Skip to content

Instantly share code, notes, and snippets.

@minhquanym
Created March 7, 2022 10:31
Show Gist options
  • Save minhquanym/974b4ce2c545302ef6620d78bf15c9f9 to your computer and use it in GitHub Desktop.
Save minhquanym/974b4ce2c545302ef6620d78bf15c9f9 to your computer and use it in GitHub Desktop.
Kyber Contract Test

Kyber Smart Contract Test

1. BasicERC20 - Save gas in constructor - Line 20-22

Impact:

  • Variables name, symbol, decimals is assigned in constructor function
  • No need to assign when declaring in code.

2. BasicERC20 - Initializing with decimals not equal 18 can make contract work incorrectly - Line 23

Impact:

  • INITIAL_SUPPLY is assigned 10 ** (50 + 18) in code, means that decimals should be 18 and number of tokens is 10 ** 50
  • constructor is called with decimals > 58
  • Should assign INITIAL_SUPPLY in constructor function INITIAL_SUPPLY = 10 ** (50 + _decimals);

3. BasicERC20 - Save gas in check - Line 47

  • Should check require(balances[msg.sender] >= _value);
  • Instead of require(balances[msg.sender] - _value >= 0);

4. BasicERC20 - transfer function not check input address _to != address(0)

Impact:

  • Send to address(0) => Burn token but not update totalSupply and emit event

5. BasicERC20 - transferFrom function do not return bool

6. BasicERC20 - transferFrom function - Potentially overflow - Line 59 - 60

Impact:

  • Not check balances of _from can lead to overflow

Proof of concept

  • Call transferFrom with _value bigger than balances[_from]

7. Lottery - guessWithWeth - not check amount >= GUESS_COST

8. Lottery - withdrawGuess - Guesser can still withdraw ETH but not delete any guess from guesses array

Impact:

  • Lacking check for index < guesses[msg.sender].length()

9. Lottery - withdrawGuess - Lacking check for guesses[msg.sender].length() == 0 before remove guesser from guessers array

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment