Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ColdStaking.md Secret

Forked from pro100skm/ColdStaking.md
Created October 13, 2018 08:54
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save yuriy77k/28b349a4f4fbf71639d6d35b6d4357a7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save yuriy77k/28b349a4f4fbf71639d6d35b6d4357a7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ColdStaking.md

ColdStaking audit report

Summary

This is the report from a security audit performed on ColdStaking by pro100skm.

The audit focused primarily on the security of ColdStaking contract.

In scope

  1. https://github.com/EthereumCommonwealth/Cold-staking/blob/863846e510299b8cb07bab38c0b60d1bd78e9947/ColdStaking.sol

Findings

In total, 2 issues were reported including:

  • 0 high severity issues.

  • 1 medium severity issues.

  • 0 low severity issues.

  • 1 minor observations.

Security issues

1. Wrong calculation

Severity: medium

Description

Wrong calculation of TotalStakingWeight. According to comment TotalStakingWeight should be calculated as below:

TotalStakingWeight += _seconds.mul(msg.value);

3. Testing data

Severity: minor

Description

round_interval and max_delay set as testing values.

Conclusion

There weren't detected any high severity vulnerabilities that can directly hurt the ColdStaking smart contracts. We highly recommend you to complete other bugbounty before use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment