This is the report from a security audit performed on Genesis Vision by gorbunovperm.
Genesis Vision is a decentralized asset management platform built on blockchain technology.
Commit hash: 4eca90915580f209e86db8270c4f53d6e645712b
In total, 4 issues were reported including:
-
0 critical severity issue.
-
0 high severity issue.
-
1 medium severity issues.
-
3 low severity issues.
-
0 minor observations.
-
It is possible to double withdrawal attack. More details here
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here
Add into a function transfer(address _to, ... )
following code:
require( _to != address(this) );
According to ERC20 standard, when initializing a token contract if any token value is set to any given address a Transfer
event should be emitted.
An event isn't emitted when assigning the initial supply to the msg.sender.
In the constructor, the initial supply is distributed in the amount of just 0.000000000000001000
tokens. But don't use decimals for amount.
It should be like:
totalSupply = startTotalSupply * 10**decimals;
balances[gvPlatform] = startTotalSupply * 10**decimals;
The setStartTotalSupply
function is not necessary because the startTotalSupply
variable is used only once in the constructor. Changing the value of this variable can be misleading for process participants.
There are some vulnerabilities were discovered in these contracts.