Skip to content

Instantly share code, notes, and snippets.

@danbogd

danbogd/ETH_cryptomillions.io v.2 audit report.md

Created August 31, 2019 07:43
Show Gist options
  • Save danbogd/b06b856adc73e506604ae2e1520605a6 to your computer and use it in GitHub Desktop.
Save danbogd/b06b856adc73e506604ae2e1520605a6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ETH_cryptomillions.io v.2 audit report.md

cryptomillions.io v.2 audit report.

1. Summary

This document is a security audit report performed by danbogd, where cryptomillions.io v.2 has been reviewed.

2. In scope

Сommit hash f13d70bae67dc5570a7a95816609a36ada80877b.

3. Findings

In total, 1 issues were reported including:

  • 0 medium severity issues
  • 1 low severity issues
  • 0 owner privileges (ability of owner to manipulate contract, may be risky for investors).
  • 0 notes.

No critical security issues were found.

3.1. Decrease Allowance

Severity: low

Description

decreaseAllowance throw in case if the value to be substracted is higher than the amount that is allowed, if the address owner wants to change the value allowed by reducing it and the spender withdraw a part of it before, the function might throw and give more chances for the spender to take the rest of the allowed value.

The value should be set to zero if the value to be subtracted is higher than the allowance.

Code snippet

4. Conclusion

The review did not show any critical issues, some of low severity issue was found.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment