GNO Token v2.0.0 Audit Report
Copyright © 2022 by Verilog Solutions. All rights reserved.April 22, 2022
by Verilog Solutions

This report presents our engineering engagement with the Gnosis team on the GNO Token v2.0.0, an ERC20 standard token contract used in various GNO ecosystem products.
Project Name | GNO Token v2.0.0 |
---|---|
Repository Link | https://github.com/gnosis/gno-token |
Commit Hash | 1cc6023ecd6494dd4e37591c4864bb487f1b0373 |
Language | Solidity |
Chain | Gnosis Chain, Ethereum |
About Verilog Solutions
About Verilog Solutions
Founded by a group of cryptography researchers and smart contract engineers in North America, Verilog Solutions elevates the security standard for Web3 ecosystems by being a full-stack Web3 security firm covering smart contract security, consensus security, and operational security for Web3 projects.
Verilog Solutions team works closely with major ecosystems and Web3 projects and applies a quality above quantity approach with a continuous security model. Verilog Solutions onboards the best and most innovative projects and provides the best-in-class advisory service on security needs, including on-chain and off-chain components.
Table of Contents
Table of Contents
Service Scope
Service Scope
Service Stages
Service Stages
Our review focused on the v2.0.0 branch, specifically, commit hash 1cc6023ecd6494dd4e37591c4864bb487f1b0373.
Below is the summary of the GNO token v2.0.0 audit:
- Smart Contract Auditing Service
- Verilog Solutions team analyzed the entire project using a detailed-oriented approach to capture the fundamental logic and suggested improvements to the existing code. Details can be found under Findings & Improvement Suggestions
Methodology
Methodology
- Code Assessment
- We evaluate the overall quality of the code and comments as well as the architecture of the repository.
- We help the project dev team improve the overall quality of the repository by providing suggestions on refactorization to follow the best practice of Web3 software engineering.
- Code Logic Analysis
- We dive into the data structures and algorithms in the repository and provide suggestions to improve the data structures and algorithms for the lower time and space complexities.
- We analyze the hierarchy among multiple modules and the relations among the source code files in the repository and provide suggestions to improve the code architecture with better readability, reusability, and extensibility.
- Access Control Analysis
- We perform a comprehensive assessment of the special roles of the project, including their authorities and privileges.
- We provide suggestions regarding the best practice of privilege role management according to the standard operating procedures (SOP).
Audit Scope
Audit Scope
Our auditing for GNO Token v2.0.0 covered the following components
File Name |
---|
.\contracts\TokenGNO.sol |
.\contracts\GnoDevDependencies.sol |
.\@gnosis.pm\util-contracts\contracts\EtherToken.sol |
.\@gnosis.pm\util-contracts\contracts\GnosisStandard.sol |
.\@gnosis.pm\util-contracts\contracts\HumanFriendlyToken.sol |
.\@gnosis.pm\util-contracts\contracts\Math.sol |
.\@gnosis.pm\util-contracts\contracts\Migrations.sol |
.\@gnosis.pm\util-contracts\contracts\Proxy.sol |
.\@gnosis.pm\util-contracts\contracts\Token.sol |
Project Summary
Project Summary
GNO token is used in various GNO ecosystem products. GNO ecosystem includes various applications and infrastructure, such as Gnosis Auction, Gnosis Safe, and Gnosis Chain. Gnosis Beacon Chain is currently live and secured with GNO token, and the Gnosis Beacon Chain will merge with Gnosis Chain later.
Cited from Ethereum Foundation EIP-20:
The token should have the following methods:
// view functions
function name() public view returns (string)
function symbol() public view returns (string)
function decimals() public view returns (uint8)
function totalSupply() public view returns (uint256)
function balanceOf(address) public view returns (uint256)
// interaction functions
function transfer(address, uint256) public returns (bool)
function transferFrom(address, address, uint256) public returns (bool)
function approve(address, uint256) public returns (bool)
function allowance(address, address) public view returns (uint256)
The token should have the following events:
event Transfer(address indexed _from, address indexed _to, uint256 _value)
event Approval(address indexed _owner, address indexed _spender, uint256 _value)
The GNO token v2.0.0 ERC-20 implementation provides the following functionalities:
- transfer tokens from one account to another
- retrieve the current token balance of an account
- retrieve the total supply of the token available on the network
- approve whether and amount of token from an account can be spent by a third-party account
Findings & Improvement Suggestions
Findings & Improvement Suggestions
Severity | Total | Acknowledged | Resolved |
High | 0 | 0 | 0 |
Medium | 0 | 0 | 0 |
Low | 1 | 1 | 0 |
Informational | 1 | 1 | 0 |
High
High
none ; )
Medium
Medium
none ; )
Low
Low
- Unused components
Severity Low Source @gnosis.pm/util-contracts/contracts/GnosisStandardToken.sol: L4 ; GnoDevDependencies.sol: L12; Status Acknowledged Description
Proxy.sol
has not been used in theGnosisStandardToken.sol
andEtherToken.sol
has not been used in theGnoDevDependencies.sol
.GnosisStandardToken.sol
is a standard token contract implemented by the Gnosis team.GnosisStandardToken.sol
imported 3 solidity files:Token.sol
: an abstract token contract for the ERC20 token (functions are not implemented)
Math.sol
: a math library allows the calculation of logarithmic and exponential functions
Proxy.sol
: a proxy standard contract indicates that a contract will be provided, it also defines storage requirements for proxy.
However, the imported
Proxy.sol
has not been used/inherited in theGnosisStandardToken.sol
.GnoDevDependencies.sol
is used for truffle compilations.GnoDevDependencies.sol
imported 2 Solidity files:GnosisStandardToken.sol
: a standard token contract implemented by the Gnosis team.
EtherToken.sol
:
a token contract that allows exchanging with Ether 1:1
However, the imported
EtherToken.sol
has not been used/inherited in theGnoDevDependencies.sol
.Smart contract implementation should be succinct and sufficient. To keep the best practice, any unnecessary functions/imports should be eliminated.
Exploit Scenario
N/A
Recommendations
Remove these unused imports.
Results
Acknowledged by the Gnosis team.
Informational
Informational
- State variable visibility unspecified
Severity Informational Source @gnosis.pm/util-contracts/contracts/GnosisStandardToken.sol: L13-L15; Status Acknowledged Description
Some variables in contract
StandardTokenData.sol
do not have specified visibilities. Labeling the visibility explicitly makes it easier to catch incorrect assumptions about who can access the variable.TokenGNO.sol
is the ERC20 implementation of the GNO token and it inherits contractGnosisStandardToken.sol
. There are three variables that existed inGnosisStandardToken.sol
:contract StandardTokenData { /* * Storage */ mapping(address => uint) balances; mapping(address => mapping(address => uint)) allowances; uint totalTokens; }
The above pre-defined standard token data are accessed and can be modified in the derived contracts. Thus, the visibilities can be specifically marked as internal for better code readability and understanding.
Exploit Scenario
N/A
Recommendations
Adding internal for better readability, use below as an example
mapping(address => uint) internal balances; mapping(address => mapping(address => uint)) internal allowances; unit internal totalTokens;
Results
Acknowledged by the Gnosis team.
Access Control Analysis
Access Control Analysis
The GNO token v2.0.0 has no significant privileged roles. Only when at deployment, the contract deployer will receive the pre-defined total supply of GNO token, which is a standard operation in most token contract deployments:
// from TokenGNO.sol
constructor(uint amount) public {
totalTokens = amount;
balances[msg.sender] = amount;
}
Off-Chain OpSec
Off-Chain OpSec
N/A
Appendix I: Severity Categories
Appendix I: Severity Categories
Severity | Description |
---|---|
High | Issues that are highly exploitable security vulnerabilities. It may cause direct loss of funds / permanent freezing of funds. All high severity issues should be resolved. |
Medium | Issues that are only exploitable under some conditions or with some privileged access to the system. Users’ yields/rewards/information is at risk. All medium severity issues should be resolved unless there is a clear reason not to. |
Low | Issues that are low risk. Not fixing those issues will not result in the failure of the system. A fix on low severity issues is recommended but subject to the clients’ decisions. |
Informational | Issues that pose no risk to the system and are related to the security best practices. Not fixing those issues will not result in the failure of the system. A fix on informational issues or adoption of those security best practices-related suggestions is recommended but subject to clients’ decision. |
Appendix II: Status Categories
Appendix II: Status Categories
Status | Description |
---|---|
Unresolved | The issue is not acknowledged and not resolved. |
Partially Resolved | The issue has been partially resolved |
Acknowledged | The Finding / Suggestion is acknowledged but not fixed / not implemented. |
Resolved | The issue has been sufficiently resolved |
Disclaimer
Disclaimer
Verilog Solutions receives compensation from one or more clients for performing the smart contract and auditing analysis contained in these reports. The report created is solely for Clients and published with their consent. As such, the scope of our audit is limited to a review of code, and only the code we note as being within the scope of our audit detailed in this report. It is important to note that the Solidity code itself presents unique and unquantifiable risks since the Solidity language itself remains under current development and is subject to unknown risks and flaws. Our sole goal is to help reduce the attack vectors and the high level of variance associated with utilizing new and consistently changing technologies. Thus, Verilog Solutions in no way claims any guarantee of security or functionality of the technology we agree to analyze.
In addition, Verilog Solutions reports do not provide any indication of the technologies proprietors, business, business model, or legal compliance. As such, reports do not provide investment advice and should not be used to make decisions about investment or involvement with any particular project. Verilog Solutions has the right to distribute the Report through other means, including via Verilog Solutions publications and other distributions. Verilog Solutions makes the reports available to parties other than the Clients (i.e., “third parties”) – on its website in hopes that it can help the blockchain ecosystem develop technical best practices in this rapidly evolving area of innovation.