This document is a security audit report performed by danbogd, where SafePost has been reviewed.
Сommit hash .
In total, 4 issues were reported including:
- 0 medium severity issues
- 3 low severity issues
- 1 owner privileges (ability of owner to manipulate contract, may be risky for investors)..
- 0 notes.
No critical security issues were found.
According to ERC20 standard when coins are minted a Transfer event should be emitted.
safepost_solidity.js Line 34.
-
It is possible to double withdrawal attack. More details here.
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Add into a function transfer(address _to, ... )
following code:
require( _to != address(this) );
An anybody, who send Ether to contract address may lose it because of no payment processing in contract code.
spaccount_v.3_solidity.js Line 19.
Contract owner allow himself to:
- can transfer funds to any account with any restrictions.
spaccount_v.3_solidity.js Lines 30, 39.
The review did not show any critical issues, some of low severity issues were found.