Request to please look into an observation of an audit report for Token namely BXR. Most of the BXR Token source code available at Ether scan matches exactly with Open Zeppelin Contracts version 3.4.0, on which BXR Token is based.
The Audit observation is a below,
Compromising the private key of the externally owned account
0x2B9AF0bd212BF9969Ed7308F7144ff281f9b8d42 would grant the adversary control
over all aspects of the token, as that account is Admin, Minter and Pauser of the
contract.
constructor() public ERC20Capped(100 * 106 * 1018) ERC20(“Blockster”, “BXR”) {
_setupRole(DEFAULT_ADMIN_ROLE, msg.sender);
_setupRole(PAUSER_ROLE, msg.sender);
_setupRole(MINTER_ROLE, msg.sender);
}
Coinspect confirmed the roles have not been segregated into different accounts since
deployment.
Need to know what is the safety level for me as a non-technical person to invest in this project? The report is made available by the project owners. They did not hide it.
Shall be grateful for community support and suggestion.
At least for me, I can not give you a conclusion whether is the safe to invest. Without auditing carefully, I can not get any conclusions. And even though the contracts have been audited, and there is not any critical bugs, it still has some unknown risks. For example about one month ago, a lending protocol was maliciously manipulated, they added an asset to the lending protocol, but the circulation volume of this token is a little low, so some huge-whales accounts buy this token to push the price to almost 2x its original price, and then deposited this token to borrow BTC and ETH, then they sold their tokens, so the price came down, and their accounts can be liquidated, so the price continues to fall again. Finally the protocol had a large amount of bad debt.
Generally, it is a common case for user to deposit tokens to borrow tokens, but for this case, it does damage to the protocol. So audit report is important, but it is not that important.
Anyway, there’s one golden investment rule that you should always keep in mind: never invest money that you can’t afford to lose
