Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?

Projecton Token Audit Report.

1. Summary

This document is a security audit report performed by RideSolo, where Projecton Token has been reviewed.

Token desription:

Symbol      : XN35
Name        : Projecton
Total supply: 100,000,000
Decimals    : 18
Standard    : ERC20

2. In scope

  • LICENSE github commit hash fed7803c48d517f5aee9d787e54d3bebf3106d44.

3. Findings

2 issues were reported:

  • 2 low severity issues.

3.1. Transfer to 0x0 Address

Severity: low

Description

transfer & transferFrom function allow transfer to 0x0 address.

Code snippet

https://github.com/Projecton13/XN35_Standard_Tokens/blob/master/LICENSE#L82

https://github.com/Projecton13/XN35_Standard_Tokens/blob/master/LICENSE#L94

Recommendation

Add require(_to != address(0));

3.2. Known vulnerabilities of ERC-20 token

Severity: low

Description

  1. It is possible to double withdrawal attack. More details here
  2. Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here

Recommendation

Add into a function transfer(address _to, ... ) following code:

require( _to != address(this) );

4. Conclusion

The contract can be deployed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment