SelfKey audit report.
2. In scope
Сommit hash f7163d55b2bac2d9b9e575ae35660c453ff32e42.
In total, 3 issues were reported including:
- 0 medium severity issues
- 3 low severity issues
- 0 owner privileges (ability of owner to manipulate contract, may be risky for investors)..
- 0 notes.
No critical security issues were found.
3.1. Non-initialized return value
Function doesn't initialize return value.If you don't need the return value of the function, do not specify returns in function signature.
3.2. Known vulnerabilities of ERC-20 token
It is possible to double withdrawal attack. More details here.
Add into a function
transfer(address _to, ... ) following code:
require( _to != address(this) );
3.3. No checking for zero address
In this functions there are no checking for zero address.
The review did not show any critical issues, some of low severity issues were found.