Smart Contract Security Assessment

Zellic conducted an audit for TrueFi from August 29th to August 30th, 2022. Our general overview of the code is that it was very well-organized and structured. The code was easy to comprehend, and in most cases, intuitive. We applaud TrueFi for their attention to detail and diligence in maintaining incredibly high code quality standards in the development of TrustToken. Zellic thoroughly reviewed the TrustToken codebase to find protocol-breaking bugs as defined by the documentation and to find any technical issues outlined in the Methodology section of this document. Specifically, taking into account TrustToken’s threat model, we focused heavily on issues that would break core invariants such as bypassing the protection that was put in place for the mint, transfer and burn functions of the TrustToken. During our assessment on the scoped TrustToken contracts, we discovered one finding. Fortunately, no critical issues were found. This finding was informational in nature.