This is the report from a security audit performed on TokenPHI by pro100skm.
The audit focused primarily on the security of TokenPHI contract.
- https://github.com/vpomo/TokenPHI/blob/master/contracts/Migrations.sol
- https://github.com/vpomo/TokenPHI/blob/master/contracts/PHICrowdsale.sol
In total, 3 issues were reported including:
-
0 high severity issues.
-
1 medium severity issues.
-
2 low severity issues.
-
0 minor observations.
Incorect realization of mint
function. It is transfering. Also there is no function for chenging mintingFinished
variable. It means that mintable contract is wrongly implemented and minting never will be finished.
approve
+ transferFrom
mechanism allows double Withdrawal attack.
No checking of proper time settings in those lines. Start time value may be set more than end time value.
There weren't detected any high severity vulnerabilities that can directly hurt the TokenPHI smart contracts. We highly recommend you to complete other bugbounty before use.