April 23rd 2021 — Quantstamp Verified

Axie Infinity Token

This security assessment was prepared by Quantstamp, the leader in blockchain security

Executive Summary

Type Token Contracts

High Risk The issue puts a large number of users’
Auditors Ed Zulkoski, Senior Security Engineer sensitive information at risk, or is
reasonably likely to lead to catastrophic
Christoph Michel, Research Engineer
impact for client’s reputation or serious
financial implications for client and
Timeline 2021-04-19 through 2021-04-23 users.

EVM Muir Glacier

Medium Risk The issue puts a subset of users’
Languages Solidity sensitive information at risk, would be
detrimental for the client’s reputation if
Methods Architecture Review, Unit Testing, Functional exploited, or is reasonably likely to lead
to moderate financial impact.
Testing, Computer-Aided Verification, Manual
Review
Low Risk The risk is relatively small and could not
Specification None be exploited on a recurring basis, or is a
risk that the client has indicated is low-
Documentation Quality Medium impact in view of the client’s business
circumstances.
Test Quality Undetermined

Source Code Informational The issue does not post an immediate

Repository Commit risk, but is relevant to security best
practices or Defence in Depth.

axs-smart-contracts 23881c8 (initial audit)

Undetermined The impact of the issue is uncertain.

axs-smart-contracts f1d7460 (latest audit)

Unresolved Acknowledged the existence of the risk,

Total Issues 7 (2 Resolved) and decided to accept it without
engaging in special efforts to control it.
High Risk Issues 0 (0 Resolved)

Medium Risk Issues 0 (0 Resolved) Acknowledged The issue remains in the code but is a
result of an intentional business or
Low Risk Issues 3 (2 Resolved) design decision. As such, it is supposed
to be addressed outside the
Informational Risk Issues 4 (0 Resolved) programmatic means, such as: 1)
comments, documentation, README,
Undetermined Risk Issues 0 (0 Resolved) FAQ; 2) business processes; 3) analyses
showing that the issue shall have no
negative consequences in practice (e.g.,
gas analysis, deployment settings).

Resolved Adjusted program implementation,

requirements or constraints to eliminate
the risk.

Mitigated Implemented actions to minimize the

impact or likelihood of the risk.
Summary of Findings

During the audit, several low severity and informational issues were uncovered. We recommend addressing all findings before using the code in production. No external specification or
documents were provided, so it is unclear if all parts of the code match intended semantics. Further, we were unable to run tests nor coverage due to a dependency issue during the npm
install.
Update: The report has been updated based on commit f1d7460. Most issues have been resolved or acknowledged.

ID Description Severity Status

QSP-1 Outdated compiler version Low Acknowledged

QSP-2 Return values of ERC20 function calls are not checked Low Mitigated
QSP-3 Missing Approval event Low Fixed
QSP-4 Missing parameter validation Informational Acknowledged
QSP-5 claimToken may fail if TokenVesting contract does not have a sufficient Informational Acknowledged
balance
QSP-6 Privileged Roles and Ownership Informational Acknowledged
QSP-7 TokenSwap only works with same-decimal tokens Informational Acknowledged

Quantstamp Audit Breakdown

Quantstamp's objective was to evaluate the repository for security-related issues, code quality, and adherence to specification and best practices.

Possible issues we looked for included (but are not limited to):

• Transaction-ordering dependence

• Timestamp dependence

• Mishandled exceptions and call stack limits

• Unsafe external calls

• Integer overflow / underflow

• Number rounding errors

• Reentrancy and cross-function vulnerabilities

• Denial of service / logical oversights

• Access control

• Centralization of power

• Business logic contradicting the specification

• Code clones, functionality duplication

• Gas usage

• Arbitrary token minting

Methodology

The Quantstamp auditing process follows a routine series of steps:

1. Code review that includes the following

i. Review of the specifications, sources, and instructions provided to Quantstamp to make sure we understand the size, scope, and functionality of the smart
contract.

ii. Manual review of code, which is the process of reading source code line-by-line in an attempt to identify potential vulnerabilities.

iii. Comparison to specification, which is the process of checking whether the code does what the specifications, sources, and instructions provided to Quantstamp
describe.

2. Testing and automated analysis that includes the following:

i. Test coverage analysis, which is the process of determining whether the test cases are actually covering the code and how much code is exercised when we run
those test cases.

ii. Symbolic execution, which is analyzing a program to determine what inputs cause each part of a program to execute.

3. Best practices review, which is a review of the smart contracts to improve efficiency, effectiveness, clarify, maintainability, security, and control based on the
established industry and academic practices, recommendations, and research.

4. Specific, itemized, and actionable recommendations to help you take steps to secure your smart contracts.

Toolset

The notes below outline the setup and steps performed in the process of this audit.

Setup

Tool Setup:

• Slither v0.7.1

• Mythril v0.22.19
Steps taken to run the tools:

1. Installed the Slither tool: pip install slither-analyzer

2. Run Slither from the project directory: slither .

3. Installed the Mythril tool from Pypi: pip3 install mythril

4. Ran the Mythril tool on each contract: myth -x path/to/contract

Findings

QSP-1 Outdated compiler version

Severity: Low Risk

Status: Acknowledged
Description: The project uses a solidity compiler version of 0.5.x which is outdated, the latest version is 0.8. Recent versions include more bug fixes that the old compiler might still have.

Recommendation: We recommend updating the compiler version to a more recent one and following the new Solidity syntax.

Update: From the Axie team: We would like to stick to 0.5.17 as most of our toolchain depends on 0.5.x version. We now use fixed 0.5.17 for all the contracts though.

QSP-2 Return values of ERC20 function calls are not checked

Severity: Low Risk

Status: Mitigated
File(s) affected: TokenSwap.sol

Description: The ERC20.transfer() and ERC20.transferFrom() functions return a boolean value indicating success. This value is not checked.

Recommendation: We recommend using OpenZeppelin's SafeERC20 versions with the safeTransfer and safeTransferFrom functions that handle the return value check as well as non-
standard-compliant tokens.

Update: While the changes have added require statements around the function calls, this will fail if certain non-ERC20 compliant tokens are used (such as USDT). We still recommend using
SafeERC20.

QSP-3 Missing Approval event

Severity: Low Risk

Status: Fixed
File(s) affected: ERC20GatewayWhitelist.sol

Description: The transferFrom function does not emit the Approval event in case the approval was updated.

Recommendation: Emit the event in case the approval was updated.

QSP-4 Missing parameter validation

Severity: Informational

Status: Acknowledged
File(s) affected: TokenSwap.sol, ERC20GatewayWhitelist.sol, TokenVesting.sol

Description: The following functions have parameters that should be validated:

1. In TokenVesting, the constructor should ensure that _token is non-zero. It is also unclear if _startTime should be restricted, e.g., always >= block.timestamp.

2. In ERC20GatewayWhitelist, _setGateway should check that _mainchainGateway is non-zero, particularly since this is an internal function and only invoked from the
constructor of AXSToken.

3. In TokenSwap, the constructor should check that _oldToken and _newToken are non-zero, and that oldToken != newToken (unless tokens use the same addresses on
both chains).

4. In TokenSwap, the swapAndBridge function could check that recipient != address(0).

Otherwise, when these functions are called with wrong values, funds can be lost or the state cannot be changed anymore and the contract must be redeployed.

Recommendation: Add more parameter validation.

Update: This is only partially resolved, as not all checks have been added (e.g., in TokenSwap.constructor).
From the Axie team: We introduced some input validation to the contracts, some of the input will depend on the checks of the dev when deploying it.

QSP-5 claimToken may fail if TokenVesting contract does not have a sufficient balance

Severity: Informational

Status: Acknowledged
File(s) affected: TokenVesting.sol

Description: It is presumed that an administrative account will deposit funds into the contract, however if not, calls to claimToken may fail even if the user has vested tokens.

Recommendation: Clarify how TokenVesting will be funded in practice.

QSP-6 Privileged Roles and Ownership

Severity: Informational

Status: Acknowledged
File(s) affected: TokenVesting.sol, ERC20GatewayWhitelist.sol

Description: Smart contracts will often have owner variables to designate the person with special privileges to make modifications to the smart contract.
In particular, the owner can change startTime in TokenVesting. In ERC20GatewayWhitelist, the mainchainGateway contract is automatically approved for anyone using the AXS
token and the approval cannot be revoked. The gateway contract could have full control of all user's AXS balances depending on its logic/upgradeability.

Recommendation: This centralization of power needs to be made clear to the users, especially depending on the level of privilege the contract allows to the owner.

Update: From the Axie team: We understand the implications of this and would like to proceed with the current state.

QSP-7 TokenSwap only works with same-decimal tokens

Severity: Informational

Status: Acknowledged
File(s) affected: TokenSwap.sol

Description: The swapToken and swapAndBridge functions credit the same amount of new tokens as the old tokens. Therefore, the old and new tokens must have the same decimals and a 1-
to-1 exchange rate.

Recommendation: Check that all tokens use the same number of decimals, or add an exchange rate value.

Update: From the Axie team: It’s up to the dev to ensure it when deploying.

Automated Analyses

Slither

Slither detected that several return values from boolean functions are ignored in TokenSwap.sol. Specifically, return values from approve, transfer, transferFrom, and
depositERC20For should be checked.

Mythril

Mythril did not report any issues.

Adherence to Specification

No external specification was provided.

Adherence to Best Practices

1. The MainchainGateway.sol contract could likely be an interface. It is not clear where this smart contract is actually implemented.

2. The onlyMinter modifier does not have an error message on revert.

3. Update: fixed. HasAdmin.sol has an unlocked pragma version (^0.5.17); all other contracts are locked to 0.5.17.

Test Results
Test Suite Results

We were not able to run nor coverage as npm install scripts failed due to '@axie/contract-library' not existing in the npm registry.
Appendix

File Signatures
The following are the SHA-256 hashes of the reviewed files. A file with a different SHA-256 hash has been modified, intentionally or otherwise, after the security review. You are cautioned that a
different SHA-256 hash could be (but is not necessarily) an indication of a changed condition or potential vulnerability that was not within the scope of the review.

Contracts

8d96f8dc5cb9ee6ca59632cf540b75266e22344f1ee9b874e1777b373147e1cb ./contracts/AXS.sol

be4d4ef233f956e3dd1ddbf8e347ab02a0449ea7f14d3e302e82222b00127d67 ./contracts/AXSToken.sol

f3de198056259683f6d6d2257fd6942d25d5cfb31f4c16e05488c52eb10603a7 ./contracts/MainchainGateway.sol

81936b2304dffa32b2f7c3e3a525af2c5bb9b0b90ee407ed5774ac3c5b62214e ./contracts/SmoothLovePotion.sol

3962e110c30c68b21594f174ce333c8de8f6fdbe281d620877b440281cdd92ab ./contracts/TokenSwap.sol

1ad3731e6ccc4e2b90ca9933cc5400db29f0b0b3fb7f4867f5dfd40a78b8c666 ./contracts/token/erc20/ERC20.sol

c38c27a2bea36b0b2129368a14d788cece80bdd02f269d9e6e5cde7c6ee52c6a ./contracts/token/erc20/ERC20Detailed.sol

956234c848d772da30949a70a07ca4bdf7521d3b71c06102373b101268573871 ./contracts/token/erc20/ERC20GatewayWhitelist.sol

0c0ed83265c4a744194abaa38c456bac3e7a55a19ae24568231a357f065e8152 ./contracts/token/erc20/ERC20Mintable.sol

92a176494cb2f71a9c93f05c788f70f2c0589d76efcb5d09fdec436e02b0a41b ./contracts/token/erc20/IERC20.sol

b5dbe7dd581451a011945ada1ab266aafb8d4050642e8bb805582f1b33bb1c85 ./contracts/token/erc20/IERC20Detailed.sol

e00ab7ba17c15fbb9b981efd3941c4bd6a7b36ba66e6a13c881d3334b4c92764 ./contracts/token/erc20/TokenVesting.sol

9f6c3018ff12bd03fa3766588605bf44517c3079f795b92d6c278c6b35531809 ./contracts/math/SafeMath.sol

effd82b714deee2eba6e0d4def672a523142dcedada21231a66aff27954e82e3 ./contracts/access/HasAdmin.sol

66c50ec47d472222ac3b9fa1c41552a172c10e92ee0d00b775346dacfb677026 ./contracts/access/HasMinters.sol

Tests

5af03718f3160d5118808e6b1aa32342e34425302b3d75537858c7c731e8a3ae ./test/AXSToken_test.ts

f371a6f18a70b1023b173d083e47ef42537aa3e81f43fdd439db47368b822cd9 ./test/AXS_test.ts

a1a9ef4bcb5693a87d36529ad696a853f721dfbb5dd77ad964dbe06c85538a14 ./test/TokenSwap_test.ts

85b9fd881367fa10e4ad9cd6aa0c3cf2523f394c70a789d0dfc4f3f3d639afc5 ./test/TokenVesting_test.ts

5d1a9f4e249adb7c130c5c42929f3c5e9b6eae47e323ff0c69c18b12704d776d ./test/utils.ts

Changelog

• 2021-04-21 - Initial report

• 2021-04-23 - Revised report based on commit f1d7460

About Quantstamp

Quantstamp is a Y Combinator-backed company that helps to secure blockchain platforms at scale using computer-aided reasoning tools, with a mission to help boost the
adoption of this exponentially growing technology.

With over 1000 Google scholar citations and numerous published papers, Quantstamp's team has decades of combined experience in formal verification, static analysis,
and software verification. Quantstamp has also developed a protocol to help smart contract developers and projects worldwide to perform cost-effective smart contract
security scans.

To date, Quantstamp has protected $5B in digital asset risk from hackers and assisted dozens of blockchain projects globally through its white glove security assessment
services. As an evangelist of the blockchain ecosystem, Quantstamp assists core infrastructure projects and leading community initiatives such as the Ethereum
Community Fund to expedite the adoption of blockchain technology.

Quantstamp's collaborations with leading academic institutions such as the National University of Singapore and MIT (Massachusetts Institute of Technology) reflect our
commitment to research, development, and enabling world-class blockchain security.

Timeliness of content

The content contained in the report is current as of the date appearing on the report and is subject to change without notice, unless indicated otherwise by Quantstamp;
however, Quantstamp does not guarantee or warrant the accuracy, timeliness, or completeness of any report you access using the internet or other means, and assumes
no obligation to update any information following publication.

Notice of confidentiality

This report, including the content, data, and underlying methodologies, are subject to the confidentiality and feedback provisions in your agreement with Quantstamp.
These materials are not to be disclosed, extracted, copied, or distributed except to the extent expressly authorized by Quantstamp.

Links to other websites

You may, through hypertext or other computer links, gain access to web sites operated by persons other than Quantstamp, Inc. (Quantstamp). Such hyperlinks are
provided for your reference and convenience only, and are the exclusive responsibility of such web sites' owners. You agree that Quantstamp are not responsible for the
content or operation of such web sites, and that Quantstamp shall have no liability to you or any other person or entity for the use of third-party web sites. Except as
described below, a hyperlink from this web site to another web site does not imply or mean that Quantstamp endorses the content on that web site or the operator or
operations of that site. You are solely responsible for determining the extent to which you may use any content at any other web sites to which you link from the report.
Quantstamp assumes no responsibility for the use of third-party software on the website and shall have no liability whatsoever to any person or entity for the accuracy or
completeness of any outcome generated by such software.

Disclaimer

This report is based on the scope of materials and documentation provided for a limited review at the time provided. Results may not be complete nor inclusive of all
vulnerabilities. The review and this report are provided on an as-is, where-is, and as-available basis. You agree that your access and/or use, including but not limited to any
associated services, products, protocols, platforms, content, and materials, will be at your sole risk. Blockchain technology remains under development and is subject to
unknown risks and flaws. The review does not extend to the compiler layer, or any other areas beyond the programming language, or other programming aspects that
could present security risks. A report does not indicate the endorsement of any particular project or team, nor guarantee its security. No third party should rely on the
reports in any way, including for the purpose of making any decisions to buy or sell a product, service or any other asset. To the fullest extent permitted by law, we disclaim
all warranties, expressed or implied, in connection with this report, its content, and the related services and products and your use thereof, including, without limitation, the
implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant, endorse, guarantee, or assume responsibility for any
product or service advertised or offered by a third party through the product, any open source or third-party software, code, libraries, materials, or information linked to,
called by, referenced by or accessible through the report, its content, and the related services and products, any hyperlinked websites, any websites or mobile applications
appearing on any advertising, and we will not be a party to or in any way be responsible for monitoring any transaction between you and any third-party providers of
products or services. As with the purchase or use of a product or service through any medium or in any environment, you should use your best judgment and exercise
caution where appropriate. FOR AVOIDANCE OF DOUBT, THE REPORT, ITS CONTENT, ACCESS, AND/OR USAGE THEREOF, INCLUDING ANY ASSOCIATED SERVICES OR
MATERIALS, SHALL NOT BE CONSIDERED OR RELIED UPON AS ANY FORM OF FINANCIAL, INVESTMENT, TAX, LEGAL, REGULATORY, OR OTHER ADVICE.

Axie Infinity Token Audit