioner the role _owner has authority over the functions shown in the diagram below. Any compromise
to the _owner account may allow the hacker to take advantage of this authority.

Function State Variables

_mint _totalSupply

Function
Function Calls

mint
_msgSender
Authenticated Role

Function Function Calls

_owner

transferWithVesting LockDetails

Function Calls
Function
_transfer
burn

Function Calls

_burn

Recommendations
 DECENTRALIZATION EFFORTS TRILLIONER

The risk describes the current project design and potentially makes iterations to improve in the security operation and level of
decentralization, which in most cases cannot be resolved entirely at the present stage. We advise the client to carefully
manage the privileged account's private key to avoid any potential risks of being hacked. In general, we strongly recommend
centralized privileges or roles in the protocol be improved via a decentralized mechanism or smart-contract-based accounts
with enhanced security practices, e.g., multisignature wallets. Indicatively, here are some feasible suggestions that would
also mitigate the potential risk at a different level in terms of short-term, long-term and permanent:

Short Term: Timelock and Multi sign (⅔, ⅗) combination mitigate by delaying the sensitive operation and avoiding a single
point of key management failure.

Time-lock with reasonable latency, e.g., 48 hours, for awareness on privileged operations;
AND

Assignment of privileged roles to multi-signature wallets to prevent a single point of failure due to the private key
compromised;
AND

A medium/blog link for sharing the timelock contract and multi-signers addresses information with the public
audience.

Long Term: Timelock and DAO, the combination, mitigate by applying decentralization and transparency.

Time-lock with reasonable latency, e.g., 48 hours, for awareness on privileged operations;
AND

Introduction of a DAO/governance/voting module to increase transparency and user involvement.

AND

A medium/blog link for sharing the timelock contract, multi-signers addresses, and DAO information with the public
audience.

Permanent: Renouncing the ownership or removing the function can be considered fully resolved.

Renounce the ownership and never claim back the privileged roles.
OR

Remove the risky functionality.

 FINDINGS TRILLIONER

FINDINGS TRILLIONER

4 0 1 0 2 1
Total Findings Critical Major Medium Minor Informational

This report has been prepared to discover issues and vulnerabilities for Trillioner. Through this audit, we have uncovered 4
issues ranging from different severity levels. Utilizing the techniques of Manual Review & Static Analysis to complement
rigorous manual code reviews, we discovered the following findings:

ID Title Category Severity Status

Centralization /
TRI-01 Initial Token Distribution Major Resolved
Privilege

GLOBAL-01 Logical Issue Of OpeningPercentage Logical Issue Minor Resolved

TRI-02 Divide Before Multiply Mathematical Operations Minor Resolved

Incorrect Naming Convention

TRI-04 Coding Style Informational Resolved
Utilization
 TRI-01 TRILLIONER

TRI-01 INITIAL TOKEN DISTRIBUTION

Category Severity Location Status

Centralization / Privilege Major trillioner.sol: 366 Resolved

Description

All Trillioner tokens are sent to the deployer when deploying the contract. This could be a centralization risk as the deployer
can distribute tokens without obtaining the consensus of the community.

Recommendation

We recommend the team to be transparent regarding the initial token distribution process, and the team shall make enough
efforts to restrict the access of the private key.

Alleviation

The team has published the distribution plan:

https://trillioner.io/tokenomics.html
 GLOBAL-01 TRILLIONER

GLOBAL-01 LOGICAL ISSUE OF OPENINGPERCENTAGE

Category Severity Location Status

Logical Issue Minor Resolved

Description

The openingPercentage is set by the owner, however, the value must be one of the following values: 10/20/50.

uint256 installment = uint256(100) / openingPercentage;

Otherwise, the installment will have a division truncation issue.

Recommendation

We would like to confirm with the client whether the current implementation aligns with the original project design.

Alleviation

The team heeded our advice and resolved the issue in commit a57f6a2f98a423149a79cf4202c12b66ab5d4c3f.
 TRI-02 TRILLIONER

TRI-02 DIVIDE BEFORE MULTIPLY

Category Severity Location Status

Mathematical Operations Minor trillioner.sol: 584, 590, 593 Resolved

Description

Performing integer division before multiplication truncates the low bits, losing the precision of calculation.

584 uint256 installment = uint256(100) / openingPercentage;

590 if (remainedMonth > installment) remainedMonth = installment;

593 uint256 receivableToken = (lockedToken * (remainedMonth *

openingPercentage)) / 100;

Recommendation

We recommend applying multiplication before division to avoid loss of precision.

Alleviation

The team heeded our advice and resolved the issue in commit a57f6a2f98a423149a79cf4202c12b66ab5d4c3f.
 TRI-04 TRILLIONER

TRI-04 INCORRECT NAMING CONVENTION UTILIZATION

Category Severity Location Status

Coding Style Informational trillioner.sol: 588 Resolved

Description

The variables remainedMonth / remainedToken with a similar naming style, but represent the opposite meanings.

Recommendation

We recommend renaming the items to have better code readablity.

Alleviation

The team heeded our advice and resolved the issue in commit 5abbded74a0e492f021ed7c3e1fa46ea0c9dd800.
 OPTIMIZATIONS TRILLIONER

OPTIMIZATIONS TRILLIONER

ID Title Category Severity Status

TRI-03 Variables That Could Be Declared As Immutable Gas Optimization Optimization Resolved
 TRI-03 TRILLIONER

TRI-03 VARIABLES THAT COULD BE DECLARED AS IMMUTABLE

Category Severity Location Status

Gas Optimization Optimization trillioner.sol: 359 Resolved

Description

The linked variables assigned in the constructor can be declared as immutable . Immutable state variables can be assigned
during contract creation but will remain constant throughout the lifetime of a deployed contract. A big advantage of immutable
variables is that reading them is significantly cheaper than reading from regular state variables since they will not be stored in
storage.

Recommendation

We recommend declaring these variables as immutable. Please note that the immutable keyword only works in Solidity
version v0.6.5 and up.

Alleviation

The team heeded our advice and resolved the issue in commit a57f6a2f98a423149a79cf4202c12b66ab5d4c3f.
 APPENDIX TRILLIONER

APPENDIX TRILLIONER

Finding Categories

Categories Description

Centralization / Privilege findings refer to either feature logic or implementation of components that
Centralization /
act against the nature of decentralization, such as explicit ownership or specialized access roles in
Privilege
combination with a mechanism to relocate funds.

Gas Optimization findings do not affect the functionality of the code but generate different, more
Gas Optimization
optimal EVM opcodes resulting in a reduction on the total gas cost of a transaction.

Mathematical Mathematical Operation findings relate to mishandling of math formulas, such as overflows,
Operations incorrect operations etc.

Logical Issue findings detail a fault in the logic of the linked code, such as an incorrect notion on
Logical Issue
how block.timestamp works.

Coding Style findings usually do not affect the generated byte-code but rather comment on how to
Coding Style
make the codebase more legible and, as a result, easily maintainable.

Checksum Calculation Method

The "Checksum" field in the "Audit Scope" section is calculated as the SHA-256 (Secure Hash Algorithm 2 with digest size of
256 bits) digest of the content of each file hosted in the listed source repository under the specified commit.

The result is hexadecimal encoded and is the same as the output of the Linux "sha256sum" command against the target file.
 DISCLAIMER TRILLIONER

DISCLAIMER CERTIK

This report is subject to the terms and conditions (including without limitation, description of services, confidentiality,
disclaimer and limitation of liability) set forth in the Services Agreement, or the scope of services, and terms and conditions
provided to you (“Customer” or the “Company”) in connection with the Agreement. This report provided in connection with the
Services set forth in the Agreement shall be used by the Company only to the extent permitted under the terms and
conditions set forth in the Agreement. This report may not be transmitted, disclosed, referred to or relied upon by any person
for any purposes, nor may copies be delivered to any other person other than the Company, without CertiK’s prior written
consent in each instance.

This report is not, nor should be considered, an “endorsement” or “disapproval” of any particular project or team. This report
is not, nor should be considered, an indication of the economics or value of any “product” or “asset” created by any team or
project that contracts CertiK to perform a security assessment. This report does not provide any warranty or guarantee
regarding the absolute bug-free nature of the technology analyzed, nor do they provide any indication of the technologies
proprietors, business, business model or legal compliance.

This report should not be used in any way to make decisions around investment or involvement with any particular project.
This report in no way provides investment advice, nor should be leveraged as investment advice of any sort. This report
represents an extensive assessing process intending to help our customers increase the quality of their code while reducing
the high level of risk presented by cryptographic tokens and blockchain technology.

Blockchain technology and cryptographic assets present a high level of ongoing risk. CertiK’s position is that each company
and individual are responsible for their own due diligence and continuous security. CertiK’s goal is to help reduce the attack
vectors and the high level of variance associated with utilizing new and consistently changing technologies, and in no way
claims any guarantee of security or functionality of the technology we agree to analyze.

The assessment services provided by CertiK is subject to dependencies and under continuing development. You agree that
your access and/or use, including but not limited to any services, reports, and materials, will be at your sole risk on an as-is,
where-is, and as-available basis. Cryptographic tokens are emergent technologies and carry with them high levels of
technical risk and uncertainty. The assessment reports could include false positives, false negatives, and other unpredictable
results. The services may access, and depend upon, multiple layers of third-parties.

ALL SERVICES, THE LABELS, THE ASSESSMENT REPORT, WORK PRODUCT, OR OTHER MATERIALS, OR ANY
PRODUCTS OR RESULTS OF THE USE THEREOF ARE PROVIDED “AS IS” AND “AS AVAILABLE” AND WITH ALL
FAULTS AND DEFECTS WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED UNDER
APPLICABLE LAW, CERTIK HEREBY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY,
OR OTHERWISE WITH RESPECT TO THE SERVICES, ASSESSMENT REPORT, OR OTHER MATERIALS. WITHOUT
LIMITING THE FOREGOING, CERTIK SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT, AND ALL WARRANTIES ARISING FROM
COURSE OF DEALING, USAGE, OR TRADE PRACTICE. WITHOUT LIMITING THE FOREGOING, CERTIK MAKES NO
WARRANTY OF ANY KIND THAT THE SERVICES, THE LABELS, THE ASSESSMENT REPORT, WORK PRODUCT, OR
OTHER MATERIALS, OR ANY PRODUCTS OR RESULTS OF THE USE THEREOF, WILL MEET CUSTOMER’S OR ANY
OTHER PERSON’S REQUIREMENTS, ACHIEVE ANY INTENDED RESULT, BE COMPATIBLE OR WORK WITH ANY
SOFTWARE, SYSTEM, OR OTHER SERVICES, OR BE SECURE, ACCURATE, COMPLETE, FREE OF HARMFUL
CODE, OR ERROR-FREE. WITHOUT LIMITATION TO THE FOREGOING, CERTIK PROVIDES NO WARRANTY OR
 DISCLAIMER TRILLIONER

UNDERTAKING, AND MAKES NO REPRESENTATION OF ANY KIND THAT THE SERVICE WILL MEET CUSTOMER’S
REQUIREMENTS, ACHIEVE ANY INTENDED RESULTS, BE COMPATIBLE OR WORK WITH ANY OTHER SOFTWARE,
APPLICATIONS, SYSTEMS OR SERVICES, OPERATE WITHOUT INTERRUPTION, MEET ANY PERFORMANCE OR
RELIABILITY STANDARDS OR BE ERROR FREE OR THAT ANY ERRORS OR DEFECTS CAN OR WILL BE
CORRECTED.

WITHOUT LIMITING THE FOREGOING, NEITHER CERTIK NOR ANY OF CERTIK’S AGENTS MAKES ANY
REPRESENTATION OR WARRANTY OF ANY KIND, EXPRESS OR IMPLIED AS TO THE ACCURACY, RELIABILITY, OR
CURRENCY OF ANY INFORMATION OR CONTENT PROVIDED THROUGH THE SERVICE. CERTIK WILL ASSUME NO
LIABILITY OR RESPONSIBILITY FOR (I) ANY ERRORS, MISTAKES, OR INACCURACIES OF CONTENT AND
MATERIALS OR FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF ANY
CONTENT, OR (II) ANY PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING
FROM CUSTOMER’S ACCESS TO OR USE OF THE SERVICES, ASSESSMENT REPORT, OR OTHER MATERIALS.

ALL THIRD-PARTY MATERIALS ARE PROVIDED “AS IS” AND ANY REPRESENTATION OR WARRANTY OF OR
CONCERNING ANY THIRD-PARTY MATERIALS IS STRICTLY BETWEEN CUSTOMER AND THE THIRD-PARTY
OWNER OR DISTRIBUTOR OF THE THIRD-PARTY MATERIALS.

THE SERVICES, ASSESSMENT REPORT, AND ANY OTHER MATERIALS HEREUNDER ARE SOLELY PROVIDED TO
CUSTOMER AND MAY NOT BE RELIED ON BY ANY OTHER PERSON OR FOR ANY PURPOSE NOT SPECIFICALLY
IDENTIFIED IN THIS AGREEMENT, NOR MAY COPIES BE DELIVERED TO, ANY OTHER PERSON WITHOUT
CERTIK’S PRIOR WRITTEN CONSENT IN EACH INSTANCE.

NO THIRD PARTY OR ANYONE ACTING ON BEHALF OF ANY THEREOF, SHALL BE A THIRD PARTY OR OTHER
BENEFICIARY OF SUCH SERVICES, ASSESSMENT REPORT, AND ANY ACCOMPANYING MATERIALS AND NO
SUCH THIRD PARTY SHALL HAVE ANY RIGHTS OF CONTRIBUTION AGAINST CERTIK WITH RESPECT TO SUCH
SERVICES, ASSESSMENT REPORT, AND ANY ACCOMPANYING MATERIALS.

THE REPRESENTATIONS AND WARRANTIES OF CERTIK CONTAINED IN THIS AGREEMENT ARE SOLELY FOR THE
BENEFIT OF CUSTOMER. ACCORDINGLY, NO THIRD PARTY OR ANYONE ACTING ON BEHALF OF ANY THEREOF,
SHALL BE A THIRD PARTY OR OTHER BENEFICIARY OF SUCH REPRESENTATIONS AND WARRANTIES AND NO
SUCH THIRD PARTY SHALL HAVE ANY RIGHTS OF CONTRIBUTION AGAINST CERTIK WITH RESPECT TO SUCH
REPRESENTATIONS OR WARRANTIES OR ANY MATTER SUBJECT TO OR RESULTING IN INDEMNIFICATION
UNDER THIS AGREEMENT OR OTHERWISE.

FOR AVOIDANCE OF DOUBT, THE SERVICES, INCLUDING ANY ASSOCIATED ASSESSMENT REPORTS OR
MATERIALS, SHALL NOT BE CONSIDERED OR RELIED UPON AS ANY FORM OF FINANCIAL, TAX, LEGAL,
REGULATORY, OR OTHER ADVICE.
 CertiK Securing the Web3 World

Founded in 2017 by leading academics in the field of Computer Science from both Yale and Columbia University, CertiK is a
leading blockchain security company that serves to verify the security and correctness of smart contracts and blockchain-

based protocols. Through the utilization of our world-class technical expertise, alongside our proprietary, innovative tech,
we’re able to support the success of our clients with best-in-class security, all whilst realizing our overarching vision; provable

trust for all throughout all facets of blockchain.

Trillioner Security Assessment CertiK Verified on Mar 30th, 2023 Copyright © CertiK