Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ETH_UNUS_SED_LEO_Report.md Secret

Forked from MrCrambo/ETH_UNUS_SED_LEO_Report.md
Created July 12, 2019 07:18
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save yuriy77k/0772c6a85317d2fce4de2aaff2ea087f to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save yuriy77k/0772c6a85317d2fce4de2aaff2ea087f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ETH_UNUS_SED_LEO_Report.md

Summary

This is the report from a security audit performed on UNUS_SED_LEO by MrCrambo.

The audit focused primarily on the security of UNUS_SED_LEO smart contracts.

In scope

  1. https://etherscan.io/address/0x2af5d2ad76741191d15dfe7bf6ac92d4bd912ca3#code

Findings

In total, 4 issues were reported including:

  • 0 high severity issues.

  • 1 medium severity issues.

  • 0 owner privilegies issues.

  • 2 low severity issues.

  • 1 notes.

Security issues

1. No event call

Severity: note

Description

There is no event call in constructor in line 17 after setting owner.

2. Zero address checking

Severity: low

Description

There are no zero address checking in functions changeController in line 76 and generateTokens in line 460.

3. Owner privilegies

Severity: owner privilegies

Description

Owner can disable transfers any time he wants.

4. Unlimited minting

Severity: medium

Description

Owner can mint using generateTokens function in line 460 without any restrictions and unlimited tokens, so it could be risky for users.

Conclusion

Smart contract contains medium severity issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment