Forte Labs: Sealance Compliance Technology for Aleo audit report
Project Information
CATEGORY
Smart Contracts
NETWORK
Aleo
WEBSITE
https://www.forte.io/
DESCRIPTION
From Sep. 08, 2025 to Sep. 19, 2025, Forte Labs engaged Veridise to conduct a security assessment of their Sealance Compliance Technology. The security assessment covered the Leo on-chain program source code, as well as auxiliary TypeScript programs, including Merkle tree generation and deployment scripts for Sealance’s compliant token transfer protocol built on the Aleo blockchain. Veridise conducted the assessment over 4 person-weeks, with 2 security analysts reviewing the project over 2 weeks. The review strategy involved a thorough manual review of the program source code performed by Veridise security analysts.
Audit Report
SCOPE
The scope of this security assessment is limited to the (programs/), (lib/) and (scripts/) folders of the source code provided by Sealance Compliance Technology developers. These folders contain the Aleo programs that implement Sealance’s compliant tokens, as well as the deployment scripts used to manage and operate them.
- programs/merkle_tree.leo
- programs/sealance_freezelist_registry.leo
- programs/sealed_report_policy.leo
- programs/sealed_report_token.leo
- programs/sealed_threshold_report_policy.leo
- programs/sealed_timelock_policy.leo
- lib/Block.ts
- lib/Constant.ts
- lib/Conversion.ts
- lib/Deploy.ts
- lib/Freezelist.ts
- lib/Fund.ts
- lib/Initialize.ts
- lib/MerkleTree.ts
- lib/Role.ts
- lib/Token.ts
- lib/Upgrade.ts
- scripts/deploy-devnet.ts
- scripts/deploy-testnet.ts
- scripts/update-freeze-list.ts
- scripts/upgrade.ts