Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ETH_FCK_report.md Secret

Forked from MrCrambo/ETH_FCK_report.md
Created May 5, 2019 15:05
Show Gist options
  • Save yuriy77k/c43197dab70c1856d949cda36398bb8a to your computer and use it in GitHub Desktop.
Save yuriy77k/c43197dab70c1856d949cda36398bb8a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ETH_FCK_report.md

Summary

This is the report from a security audit performed on FCK by MrCrambo.

The audit focused primarily on the security of FCK smart contract.

In scope

  1. https://github.com/FCKOfficial/FCK-contracts/blob/master/dice/fck.com%20Sol

Findings

In total, 3 issues were reported including:

  • 0 high severity issues.

  • 0 medium severity issues.

  • 1 owner privilegies issues.

  • 1 low severity issues.

  • 1 note.

Security issues

1. Zero address checking required

Severity: low

Description

In constructor, setCroupier, setSecretSigner and sendFunds there are zero address checking required.

2. Owner privilegies

Severity: owner privilegies

Description

Owner can change maxProfit and jackpotSize any time he wants.

3. Extra checking

Severity: note

Description

In function withdrawFunds there is extra checking at line 184, this condition will be checked at line 185 again.

Conclusion

Smart contract contains only low severity issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment