Internal review
Audit status and review scope
TikiDeco is not independently audited. This page separates the historical Sepolia V1 deployment from the non-canonical V2 candidate review target.
Audit-status disclaimer: this is an internal review page only. TikiDeco has not completed an independent smart-contract audit.
Status
- Internal review
- in-progress
- Independent audit
- not-started
- Canonical V1 source commit
- 9da9b09334031276fbd2bb9d61738a15bfe08c1e
- Last updated
- 2026-06-17T08:50:12.000Z
Canonical V1 Versus Candidate V2
- Canonical V1
- TikiDecoToken and TikiDecoVestingVault on Ethereum Sepolia
- Candidate V2
- TikiDecoTokenV2.sol and TikiDecoVestingVaultV2.sol are non-canonical audit-target candidates
- Promotion status
- No V2 promotion is recorded in deployments/canonical.json
In-Scope Contracts
- V1 token
- contracts/TikiDecoToken.sol
- V1 vesting vault
- contracts/TikiDecoVestingVault.sol
- V2 candidate token
- contracts/TikiDecoTokenV2.sol
- V2 candidate vesting vault
- contracts/TikiDecoVestingVaultV2.sol
Compiler And Analysis
- Compiler
- 0.8.28, paris, optimizer runs 200
- Test status
- Hardhat suite and Foundry secondary invariant suite are CI gates
- Coverage status
- Hardhat coverage is the primary gate; Foundry V2 line, function, and branch thresholds are configured for the secondary invariant suite
- Static analysis
- Slither V1 informational scan and blocking V2 baseline comparison are configured
Known Issues And Governance
- Known issues
- See KNOWN_ISSUES.md and security/slither-baseline-v2.json
- Owner Safe
- 0xB8Aa322bCF931aE9dD0BD3fE57B03AB71B8A88c3
- Safe threshold
- 3-of-3
- Treasury
- 0xf1DAd608ddD5B71F039FEE82026164bc6a245081