This is the report from a security audit performed on BAT Token by gorbunovperm.
Audit of Top 200 CoinMarketCap tokens.
In total, 4 issues were reported including:
-
0 high severity issue.
-
1 medium severity issues.
-
3 low severity issues.
-
0 minor observations.
-
It is possible to double withdrawal attack. More details here
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here
Add into a function transfer(address _to, ... )
following code:
require( _to != address(this) );
From ERC-20 specification:
The function SHOULD
throw
if the_from
account balance does not have enough tokens to spend.
But in this implementation it just returns false
. This can lead to serious consequences. Because checking the return value of this function is rare.
For example, external contract may use this token contract as:
BatToken.transferFrom(recipient, this, value);
points[recipient] += value;
In this case recipient can get any value of points, but he may not have enough money and the code will succeed.
EIP20 says that:
Transfers of 0 values MUST be treated as normal transfers and fire the Transfer event. But in this contract, function
transfer
has a condition:
if (balances[msg.sender] >= _value && _value > 0) {
// ...
}
-
According to ERC20 standard when coins are minted a
Transfer
event should be emitted. -
The
createTokens
function also should emit theTransfer
event.
There are some vulnerabilities were discovered in this contract.