// Case studies
ERC-20 governance token, audit prep and test coverage uplift
Third-party audit found four medium issues pre-mainnet, Ownable misuse, snapshot gaps, and unchecked mint caps fixed before launch.
By Simplileap · Published March 8, 2025 · 9 min read
A DAO tooling startup prepared an ERC-20 with on-chain voting hooks for mainnet. Internal team had 70% test line coverage but no formal audit trail.
Simplileap engagement: threat model workshop; Slither + Mythril runs; Hardhat test suite expansion; gas profiling on vote delegation paths; audit documentation pack for external firm.
Issues caught pre-audit: mint function missing cap check in one inheritance branch; snapshot not updating on transfer in edge case; central admin could pause transfers without timelock, replaced with OpenZeppelin TimelockController pattern.
Problems: tokenomics required retroactive allocation script, audited separate Merkle distributor contract; deploy script used wrong chain ID in test, CI guard added.
External audit (partner firm) returned zero critical, one low informational post-fix.
Outcome: mainnet deploy on schedule; $12M FDV launch with no post-deploy contract incidents in first 90 days. Project anonymized, DAO infrastructure.
// Related services
Ready to scope your next initiative?
Share your goals with our Bangalore team. We respond within one business day with a clear path from discovery to delivery.