- Variables name, symbol, decimals is assigned in constructor function
- No need to assign when declaring in code.
2. BasicERC20 - Initializing with decimals not equal 18 can make contract work incorrectly - Line 23
- INITIAL_SUPPLY is assigned 10 ** (50 + 18) in code, means that decimals should be 18 and number of tokens is 10 ** 50
- constructor is called with decimals > 58
- Should assign INITIAL_SUPPLY in constructor function
INITIAL_SUPPLY = 10 ** (50 + _decimals);
- Should check
require(balances[msg.sender] >= _value);
- Instead of
require(balances[msg.sender] - _value >= 0);
- Send to address(0) => Burn token but not update totalSupply and emit event
- Not check balances of _from can lead to overflow
- Call transferFrom with _value bigger than balances[_from]
8. Lottery - withdrawGuess - Guesser can still withdraw ETH but not delete any guess from guesses array
- Lacking check for index < guesses[msg.sender].length()