Links

Auditing Department Amendment v5

Amendment v5

Callisto Security Auditing Department starts operating with SoulBound Tokens.

Extending the audit report as SBT

Upon completing the audit report, the Auditing Manager must create and assign a special SBT to the contract address that was audited on Callisto Network. Even if the original contract is deployed on some other network (in most cases Ethereum) the SBT can be issued for the similar address on CLO chain. This would allow for future transition should it become necessary.
The issued SBT will contain 3 properties.
  • Properties[ 0 ] - this property is used by the owner of the contract by default. Address that the SBT is assigned to has writing permission.
  • Properties[ 1 ] - this property must contain the link to the Github issue of the Audit Request. Auditing Manager and Owner of the contract must have writing permission to this property.
  • Properties[ 2 ] - this property must contain the link to IPFS copy of the report which is stored persistently. Auditing Manager and Owner of the contract must have writing permission to this property.
When the SBT is being minted the following parameters must be applied:
  • TokenID must be set to the Github Issue number on EthereumCommonwealth/Auditing/issues
  • Address must be the mainnet address of the audited contract. If the requester of the audit refuses to provide the address of the contract then the SBT must be issued to the address of SBT contract (0xf98bFBAD4427b91344dB25a01d7D4e842F76c615)
  • Properties Count should be 2 by default

Example

We are issuing the example SBT to MechaChain token. MechaChain passed a Security Audit on Nov 27, 2021 EthereumCommonwealth/Auditing#604​
The issuing is done via mintWithProperties function. MechaChain had issue # 604 so the SBT will be minted with TokenID 604
Then the property[1] must be assigned. Property assignment is done via setProperty function
Now the SBT is completed. It is possible to read the audit data from on-chain now: