Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/Projecton.md Secret

Forked from MrCrambo/Projecton.md
Created Mar 11, 2019
Embed
What would you like to do?

Summary

This is the report from a security audit performed on Projecton by MrCrambo.

The audit focused primarily on the security of Projecton smart contract.

In scope

  1. https://github.com/Projecton13/XN35_Standard_Tokens/blob/master/LICENSE

Findings

In total, 2 issues was reported including:

  • 0 high severity issues.

  • 0 medium severity issues.

  • 2 low severity issues.

1. Zero address transfer

Severity: low

Description

In functions transferOwnership, transfer and transferFrom there are possibility of passed address being zero address.

Recommendation

Add zero address checking.

2. Known vulnerabilities of ERC-20 token

Severity: low

Description

  1. It is possible to double withdrawal attack. More details here
  2. Lack of transaction handling mechanism issue. More details here

Recommendation

Add into a function transfer(address _to, ... ) following code:

require( _to != address(this) );

Conclusion

Smart contract contains only low severity issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment