Skip to content

Instantly share code, notes, and snippets.

What would you like to do?

Travel Token Audit Report.

1. Summary

This document is a security audit report performed by RideSolo, where Travel Token has been reviewed.

2. In scope

  • travel.sol github commit hash 565fd5f7ae42de2c5647fb89e8b0406483bc77b9.

3. Findings

2 issues were reported:

  • 1 high severity issue.
  • 1 low severity issue.

3.1. Stages GAP Exploit

Severity: HIGH


Between every end of a stage and beginning of another stage there is a 24 hour gap where currentStage will return 0 which will be the presale 50% bonus as defined in _bonuses state varibale, any attacker that exploit this will get that bonus.

Code snippet

3.1. Known vulnerabilities of ERC-20 token

Severity: low


  1. It is possible to double withdrawal attack. More details here
  2. Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here

4. Conclusion

The audited can be exploited to get tokens with high bonus even in advanced stages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.