This is the report from a security audit performed on Aurora by MrCrambo.
The audit focused primarily on the security of Aurora smart contract.
In total, 4 issues were reported including:
-
0 high severity issues.
-
1 medium severity issues.
-
0 owner privilegies issues.
-
2 low severity issues.
-
1 notes.
There are no zero address checking in functions transfer
and transferFrom
.
- It is possible to double withdrawal attack. More details here
- Lack of transaction handling mechanism issue. More details here
Add into a function transfer(address _to, ... )
following code:
require( _to != address(this) );
Functions transfer
and transferFrom
return false instead of throwing, in case of transfer failing.
There is no event call in constructor
where all funds sent to the owner.
Smart contract contains medium severity issue.