This is the report from a security audit performed on Magicchain by MrCrambo.
The audit focused primarily on the security of Magicchain smart contract.
In total, 2 issues was reported including:
-
0 high severity issues.
-
1 medium severity issues.
-
1 low severity issues.
There should be in total 2 * _inititalSupply
tokens, where only half of them freezed. But in function unfreezed
there is comparing unfreezed amount with _totalSupplyLimit
instead of camparing with only half of _totalSupplyLimit
. And because of this there is possibility of unfreezing two times more tokens.
Change the unfreezed
function as below
function unfreezed() view public returns(uint) {
uint u = block.number.sub(_firstBlock).mul(_unfreezeTokensPerBlock);
if(u > _initialSupply) {
u = _initialSupply;
}
return u;
}
- It is possible to double withdrawal attack. More details here
- Lack of transaction handling mechanism issue. More details here
Add into a function transfer(address _to, ... )
following code:
require( _to != address(this) );
Smart contract contains medium severity issue.