NatminToken Smart Contract audit report.
This is the report from a security audit performed on NatminToken by MrCrambo.
The audit focused primarily on the security of NatminToken Smart Contract.
In total, ** 4 issue** were reported including:
-
0 high severity issues.
-
3 medium severity issues.
-
1 low severity issues.
In functions transferToAddress
and transferFrom
there are no checking for zero address sending.
Add zero address checking before sending for protecting user from sending his money to zero address.
rquire(_to != address(0));
In case the user wants to change the approved amount an double-spend attack is possible.
Can be reviewed here. Add increaseApproval
and decreaseApproval
functions.
Owner of the contract can _burn
tokens from any address, that means all users have the risk to lose their tokens.
The logic of burning should be changed. Owner should be able to burn his own tokens all approved amount of tokens.
Owner can end vesting earier than it should end.
Vesting time should not be ended manually earlier.
No critical vulnerabilities were detected,but we highly recommend to complete other bugs before use.