Skip to main content

Bondex Token and Token Vesting

Smart Contract Security Assessment

Mar 07, 2024




Dedaub was commissioned to perform a security audit of the Bondex Token and Bondex Token Vesting protocol.


The Bondex Token is an upgradable ERC20 token with burn and permit functionality. Upon initialisation, the token can be configured to be upgradable by an address with the UPGRADER_ROLE, as well as to mint a specific supply and to give this supply to an initial supply holder address.

The Bondex Token Vesting contract holds a number of tokens for a given address (claimant), and allows the address to claim these funds according to a configurable vesting schedule. In particular the contract can be configured to allow the address to claim a certain percentage of the funds immediately, while the rest of the funds are distributed linearly over a vesting period once the set cliff period has passed. These Vesting contracts are cloned using a Vesting Factory contract, so that each address can have its own Vesting contract.


This audit report mainly covers the following contracts of the Bondex Token repository at commit number:

  • BaseERC20.sol
  • interfaces
    • IBaseERC20.sol
  • storage
    • StorageBaseERC20.sol

As well as the contracts of the Bondex Token Vesting repository at commit number:

  • interfaces
    • IVesting.sol
  • storage
    • StorageVesting.sol
  • VestingFactory.sol
  • Vesting.sol

Two auditors worked on the codebase for 2 days on the above two repositories.

Following the audit, the team made some changes to the Bondex Token Vesting repository at the following commit number in order to address the issues identified by the audit:


The auditors have reviewed the fixes and confirm that they fix the issues marked as resolved in the report below.

The audit’s main target is security threats, i.e., what the community understanding would likely call "hacking", rather than the regular use of the protocol. Functional correctness (i.e. issues in "regular use") is a secondary consideration. Typically it can only be covered if we are provided with unambiguous (i.e. full-detail) specifications of what is the expected, correct behavior. In terms of functional correctness, we often trusted the code’s calculations and interactions, in the absence of any other specification. Functional correctness relative to low-level calculations (including units, scaling and quantities returned from external protocols) is generally most effectively done through thorough testing rather than human auditing.


This section details issues affecting the functionality of the contract. Dedaub generally categorizes issues according to the following severities, but may also take other considerations into account such as impact or difficulty in exploitation:

Can be profitably exploited by any knowledgeable third-party attacker to drain a portion of the system’s or users’ funds OR the contract does not function as intended and severe loss of funds may result.
Third-party attackers or faulty functionality may block the system or cause the system or users to lose funds. Important system invariants can be violated.
  • User or system funds can be lost when third-party systems misbehave.
  • DoS, under specific conditions.
  • Part of the functionality becomes unusable due to a programming error.
  • Breaking important system invariants but without apparent consequences.
  • Buggy functionality for trusted users where a workaround exists.
  • Security issues which may manifest when the system evolves.

Issue resolution includes “dismissed” or “acknowledged” but no action taken, by the client, or “resolved”, per the auditors.


[No critical severity issues]


[No high severity issues]


[No medium severity issues]



Token holders could accidentally burn their tokens


Token holders could accidentally burn their tokens


The team has indicated that the burn functionality will only be used mistakenly with very low probability and thus this issue does not have a significant impact on the operation of the protocol.

The BaseERC20 contract extends OpenZeppelin’s ERC20BurnableUpgradeable while not imposing any restriction on who can call its burn functions. This means that token holders could accidentally burn their tokens by mistakenly calling the burn() function. The same is true for approved addresses. Even though this scenario might be improbable there is no reason to not restrict the burn functionality only to the addresses that are expected to burn part of token supply as planned by the tokenomics of the protocol.


It is often desirable for DeFi protocols to assume no trust in a central authority, including the protocol’s owner. Even if the owner is reputable, users are more likely to engage with a protocol that guarantees no catastrophic failure even in the case the owner gets hacked/compromised. We list issues of this kind below. (These issues should be considered in the context of usage/deployment, as they are not uncommon. Several high-profile, high-value protocols have significant centralization threats.)

[No centralisation issues]


This section details issues that are not thought to directly affect the functionality of the project, but we recommend considering them.


Missing comment in __Vesting_init_unchained function of the Vesting contract


Missing comment in __Vesting_init_unchained function of the Vesting contract

The @notice comment for the __Vesting_init_unchained function of the Vesting contract lists the conditions when the call should revert. However it is missing the condition where the address of the config.token is the zero address.


Vesting tgeTime could be enforced to be > block.timestamp


Vesting tgeTime could be enforced to be > block.timestamp


The team has added a comment to the __Vesting_init_unchained function to indicate that the vesting tgeTime can be in the past for flexibility purposes during deployment.

Execution of the function Vesting::__Vesting_init_unchained reverts if config.tgeTime + config.cliffDuration + config.vestingDuration < block.timestamp. This means that when a vesting contract is initialized the config.tgeTime can be less than block.timestamp, which we consider to be a bit counter intuitive as the vesting would have to have started at some point in the past. The check could be changed to config.tgeTime < block.timestamp.


Incorrect comment in IVesting


Incorrect comment in IVesting

The comment that describes the purpose of VestingConfig::tgePercentage is incorrect in saying that this is “the percentage of the total amount that will be vested at the TGE”, as according to the implementation, it is the percentage of the total amount that will not be vested at the TGE, but it will be available immediately.


Unused variable


Unused variable

The function Vesting::getClaimableAmount computes the amount of the Vesting contract that is claimable at the time that it is called. At some point it sets the timePassed local variable to $.config.vestingDuration but never uses it again.

if ($.config.tgeTime + $.config.cliffDuration < block.timestamp) {
uint256 timePassed = block.timestamp -
$.config.tgeTime -

if (timePassed >= $.config.vestingDuration) {
timePassed = $.config.vestingDuration; // Dedaub: unused variable
totalClaimable = $.config.totalAmount;
} else {
uint256 vestedAmount = (amountExcludingTGE * timePassed) /

totalClaimable += vestedAmount;


Magic constant in the Vesting contract


Magic constant in the Vesting contract

The Vesting contact uses the magic constant 100 * (10**PERCENTAGE_DECIMALS) at a couple of places without explicitly defining it in one place. This constant corresponds to the percentage 100%, with an accuracy of PERCENTAGE_DECIMALS decimals.


Compiler bugs


Compiler bugs

The code is compiled with Solidity 0.8.24. Currently version 0.8.24, does not have any known bugs, but we advise consulting this list every so often for any newly discovered ones.


The audited contracts have been analyzed using automated techniques and extensive human inspection in accordance with state-of-the-art practices as of the date of this report. The audit makes no statements or warranties on the security of the code. On its own, it cannot be considered a sufficient assessment of the correctness of the contract. While we have conducted an analysis to the best of our ability, it is our recommendation for high-value contracts to commission several independent audits, a public bug bounty program, as well as continuous security auditing and monitoring through Dedaub Security Suite.


Dedaub offers significant security expertise combined with cutting-edge program analysis technology to secure some of the most prominent protocols in DeFi. The founders, as well as many of Dedaub's auditors, have a strong academic research background together with a real-world hacker mentality to secure code. Protocol blockchain developers hire us for our foundational analysis tools and deep expertise in program analysis, reverse engineering, DeFi exploits, cryptography and financial mathematics.