Audit of the BNK smart contract: security over speed

Since the beginning of Bankera’s project, security has been our main concern. This was reflected in our choice to use the ERC223 standard for the Banker (BNK) token source code, which was then fully developed by our team. Other companies could have opted for a quicker route and used other token codes to develop their own, but we knew this could result in potential security gaps, such as the ‘batch overflow’ bug recently discovered in several ERC20 smart contracts. Moreover, we are not creating a simple token, but a smart contract that distributes a net transactional revenue share weekly to BNK token holders, which has never been done by others. Thus, in addition to creating a unique source code for our BNK token, we have also submitted it for private and public audits to ensure its safety.

Audit of the BNK Smart Contract: Security over Speed

Four layers of audit

We have decided to submit the BNK smart contract for four layers of audit. While some might find it excessive, measures like this prevent major problems from happening. As we are using a different standard and developed our code from the beginning – instead of simply copy-pasting it, this ‘batch overflow’ issue does not affect us, but we want to avoid any similar situation. Since it is not currently possible to update an Ethereum smart contract – only by creating a new one, Bankera’s team has submitted the BNK code for the following reviews:

  • First and second internal audits. Bankera’s IT team has been thoroughly analysing the code and implementing suggested improvements.
  • Audit performed by a private company. The examination of the code took two weeks and no major loopholes were found.
  • Bug bounty on Solidified, a highly regarded platform for smart contract audit. During three weeks, Solidified experts reviewed the BNK smart contract.
  • Public audit. Contributors also reviewed the code, which was available on our GitHub page. This step lasted one week and more information about it is available in our blog post about the BNK token.

On Solidified, the code review was done according to the following structure:

  • Critical Bugs – bugs that enable the stealing of users’ funds and that are likely to happen.
  • Major Bugs – bugs that can lock users’ funds or cause miscalculation and misdistribution of rewards; and that are likely to happen.
  • Minor Bugs – smaller bugs, such as avoiding fees or causing other unintended behavior; and bugs with a lower probability of happening.

44 experts have reviewed the contract on Solidified and no major or critical bugs which could threaten users’ funds were found. Since the BNK contract has the ERC223 standard, there were differences regarding the definition of “Adherence to ERC20 Token Standard”. The reviewer who pointed this out was awarded a bounty for a minor bug.

What’s next?

Now, all audits have been completed and suggested improvements already implemented by our IT team. Simultaneously to the smart contract development, our IT team was also working on the integration of the smart contract into the SpectroCoin infrastructure, because one cannot work without the other. Within two weeks, contributors will be able to withdraw and deposit their tokens from/to ERC20 and ERC223 compatible wallets. Providing full support to ERC20 and ERC223 at SpectroCoin, an already-running system, is also not a simple task because of its complexity; our developers must ensure that users can deposit and withdraw their ERC20/ERC223 tokens smoothly. Once this is completed, the Bankers (BNK) will be listed on the HitBTC platform. The smart contract integration done by the HitBTC developers’ team is expected to be fully launched in June.

Following the launch of BNK on HitBTC, the tokens will also be listed on SpectroCoin. Since SpectroCoin is not a trading platform, it has to set the BNK price by looking at different exchanges, their prices, and liquidity. Therefore, BNKs will firstly be available for exchange on HitBTC and, after it, on SpectroCoin. After finalizing the ERC223 source code, our IT team will focus on supporting BNK tokens as NEM Mosaics.

Since our previous blog post about the BNK token, we have received feedback from BNK token holders regarding the choice between the Ethereum and NEM blockchains. In order to give our contributors the possibility of making the most adequate choice, we have decided to give token holders the possibility to switch their tokens from ERC223 to NEM Mosaic on SpectroCoin. This means that, if you transferred your tokens to an ERC20 or ERC223 wallet but want to change all or part of your tokens to NEM Mosaic, all you have to do is to deposit them back at SpectroCoin and then withdraw the tokens to the chosen blockchain. The possibility of switching blockchains will be available only on SpectroCoin.

Spread the good news around! More news and updates will be provided in the upcoming weeks, so stay tuned to our channels!

Please follow and like us: