Overview

The Sandbox
Rank #N/A

Skynet Trust Score

81%
  • Project is Relatively Decentralized
  • Large Market Cap (top 25%)
  • Long-running Project
  • Trust Score is #1 amongst all projects
Security Score
81 / 100
Market & Community
71 / 100

The Sandbox Info

The Sandbox claims to be a virtual world where players can build, own, and monetize their gaming experiences in the Ethereum blockchain using SAND, the platform’s utility token.

Audits

Onboarded Date

08/Dec/2022

Contracts

0x384...3a5d0

How do you feel about this project's security?
Documents
File Name Type Size Upload Date Action
Zip File 4.57 MB 12 Dec 2021
PDF File 8.89 MB 24 Nov 2021
MP4 File 14.62 MB 19 Nov 2021
XSL File 2.38 KB 14 Nov 2021
Floder File 87.24 MB 08 Nov 2021
PNG File 879 KB 02 Nov 2021
Activities
Oliver Phillips New

We talked about a project on linkedin.

Today
N
Nancy Martino In Progress

Create new project Buildng product

Yesterday
Natasha Carey Completed

Adding a new event with attachments

25 Nov
Bethany Johnson

added a new member to velzon dashboard

19 Nov
Your order is placed Out of Delivery

These customers can rest assured their order has been placed.

16 Nov
Lewis Pratt

They all have something to say beyond the words on the page. They can come across as casual or neutral, exotic or graphic.

22 Oct
Monthly sales report

2 days left notification to submit the monthly sales report. Reports Builder

15 Oct
New ticket received Completed

User Erica245 submitted a ticket.

26 Aug
Nancy Martino

Team Leader & HR

225

Projects

197

Tasks

HB
Henry Baird

Full Stack Developer

352

Projects

376

Tasks

Frank Hook

Project Manager

164

Projects

182

Tasks

Jennifer Carter

UI/UX Designer

225

Projects

197

Tasks

ME
Megan Elmore

Team Leader & Web Developer

201

Projects

263

Tasks

Alexis Clarke

Backend Developer

132

Projects

147

Tasks

NC
Nathan Cole

Front-End Developer

352

Projects

376

Tasks

Joseph Parker

Team Leader & HR

64

Projects

93

Tasks

Erica Kernan

Web Designer

345

Projects

298

Tasks

DP
Donald Palmer

Wed Developer

97

Projects

135

Tasks

Showing 1 to 10 of 12 entries

Code Audit History

10 Audit available
Last Audit was delivered on 08 December 2022

The Sandbox -Audit

View Findings
1

All Findings

0

Acknowledge

0

Partially

1

Resolved

0
Critical none
1
Major privilege
0
Medium none
0
Minor none
0
Optimization none
0
Informational none
0
Discussion none

Method

Audited Files/SHA256

Contracts

0x3845badade...3a5d0

Manual Review Static Analysis
Audit Timeline
Requested on
08 December 2022
Revisioned on
08 December 2022

Formal Verification Result

9 / 38 Properties True
80%

Token Standard

ERC-20

Functions

6

Verified Contract

The Sandbox (thesandbox.sol) 1

The Sandbox Smart Contract Code

                        
                        

pragma solidity 0.5.9;


import "./Sand/erc20/ERC20ExecuteExtension.sol";

import "./Sand/erc20/ERC20BaseToken.sol";

import "./Sand/erc20/ERC20BasicApproveExtension.sol";


contract Sand is ERC20ExecuteExtension, ERC20BasicApproveExtension, ERC20BaseToken {


    constructor(address sandAdmin, address executionAdmin, address beneficiary) public {

        _admin = sandAdmin;

        _executionAdmin = executionAdmin;

        _mint(beneficiary, 3000000000000000000000000000);

    }


    /// @notice A descriptive name for the tokens

    /// @return name of the tokens

    function name() public view returns (string memory) {

        return "SAND";

    }


    /// @notice An abbreviated name for the tokens

    /// @return symbol of the tokens

    function symbol() public view returns (string memory) {

        return "SAND";

    }


}

Code Audit Findings

Audits Overview

Context
Project Name
The Sandbox
Platform
Language
Codebase
Commit
About Xamer Audits
Delivery Date
Audit Methodology
Core Components
Vulnerability Summary
VULNERABILITY LEVEL PENDING DECLINED ACKNOWLEDGED PARTIALLY RESOLVED MITIGATED RESOLVED TOTAL
Critical 0 0 0 0 0 0 0
Major 0 0 0 0 0 1 1
Medium 0 0 0 0 0 0 0
Minor 0 0 0 0 0 0 0
Optimization 0 0 0 0 0 0 0
Informational 0 0 0 0 0 0 0
Discussion 0 0 0 0 0 0 0
Review Notes

Overview

The provided Solidity code defines a smart contract named "Sand" that represents an ERC-20 token named "SAND." This contract has a constructor that sets administrators and mints an initial supply of 3 trillion SAND tokens to a beneficiary. The contract includes functions to retrieve the token's name and symbol.

It extends functionality through three imported contracts, but the specific details of these extensions are not provided in the code snippet. Overall, it serves as a basic implementation of an ERC-20 token.

Privileged Roles

In the provided Solidity code for the "Sand" contract, there are a few privileged roles with specific responsibilities:

  • Sand Administrator (`_admin`):  The `_admin` address is set during the contract's deployment. This address has administrative privileges, which may include control over critical aspects of the token's behavior and configuration. The specific roles and responsibilities of the Sand Administrator would depend on the implementation of the imported contracts and any additional code not provided in this snippet.
  • Execution Administrator (`_executionAdmin`): Similar to the Sand Administrator, the `_executionAdmin` address is set during deployment. This address is granted administrative privileges related to execution functionality. The exact nature of these privileges would also be defined in the imported contracts or additional code.
  • Beneficiary: The `beneficiary` address is the recipient of the initial supply of SAND tokens. While not explicitly described as a "privileged role," the beneficiary receives a substantial number of tokens upon contract deployment, which may imply a certain level of influence or control over the initial distribution of tokens.

The code snippet itself does not provide specific details about the roles and responsibilities of these administrators.The privileges and actions associated with these roles would depend on the functionality defined in the imported contracts, which are not included in the provided code. Typically, administrators have the authority to manage and control various aspects of the token's behavior, such as minting, burning, and pausing the token.

Audits Scope

ID FILE SHA256 CHECKSUM
SDB thesandbox.sol 1fbd5ebe3df45ab189eb0e6f59327be764a3f5b3ab4bfa508f0b678e37db14b9

SDB-01 | Lack of Access Control

CATEGORY SEVERITY LOCATIONS STATUS
privilege Major constructor(address sandAdmin, address executionAdmin, address beneficiary) public {

        _admin = sandAdmin;

        _executionAdmin = executionAdmin;

        _mint(beneficiary, 3000000000000000000000000000);

 }
RESOLVED
Description

Line number: 26
Code Reference: In the constructor
Description: The contract does not appear to implement access control for critical functions. This can lead to potential security risks as unauthorized users may have access to functionalities that should be restricted to administrators.