top of page
  • Writer's pictureFYEO

FYEO performed a secure code assessment of Drift Token


FYEO performed a secure code assessment of Drift Token

About Drift

DRIFT Labs approached FYEO to conduct a security audit of the smart contract for their studio token, $DRIFT, prior to its token generation event. DRIFT Labs, a GameFi studio, is the creator of a suite of gaming products and a single studio token, $DRIFT. Their first product, Payout Pursuit, is in Beta and playable in-browser. Version 2 will be Web3 enabled, launching in April. 


As a GameFi studio, the security of their studio token, $DRIFT, is a key concern for DRIFT Labs. To ensure the contract was secure for $DRIFT holders, they chose FYEO for their audit services.


For the $DRIFT launch, the token is planned to be available on three blockchain platforms—Ethereum, Binance Chain, and Polygon, and it incorporates Chainlink's CCIP mechanism for cross-chain token transfers. This multi-chain strategy and the implementation of cross-chain technology are crucial parts of $DRIFT's introduction, emphasizing the importance of a thorough security audit.


The audit focused on finding any security issues with the contracts that could have affected the users funds and lead to monetary loss. No critical issues were identified during the audit but some minor errors were identified and the drift team worked diligently during the audit process to improve the quality of the code of the contract. 


The FYEO Process

When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete. 


Our goal is to give our clients the following:

  • A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.

  • An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.

  • Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.

  • Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.


Findings and Report

During the security assessment, we uncovered:

  • 2 findings with HIGH severity rating

  • 3 findings with MEDIUM severity rating

  • 4 findings with LOW severity rating

  • 4 findings with INFORMATIONAL severity rating


Once notified, the Drift team was quick to address and remediate these findings. You can find a public version of the report available below.


Drift Token - Security Code Review of DriftToken v1.0
.pdf
Download PDF • 1.06MB

 

Comentários


bottom of page