This document is a security audit report performed by danbogd, where Genesis Vision has been reviewed.
Сommit hash 4eca90915580f209e86db8270c4f53d6e645712b.
In total, 6 issues were reported including:
- 0 medium severity issues
- 4 low severity issues
- 1 owner privileges (ability of owner to manipulate contract, may be risky for investors)..
- 1 notes.
No critical security issues were found.
-
It is possible to double withdrawal attack. More details here.
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Add into a function transfer(address _to, ... ) following code:
require( _to != address(this) );
Contract owner allow himself to:
change TotalSupply here.
It is possible to remain out of contract control by accidentally calling function without parameter.
https://github.com/GenesisVision/platform-contracts/blob/4eca90915580f209e86db8270c4f53d6e645712b/contracts/GenesisVisionPlatform.sol#L39 https://github.com/GenesisVision/platform-contracts/blob/4eca90915580f209e86db8270c4f53d6e645712b/contracts/TradingHistoryStorage.sol#L30
In ManagerToken.sol, according to the ERC20 standard, the variable decimals should be declared as uint8.
According to ERC20 standard, when initializing a token contract if any token value is set to any given address a transfer event should be emitted.
In the ManagerToken.sol, the developers didn't use SafeMath to prevent overflow by the owner.
The review did not show any critical issues, some low severity issues were found.