Audius Solana Programs is a decentralized, community-owned and artist-controlled music-sharing protocol. Audius provides a blockchain-based alternative to existing streaming platforms to help artists publish and monetize their work and distribute it directly to fans. The mission of the project is to give everyone the freedom to share, monetize, and listen to any audio.
Zellic conducted an audit for Audius, Inc from October 10th to October 14th, 2022.
Our general overview of the code is that it was very well-organized and structured. Tests are included for the majority of the functions. The documentation was adequate, although it could be improved. The code was easy to comprehend, and in most cases, intuitive.
We applaud Audius, Inc for their diligence in maintaining high code quality standards in the development of Audius Solana Programs as well as their responsiveness demonstrated while the audit was ongoing.
Zellic thoroughly reviewed the Audius Solana Programs codebase to find protocol-breaking bugs as defined by the documentation and to find any technical issues outlined in the Methodology section of this document.
Specifically, taking into account Audius Solana Programs's threat model, we focused heavily on issues that would break core invariants such as requiring signatures from the appropriate signers to redeem and transfer reward tokens as well as to manage groups of trusted signers.
During our assessment on the scoped Audius Solana Programs contracts, we discovered four findings. One finding was of critical severity. Of the remaining findings, one was of low severity, and the remaining findings were informational in nature.
Additionally, Zellic recorded its notes and observations from the audit for Audius, Inc's benefit in the Discussion section at the end of the document.