Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ETH_Atomz_ERC20_security_audit_report.md Secret

Forked from gorbunovperm/ETH_Atomz_ERC20_security_audit_report.md
Created September 25, 2018 08:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yuriy77k/5a14fc9dbc29c1129c4517bbf9bf5162 to your computer and use it in GitHub Desktop.
Save yuriy77k/5a14fc9dbc29c1129c4517bbf9bf5162 to your computer and use it in GitHub Desktop.
Download ZIP
Ethereum Atomz ERC20 token.
Raw
ETH_Atomz_ERC20_security_audit_report.md

Atomz Ethereum ERC-20 token security audit report

Summary

This is the report from a security audit performed on AtomzToken by gorbunovperm.

"Hey! We released an ERC20 token on the Ethereum Blockchain... The contract was developed with Open-Zeppelin, but we want to make sure that all the code is good and will work well when there are more users using it! The token is already deployed on the blockchain and can be found in Etherscan... I see we didn't have the ownable function, but that wasn't instructed for the type of contract we are creating... This is why we need verification!"

In scope

  1. Atomz.sol

Findings

In total, 1 issues were reported including:

  • 0 high severity issue.

  • 0 medium severity issues.

  • 1 low severity issues.

  • 0 minor observations.

Security issues

1. Known vulnerabilities of ERC-20 token

Severity: low

Code snippet

Description

  1. It is possible to double withdrawal attack. More details here
  2. Lack of transaction handling mechanism issue. More details here

Recommendation

  1. The approval of a new amount must be made only when allowance is 0.

Conclusion

This contract hasn't serious security issues and can be deployed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment