Zilliqa Token smart contract security audit report performed by Callisto Security Audit Department
Token desription:
Symbol : ZIL
Name : Zilliqa
Total supply: To be set in the construction phase
Decimals : 12
Standard : ERC20
In total, 3 issues were reported including:
- 3 low severity issues.
No critical security issues were found.
-
It is possible to double withdrawal attack. More details here.
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Add the following code to the transfer(_to address, ...)
function:
require( _to != address(this) );
Possibility of setting zero address as newAdnin
at changeAdmin
function.
Need to check if newOwner address is not zero address.
require( newAdmin != address(0) );
The contract owner allow himself:
- to pause functions of contract (transfer, transferFrom, approve, increaseApproval, decreaseApproval), besides burn function;
- Evacuate Tokens at any time.
The contract is managed manually by the owner which is not good for investors.
The audited smart contract can be deployed. Only low severity issues were found during the audit.
https://gist.github.com/yuriy77k/8a4e69ad1ae46a818982b0dbc5627a1a
https://gist.github.com/yuriy77k/4b4dbfbd3ce5ba84eb0b7364dd608c74
https://gist.github.com/yuriy77k/7facb589523c03d64f09be1ba8b11614