Skip to content

Instantly share code, notes, and snippets.

@yuriy77k yuriy77k/ Secret

forked from pro100skm/
Created Oct 5, 2018
What would you like to do?

TokenPHI audit report


This is the report from a security audit performed on TokenPHI by pro100skm.

The audit focused primarily on the security of TokenPHI contract.

In scope



In total, 3 issues were reported including:

  • 0 high severity issues.

  • 1 medium severity issues.

  • 2 low severity issues.

  • 0 minor observations.

Security issues

1. Mint realization

Severity: medium


Incorect realization of mint function. It is transfering. Also there is no function for chenging mintingFinished variable. It means that mintable contract is wrongly implemented and minting never will be finished.

2. Known Issues of ERC20 Standard

Severity: low


approve + transferFrom mechanism allows double Withdrawal attack.

3. No checking time

Severity: low


No checking of proper time settings in those lines. Start time value may be set more than end time value.


There weren't detected any high severity vulnerabilities that can directly hurt the TokenPHI smart contracts. We highly recommend you to complete other bugbounty before use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.