Skip to content

Instantly share code, notes, and snippets.

@danbogd

danbogd/Authpaper_audit_report.md

Created December 7, 2018 07:01
Show Gist options
  • Save danbogd/21828f2e63d3056859548c290f540e31 to your computer and use it in GitHub Desktop.
Save danbogd/21828f2e63d3056859548c290f540e31 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Authpaper_audit_report.md

Authpaper Audit Report.

1. Summary

This document is a security audit report performed by danbogd, where Authpaper has been reviewed.

2. In scope

  • AUPC.sol github commit hash 335da0c78c7d1b66d2b7f10dea4d3c113bf3c008.

3. Findings

In total,3 issues were reported including:

  • 2 low severity issues.
  • 1 minor observation

No critical security issues were found.

3.1. Known vulnerabilities of ERC-20 token

Severity: low

Description

  1. It is possible to double withdrawal attack. More details here.

  2. Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.

3.2. ERC20 Compliance.

Severity: low

Description

Accroding to ERC20 standard, when initializing a token contract if any token value is set to any given address a transfer event should be emited.

3.3. Consider using latest version of solidity.

Severity: minor observation

Description

The contracts use solidity version 0.4.16. It is suggested to use the latest version and fix all compiler warnings that arise.

4. Conclusion

No critical vulnerabilities were detected,but we highly recommend to complete this bugs before use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment