This document is a security audit report performed by danbogd, where Maximine Coin has been reviewed.
Сommit hash .
In total, 4 issues were reported including:
- 0 medium severity issues
- 3 low severity issues
- 1 owner privileges (ability of owner to manipulate contract, may be risky for investors)..
- 0 notes.
No critical security issues were found.
An event isn't emited when assigning the initial supply to the msg.sender.
Line 41.
balanceOf[msg.sender] = totalSupply;
-
It is possible to double withdrawal attack. More details here.
-
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Add into a function transfer(address _to, ... ) following code:
require( _to != address(this) );
Contract owner allow himself to:
-block/unblock transfer operations of any user.
Line 86.
function ban(address addr) public {
require(msg.sender == admin);
blacklist[addr] = true;
}
Incoming _spender addresses should be checked for an empty value(0x0 address) to avoid loss of funds or blocking some functionality.
Line: 126.
function approve(address _spender, uint256 _value) public
returns (bool success) {
require(!blacklist[msg.sender]);
allowance[msg.sender][_spender] = _value;
return true;
}
The review did not show any critical issues, some of low severity issues were found.