Experience

Ohtamaa was chosen to conduct the audit due to his extensive experience in the smart contracts and wider blockchain ecosystem. Mikko Ohtamaa is CTO of TokenMarket.net, a digital asset crowdfunding and secondary market service. Previously, he acted as CTO for peer-to-peer exchange service LocalBitcoins and has written a book about Operations Security (OPSEC). Ohtamaa has been developing smart contracts since 2015 and regularly speaks at conferences on running security-critical development operations.

Layers of security and measured approach to development

‘The ChronoBank team has planned for different risks,’ summarises Ohtamaa. ‘Instead of trying to create a perfect smart contract, ChronoBank builds upon several layers of security and corrective actions. Issues can be mitigated and resolved without needing blockchain forks. In the end, despite how careful you are, human errors and external factors always find their way in. If it happens for space crafts, it may happen for your project too.’

In particular, Ohtamaa praises the team’s measured attitude towards development and launch of the core ChronoBank software. ‘The Ethereum community is young. In the past, teams have rushed forward to make a name for themselves. ChronoBank values investor protection and acts over longer, stabler, development and testing paths.’

Overall, the audit focuses on a number of different areas, from ChronoBank’s broader approach to issues of security down to specific issues such as loss of private keys and smart contracts testing. These can be seen in the following, unedited report made by Ohtamaa:

https://github.com/ChronoBank/SmartContracts/issues/13

How ChronoBank team approaches security?

ChronoBank moves forward carefully. Security and investor protection are some of the main concerns in decentralised environments. Blockchain technologies themselves are not fully mature yet, so it is important to prepare for both known and unknown risks.

ChronoBank plans for a holistic security approach with several layers of defences and corrective actions. The plan is to gradually roll out our decentralised ChronoBank platform during 6–12 months after ChronoBank crowdsale is over. The platform will be the first run in a testnet. During the roll out ChronoBank internal staff and external security researchers can detect issues and update related smart contracts with fixed versions.

Furthermore, after the roll out, ChronoBank smart contracts contain safety and upgrade mechanisms to address the issues with the smart contract themselves. ChronoBank team has planned for different scenarios and risks. All the resolutions are opt-in from the individual community members and with a voting mechanism based on TIME tokens. No blockchain forks are needed for any resolution.

How is ChronoBank platform built?

ChronoBank platform consists of assets, exchanges and other related smart contracts for Ethereum blockchain written in Solidity smart contract programming language. Smart contracts are publicly readable and testable in our Github repository.

How are ChronoBank smart contracts audited?

ChronoBank works together with independent, smart contract developers to audit the security of our contracts. ChronoBank will conduct at least four audits before launching the full production version of ChronoBank.

Furthermore, ChronoBank is running an open bug bounty program, one similar to bounty.ethereum.org, where security researches are rewarded for the issues they find based on the level of vulnerability.

How is ChronoBank prepared for human error in a smart contract?

ChronoBank platform consists of multiple complex smart contracts. The amount of decentralised logic increases the likelihood of any human error. In the case an issue is found within the token smart contract code, ChronoBank can issue an upgrade proposal for the code. See What is ChronoBank smart contract upgrade proposal mechanism.

What wallets are compatible with ChronoBank?

ChronoBank LHT (Labor Hour Token) and TIME tokens are Ethereum ERC-20 standard compatible tokens. Multiple Ethereum wallets support the standardised tokens, including, but not limited to Mist, Parity and MyEtherWallet.

What happens if users lose their private keys?

Like in all decentralised systems, in Ethereum the private keys are the responsibility of the user. By default, ChronoBank cannot recover or move account balances to a new account in the case the user loses his or her private key controlling the account.

However, in ChronoBank platform supports lost wallet access recovery mechanism. The users are free to add recovery keys for their accounts. The users can add an another key, or a trusted party, that can recover their assets in the case the user loses his or her main private key.

Can ChronoBank tokens be traded in several exchanges?

ChronoBank LHT (Labor Hour Token) and TIME tokens are Ethereum ERC-20 standard compatible tokens. Multiple exchanges have expressed their interest to support trading of these tokens after ChronoBank launch. A diverse community and increased liquidity give additional investor protection.

How can ChronoBank recover from a third party exchange incident where somebody manages to steal large amount of tokens?

The history shows that blockchain asset exchanges, centralised and decentralised, are subject to vulnerabilities that may lead to large-scale asset losses. ChronoBank is prepared to protect its LHT and TIME investors.

ChronoBank itself does not control the transfer of the tokens after their issuance, as with any decentralised system. This is an important factor to ensure all the participants have equally free rights to participate the markets.

In the case the incident is severe enough, ChronoBank community can come up with a remedy proposals. The community can decide the course of action between these proposals through TIME token voting mechanism. In the case of split opinions, different parties can continue on different resolution paths. Any resolution does not need the creation of blockchain forks, as ChronoBank itself is not a blockchain, and ChronoBank smart contracts themselves have built-in safety mechanisms.

Can ChronoBank do a token reissuance if needed?

ChronoBank platform supports trading of several tokens, including TIME and LHT, in a decentralised marketplace. ChronoBank assets implement a specific smart contract interface. In the case of an smart contract code needs to be upgraded ChronoBank can issue an upgrade proposal. For most of the issues, it is unlikely that a reissuance is needed.

See What is ChronoBank smart contract upgrade proposal mechanism for more information.

What is ChronoBank smart contract upgrade proposal mechanism?

ChronoBank assets have an upgrade proposal mechanism. The original asset issuer can propose an upgrade for an existing token code in the case issues have been found in the code.

ChronoBank token holders may opt out from the smart contract upgrade. The upgrade proposal does not affect token balances of existing owners. There is a time window of three days to take action.

All proposal will be announced and discussed with the community. There will be a voting mechanism where voting rights are based on the ownership of TIME tokens. Furthermore, the duration of opt-out time window itself is to be discussed with the community in the future.

What happens if there are issues with ChronoBank platform or exchange smart contracts?

In the case the underlying platform or exchange contracts need to be upgraded, new contracts need to be issued. This process is somewhat heavier than with an asset contract upgrade proposal.

All old data will be migrated from outdated contracts. ChronoBank maintains separate events contracts, which stores all events, so the audit history remains. Moreover as far as any amount of exchange contract copies can be independently operated by any Ethereum user, in the case of issues community can just stop using exchanges that run wrong contract versions.

How are ChronoBank smart contracts tested?

ChronoBank smart contracts come with an automated test suite and tests are automatically run on the TravisCI continuous integration server. The test suite is run every time there is a change in the codebase. External auditors can run the test suite on their local computers.

How is ChronoBank prepared for Ethereum implementation issues?

Ethereum is still an experimental technology. There have been issues with Ethereum node applications. It is not guaranteed the future implementations are issue free and some of these issues might affect directly or indirectly ChronoBank smart contracts.

In the case of a bug in an Ethereum implementation that allows unauthorised balance changes through the Ethereum blockchain, ChronoBank is prepared to act with the Ethereum community. ChronoBank fixes all states for the last valid block on the current Ethereum blockchain and will produce the roll back on the new or fixed chain.

How is ChronoBank prepared for Solidity compiler issues?

Smart contracts are compiled with a Solidity compiler. Like Ethereum, Solidity is still an experimental technology. There has been an issue with the Solidity smart contract compiler. It is not guaranteed the future implementations are issue free either.

In the case of a bug in the Solidity compiler implementation that affects ChronoBank smart contracts, ChronoBank may issue an upgrade proposal for a new asset contract. See What is ChronoBank smart contract upgrade proposal mechanism.