Pontem Aptos Wallet is a cryptocurrency wallet for Aptos.
Zellic conducted an audit for Pontem Technology Ltd. from October 10th to October 14th, 2022.
Our general overview of the code is that it was very well-organized and structured. The code coverage is high, and tests are included for the majority of the functions. The documentation was adequate, although it could be improved. The code was easy to comprehend, and in most cases, intuitive.
We applaud Pontem Technology Ltd. for their attention to detail and diligence in maintaining incredibly high code quality standards in the development of Pontem Aptos Wallet.
Zellic thoroughly reviewed the Pontem Aptos Wallet codebase to find application-breaking bugs as defined by the documentation and to find any technical issues outlined in the Methodology section (ref) of this document.
Specifically, taking into account Pontem Aptos Wallet's threat model, we focused heavily on issues that would break core invariants, such as insecure cryptographic functions, insecure seed-phrase storage, cross-site scripting, clickjacking, denial of service, and more.
During our assessment on the Pontem Aptos Wallet wallet, we discovered four findings. Fortunately, no critical issues were found. Of the four findings, one was medium severity, and the remaining findings were low severity.
Additionally, Zellic recorded its notes and observations from the audit for Pontem Technology Ltd.'s benefit in the Discussion section (ref) at the end of the document.