Skip to content

Instantly share code, notes, and snippets.

@RideSolo

RideSolo/ETH_natmin_v2_audit_report.md

Created November 12, 2018 22:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save RideSolo/b2fec6e66efd8a92ce58b0dcc6afbf5a to your computer and use it in GitHub Desktop.
Save RideSolo/b2fec6e66efd8a92ce58b0dcc6afbf5a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ETH_natmin_v2_audit_report.md

NATMIN Token V2 Audit Report.

1. Summary

This document is a security audit report performed by RideSolo, where NATMIN Token V2 has been reviewed.

2. In scope

  • NatminToken.sol github commit hash 34a4bb37eb02ac765850f29bbd13594c3507268f.

3. Findings

2 issues were reported including:

  • 2 low severity issues.

3.1. Transfer Event

Severity: low

Description

In the constructor a token transfer should be emitted when assigning the _totalSupply to the constractOwner to comply with ERC20 requirement.

Code snippet

https://github.com/RideSolo/Token/blob/master/contracts/NatminToken.sol#L116

Recommendation

3.2. Known Issue of ERC20 Standard

Severity: low

Description

This is just a reminder for the contract developers (the described ERC20 issue is well-known and well documented).

It is possible to double withdrawal attack. More details here

Code snippet

https://github.com/RideSolo/Token/blob/master/contracts/NatminToken.sol#L231

https://github.com/RideSolo/Token/blob/master/contracts/NatminToken.sol#L231

4. Conclusion

The contract is safe.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment