| Issue Number | Severity | Action | Additional Description | Commit Link |
| ARS-01 : Redundant Variable Initialization | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/93cae128fcce0b568c443b024b258363dd95ae74 |
| ASD-01 : Centralization Risk | Major | Ignored | Will be solved once protocol ownership is transferred to Bitocracy | |
| ASD-02 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/1a5b8daed23e7f9cec21ccdc8fce3958707e27a1 | |
| ASD-02 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/1a5b8daed23e7f9cec21ccdc8fce3958707e27a1 | |
| ASD-03 : Explicitly Returning Local Variable | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b9793a04ef2c7684b40426722addbd146e11db44 | |
| BPP-01 : Centralization Risk | Major | Ignored | Will be solved once protocol ownership is transferred to Bitocracy | |
| DFV-01 : Missing Validation for The Past `lastReleaseTime | Minor | Ignored | Non-updgradeable | |
| DFV-02 : Ineffectual Security of Token Owner Lock/Unlock Mechanism | Discussion | Ignored | Non-updgradeable | |
| DFV-03 : Centralization Risk | Major | Ignored | Non-updgradeable | |
| DFV-04 : Function Visibility Optimization | Minor | Ignored | Non-updgradeable | |
| DFV-05 : Redundant `SafeMath` Utilizations | Informational | Ignored | Non-updgradeable | |
| ESD-01 : Redundant Statements | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/6d573eabc39aacc4c03b4ba9bba6c1dda1517faa |
| ESD-02 : Storage Variables Are Not Packed | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/e72e4092bd90608f6bada444332b509416ab7d9a |
| ESD-03 : Redundant Statements | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/eddcd1b2e562a142a6e05f53dce4dfb9388f0109 |
| ESD-04 : Inefficient Storage Read | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/8e41f551a128bd1277cbd07ff5b1f63906b8b0bb |
| ESD-05 : Inefficient Storage Read | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/dd1081e0cceeaec05d2d528395d837c3cee58e50 |
| FSP-01 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/c45cadb9b0941df16943e2c38818cf1c8320a065 | |
| FSP-02 : Unneeded Packing of Local Variable | Informational | Addressed | Addressed in another branch. Applied in the master branch already | |
| FSP-03 : Potential Volatile Implementation | Discussion | Ignored | No need to do anything with this because removing withdrawal interval is not an option | |
| FSP-04 : Requisite Value of ERC-20 `transferFrom()` / `transfer()` Call | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/0989ce599758db778baa45fb617b8746304b9d6f | |
| FSP-05 : Inefficient Storage Read | Informational | Ignored | Adding new variable will cause stack too deep issue. | |
| GAS-01 : Division Before Multiplication | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/d18a2b0797b6084ecea038f9f4a94d753e70c641 | |
| GAS-02 : Potential Logic Flaw in `state()` | Medium | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/0f512f33ff89033c475262849e3b689a512fb8c0 | |
| GAS-03 : Function Visibility Optimization | Informational | Ignored | Stack too deep | |
| GAS-04 : Comparison with `boolean` Literal | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/61000d80ba06ce83187343f7b2af112dd3063656 | |
| GAS-05 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/653128214cd717e701f86cb07a2739b5b5760087 | |
| GVS-01 : Usage of `transfer()` for Sending Ether | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/8953d5af41009cac8658dfdf6af4465274a9e831 | |
| LCB-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LCB-02 : Dangerous Usage of `tx.origin` | Minor | Ignored | Before EIP3074 release, using tx.origin instead of require(!isContract(msg.sender)) is better approach. Because using isContract has a flaw when it is called by the constructor of the contract | |
| LCW-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LMS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LMS-02 : Redundant Statements | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/3b71e3e884bc6c5360aca51e1d7aeb302fb04722 | |
| LMS-03 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LOS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LSC-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LSD-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LSO-01 : `AdminAdded` Event Is Not Emitted | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/5eb927d2efbd91cdd57919a3c39521497830dcf1 |
| LSO-02 : Storage Variables Are Not Packed | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f305d0e7d6a7d14aaebfe6f52dd1f8550bb04eab |
| LSO-03 : Return Variable Utilization | Informational | Addressed | Non-upgradeable | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/28e453c9e1aa7664392847b353d467fb43e9207f |
| LSO-04 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LTA-01 : Function Visibility Optimization | Informational | Ignored | We can't change this as the loanParamsList state is being changed in the function implementation. | |
| LTA-02 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/4e5d761c5471f497b7758cf90b5ed02fef24fccb | |
| LTA-03 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LTB-01 : Inefficient Storage Layout | Informational | Ignored | Can't be changed due to storage collision issue | |
| LTD-01 : Documentation Discrepancy | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/6ebc7645e6950410941ec6d396642cd188a2da07 | |
| LTD-02 : Missing Input Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/5566f32f7a97c8201c60de69ac238044324610ec | |
| LTD-03 : Inefficient Storage Read | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f7e41083dcc6b14003557df8dda09a197a91b192 | |
| LTD-04 : Missing Error Messages | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/e6729a28a0dad763679c193d6d75943b40f62bf0 | |
| LTD-05 : Return Variable Utilization | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/63c7d4f364b4db8907af4dd3ec19458acb469dfd | |
| LTD-06 : Inefficient Storage Read | Informational | Done | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/a9ec436a4e4fa52d09821176e6fb78f673e363a5 | |
| LTD-07 : Potential Allowance Overwritten | Minor | @TODO: Need to revert this changes as in it will cause the storage collision | ||
| LTD-08 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| LTS-01 : Contract's State Can Be Re-initialized | Major | @TODO: Need to revert this changes as in it will cause the storage collision | ||
| LTS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| MSK-01 : Function Visibility Optimization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/c507ee7db2c2363b91886b6cb1ff0606cfc5c55d | |
| MSK-02 : Ethereum Addresses Count Can Exceed `MAX_OWNER_COUNT` | Minor | Non-upgradeable | ||
| MSK-03 : Bitcoin Addresses Count Can Exceed `MAX_OWNER_COUNT` | Minor | Ignored | Non-upgradeable | |
| MSW-01 : Inefficient Storage Struct Layout | Informational | Ignored | Non-upgradeable | |
| MSW-02 : Missing Error Messages | Informational | Ignored | Non-upgradeable | |
| MSW-03 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable | |
| OIC-01 : Centralization Risk | Major | Ignored | The contract is no longer used | |
| OIC-02 : Centralization Risk | Major | Ignored | The contract is no longer used | |
| PFR-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| PFS-01 : Redundant Variable Initialization | Informational | Ignored | Non-upgradeable | |
| PFS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| PSS-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| PSS-02 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| PTU-01 : Possibility of Protocol Tokens Being Locked | Minor | Ignored | Non-upgradeable | |
| SED-01 : Centralization Risk | Major | Ignored | Will be solved once the ownership is transferred to Bitocracy | |
| SOV-01 : Centralization Risk | Major | Ignored | Non-upgradeable | |
| SOV-02 : Function Visibility Optimization | Informational | Ignored | Non-upgradeable | |
| SRP-01 : Inheritance Order Does Not Allow Expanding of `StakingRewardsStorage` Contract With Additional Storage Structures | Medium | Addressed | Fixed in Rubicon release | https://github.com/DistributedCollective/Sovryn-smart-contracts/pull/408 |
| SRR-01 : Inheritance Order Does Not Allow Expanding of `StakingRewardsStorage` Contract With Additional Storage Structures | Medium | Addressed | Fixed in Rubicon release | https://github.com/DistributedCollective/Sovryn-smart-contracts/pull/408 |
| SRR-02 : Inefficient Storage Read | Informational | Ignored | No changes required as audit was done on a legacy version | |
| SRR-03 : Inaccurate Validity Check | Medium | Ignored | No changes required as audit was done on a legacy version | |
| SSD-01 : Potential Volatile Implementation | Minor | Ignored | The report seems weird, could not find that piece of code in our repo. | |
| SSS-01 : Missing Sanity Validation | Minor | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/2478d758c34f05ba2a77ce7c5877f8c4e2f3d610 | |
| SSS-02 : Lack of Error Message | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/7987cc0466a1a6a0f6c2aa1fd9cc8c58728b86e3 | |
| SSS-03 : Centralization Risk | Major | Ignored | No changes required as Staking is governed by a SIP | |
| SSS-04 : Redundant Variable Initialization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b4b4d87fdc10d51d8c66ca5d15dec0236d6be398 | |
| SSS-05 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/f9834b5e11d8742594db6ef694ad354cdb63b470 | |
| STA-01 : Visibility Specifiers Missing | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/dae29b01ba397dc828701bce17eeb0c765caa2b6 | |
| STA-02 : Redundant Variable Initialization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/552e2f04e0513c5ac28de4cd5230c92c8f8baa2a | |
| SVR-01 : Lack of Error Message | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/b2d13474167934c2f93cbc641a8e547e97873659 | |
| SVR-02 : Visibility Specifiers Missing | Informational | Ignored | No longer used | |
| TSD-01 : Missing Input Validation | Minor | Ignored | Non-upgradeable contract | |
| TSV-01 : Function Visibility Optimization | Informational | Ignored | Non-upgradeable contract | |
| TSV-02 : Centralization Risk | Major | Ignored | Non-upgradeable contract | |
| VCV-01 : Inefficient Storage Struct Layout | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
| VCV-02 : Missing Input Validation | Minor | Ignored | Not required. As the transfer function checks for receiver != address(0). It is basically saving gas | |
| VCV-03 : Comparison with `boolean` Literal | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
| VCV-04 : Function Return Value Ignored | Informational | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
| VCV-05 : Potential Stuck Vesting Process | Medium | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
| VCV-06 : Inefficient Usage of Local Storage Variable | Informational | Ignored | Non-upgradeable contract | |
| VCV-07 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable contract | |
| VLV-01 : Lack of Error Message | Informational | Ignored | Non-upgradeable contract | |
| VLV-02 : Inefficient Storage Read | Informational | Ignored | Non-upgradeable contract | |
| VRL-01 : Inheritance Order Does Not Allow Expanding of `VestingRegistryStorage` Contract With Additional Storage Structures | Medium | Addressed | Already fixed and the latest code is in production | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/50546a376af08326ca2ef186ff00a6c0739ff0b8 |
| VRL-02 : Redundant `modifier` Usage | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/61a9deaa46b1704209b7297340408be4789432ef | |
| VRL-03 : Return Variable Utilization | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/7459a83157fce30b4fed5f90acf007502fde8e75 | |
| VRS-01 : Usage of `transfer()` for Sending Ether | Minor | Ignored | Contract no longer used | |
| VRS-02 : Redundant Variable Initialization | Informational | Ignored | Contract no longer used | |
| VRV-01 : Usage of `transfer()` for Sending Ether | Minor | Ignored | Contract no longer used | |
| VRV-02 : Redundant Variable Initialization | Informational | Ignored | Contract no longer used | |
| VRV-03 : Inefficient Storage Read | Informational | Ignored | Contract no longer used | |
| VRV-04 : Explicitly Returning Local | Informational | Ignored | Contract no longer used | |
| Variable VRV-05 : Inefficient Storage Read | Informational | Ignored | Contract no longer used | |
| VRV-06 : Centralization Risk | Major | Ignored | Contract no longer used | |
| WSS-01 : Inefficient Storage Read | Informational | Addressed | https://github.com/DistributedCollective/Sovryn-smart-contracts/commit/84bd727d70d2a4137c7ac4c214e84920a8429b2b |