Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ETH_mHealthCoin.md

Created December 28, 2018 20:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yuriy77k/f6845048285846609b9307734eebfcae to your computer and use it in GitHub Desktop.
Save yuriy77k/f6845048285846609b9307734eebfcae to your computer and use it in GitHub Desktop.
Download ZIP
MHEC Token Audit Report.
Raw
ETH_mHealthCoin.md

1. Summary

mHealthCoin smart contract security audit report performed by Callisto Security Audit Department

2. In scope

  • MHEC.sol github commit hash f5db9bbd271c01ddcdacc5e49e8e865dfc6530cb.

3. Findings

In total, 2 issues were reported including:

  • 1 low severity issues.

  • 1 minor observation.

No critical security issues were found.

3.1. Known vulnerabilities of ERC-20 token

Severity: low

Description

  1. It is possible to double withdrawal attack. More details here
  2. Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here

3.2. Non-Emitted Event

Severity: minor

Description

Transfer event should be emitted in the constructor after assigning the totalSupply to the msg.sender.

Code snippet

https://github.com/mhealthcoin-ICO/MHEC-token/blob/master/MHEC.sol#L31#L40

4. Conclusion

The audited contract is safe.

5. Revealing audit reports

https://gist.github.com/yuriy77k/b916f45412ae41b0c21e22ea82ed6010

https://gist.github.com/yuriy77k/f753234330caec804ec4a04bad757e49

https://gist.github.com/yuriy77k/dd73aac1a3413e46dc488c891a53c48f

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment