yuriy77k/VANMtoken_audit_report.md Secret

## VANMtoken_audit_report.md

      
    Raw
  

              VANMtoken_audit_report.md
            
          
    VANM token audit report.

1. Summary

This document is a security audit report performed by danbogd, where VANM token has been reviewed.
2. In scope


VANMToken.sol github commit hash 1c0995c827b200c76e90efe3a809096a71251581.

3. Findings

In total,3 issues were reported including:

2 low severity issues.
1 minor observation

No critical security issues were found.
3.1. Known vulnerabilities of ERC-20 token

Severity: low

Description


It is possible to double withdrawal attack. More details here.


Lack of transaction handling mechanism issue. WARNING!  This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.


3.2. Extra checking.

Severity: low

Description

Extra checking in 279, 294-295 lines. SafeMath library checks it anyway.
Code snippet

https://github.com/VANMofficial/Token-Sale/blob/1c0995c827b200c76e90efe3a809096a71251581/VANMToken.sol#L279
https://github.com/VANMofficial/Token-Sale/blob/1c0995c827b200c76e90efe3a809096a71251581/VANMToken.sol#L294-L295
Recommendation

Those lines may be deleted.
3.3. Deprecated method.

Severity: minor observation

Description

The function () payable { revert(); } was a pattern used to prevent implicit acceptance of ether in Solidity versions older than 0.4.0, but today this is unneeded.
4. Conclusion

No critical vulnerabilities were detected,but we highly recommend to complete this bugs before use.