This document is a security audit report performed by RideSolo, where VCP Token has been reviewed.
Symbol : VCP
Name : VCP Coin
Total supply: 1,000,000
Decimals : 18
Standard : ERC20
2 issues were reported including:
- 2 low severity issues.
Token transfers to address(0) are allowed and they are used as basic burn mechanism, however users might by mistake send tokens to 0x0 adderss and lose their tokens.
function totalSupply() public constant returns (uint) {
return _totalSupply - balances[address(0)];
}
function transfer(address to, uint tokens) public returns (bool success) {
balances[msg.sender] = safeSub(balances[msg.sender], tokens);
balances[to] = safeAdd(balances[to], tokens);
emit Transfer(msg.sender, to, tokens);
return true;
}
function transferFrom(address from, address to, uint tokens) public returns (bool success) {
balances[from] = safeSub(balances[from], tokens);
allowed[from][msg.sender] = safeSub(allowed[from][msg.sender], tokens);
balances[to] = safeAdd(balances[to], tokens);
emit Transfer(from, to, tokens);
return true;
}
Do not allow transfers to 0x0 addresss and implement a burn function for better event handling and to avoiding token loss.
- It is possible to double withdrawal attack. More details here
- Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here
Add the following code to the transfer(_to address, ...) function:
require( _to != address(this) );
The audite contract is safe for deployement.