Smart Contract Security
AUREX (ARX) Token Presale System — March 2026
AUDIT PASSED
No Critical, High, Medium, or Low severity vulnerabilities found. The AUREX smart contract system is considered secure for mainnet deployment.
0
Critical
0
High
0
Medium
0
Low
4
Info
Advisory only
Presale.solCore presale logic, stage management, purchases, bonus distribution
PresaleToken.solARX ERC-20 token, transfer lock, allocation minting
TeamVesting.solCliff-based vesting for team allocation (10% of supply)
LiquidityLock.solTime-locked liquidity storage (minimum 365 days)
ReentrancyGuard on every external function — state updates precede all external calls
Immutable core addresses — no post-deploy oracle or token substitution possible
Bonus reserve accounting — admin cannot drain the pending bonus pool
Transfer lock exempts only protocol contracts — no insider EOA exemptions at deploy
Irrevocable vesting and liquidity locks — cliffEnd and unlockTime cannot be shortened
Comprehensive event emissions covering all critical state changes
Dual-treasury architecture with zero-address validation and mutual-exclusion checks
Robust Chainlink oracle integration with staleness, round validation, and non-negative checks
Advisory only — no security risk. Optional future improvements.
Consider Ownable2Step
Two-step ownership transfer prevents accidental key loss. Advisory only.
Treasury routing inline docs
Add NatSpec clarifying ETH+USDT → treasury1, USDC → treasury2. Advisory only.
claimAllBonuses() gas docs
Document expected max stage count and gas estimate. Advisory only.
extcodesize on feed address
Add extcodesize check on ethUsdFeed constructor parameter. Advisory only.