TokenOps
Stellar-based token vesting protocol.
Critical / High
Medium
Low / Informative
Report files
Audit lifecycle
Public reports represent completed engagements with finalized deliverables.
Completed
Scheduled
Scope, timeline, and review plan were agreed.
Completed
In Progress
Manual review and verification work were carried out.
Current stage
Completed
The engagement wrapped with a published final report.
Executive Summary
High-level assessment and conclusions
A concise overview of the audit scope, core findings, and the key outcomes from the engagement.
The audit was specifically targeted at evaluating the security and functionality of Vesting Labs' Token Vesting Factory and Token Vesting Manager contracts, which are integral components of their token vesting operations platform. These contracts, developed in Rust for the Soroban smart contract platform, facilitate the creation, management, and execution of token vesting agreements on-chain. Conducted over a period of four weeks, from February 4, 2024, to March 4, 2025, the audit aimed to scrutinize the business logic and low-level implementation of these contracts to identify any vulnerabilities, logic flaws, or inefficiencies that could potentially compromise the system's integrity, lead to loss of funds, or enable unauthorized access to the tokens held in vesting contracts.
Reports
Download the audit artifacts
Access the published PDF deliverables associated with this engagement.
PDF report 1
TokenOps.pdf
Download the published report for this engagement.