We are building secure and innovative Web3 solutions with expert consulting, development, and cybersecurity.
We supporting diverse blockchain ecosystems and programming languages to deliver tailored, cutting-edge Web3 solutions.
Discover how Softstack’s audit fixed high‑severity bugs in Fetch AI’s Agentverse Launchpad, boosting trust in tokenised AI agents.
Client
Fetch AI
Project
Agentverse
Industry
Web3
Service
Smart Contract Audit
In a decentralised world where autonomous software agents buy, sell and negotiate value, trust is coded, not promised. That’s why Fetch AI engaged Softstack, Germany’s Web3 security experts, to audit every function of the Agentverse Launchpad, the smart‑contract backbone that mints and lists AgentCoins for the Fetch AI ecosystem.
Agentverse is a permissionless launchpad that lets developers:
By combining AI, blockchain, and multi‑agent systems, Fetch AI enables autonomous economic activity without human bottlenecks.
Softstack’s auditors followed a four‑step process, manual line‑by‑line review, automated symbolic‑execution testing, best‑practice benchmarking, and attack‑scenario simulation. The scope covered token sale integrity, fund flow, access control, gas efficiency, and extreme‑input resilience.
Severity | Issue | Impact | Resolution |
High | Signature malleability in multisig | Potential unauthorised parameter changes | Adopted OpenZeppelin ECDSA; nonce & replay protection |
Medium | Arbitrary pricing divisor | Economic manipulation of bonding‑curve price | Parameterised divisor; added NatSpec docs |
Low | Hard‑coded liquidity target | Inflexible economic model | Acknowledged (design‑driven constant) |
Low | Unlimited ERC‑20 allowance | Potential token drain if router compromised | Time‑bound, exact‑sum approvals |
All issues were fixed or acknowledged before mainnet deployment, leaving zero open findings.
📌 Softstack’s audit cements Agentverse Launchpad as a secure, gas‑optimized, and future‑proof gateway to tokenised AI agents. Dive into the full technical report on GitHub or reach out to Softstack for your own smart‑contract security assessment.
Explore the audit report at GitHub