Skip to content

Instantly share code, notes, and snippets.

View furusiyya's full-sized avatar

Muhammad Bilal Arif furusiyya

  • Alphabase | Zaplead
  • Santa Clara, California, 95050
View GitHub Profile
pragma solidity ^0.4.24;
library SafeMath {
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
uint256 c = a * b;

Keybase proof

I hereby claim:

  • I am furusiyya on github.
  • I am furusiyya (https://keybase.io/furusiyya) on keybase.
  • I have a public key whose fingerprint is 120E 08FA 2522 9838 9035 9A42 B0DA 2375 423B F62D

To claim this, I am signing this object:

0x00 0 STOP
0x01 3 ADD
0x02 5 MUL
0x03 3 SUB
0x04 5 DIV
0x05 5 SDIV
0x06 5 MOD
0x07 5 SMOD
0x08 8 ADDMOD
0x09 8 MULMOD

Some changes have been made in result of first audit. Following points mentioned in previous audit report are still need to be addressed.

7.3. Unresolved, Low: Use of throw

7.4. Unresolved, Low: Possible, Code is subjected to gas optimization.

7.6. Unresolved, Low: Possible, Redundent Code

7.10. Unresolved, Medium: No use of visibility of visibility modifiers

7.11. Unresolved, Medium: Lack of Sanity Checks

This issue doesn't exist in previous version.

1.0. Bad Inheritance

DragonLock.sol

/**
* MultiSig.sol v1.0.0
*
* Bilal Arif - https://twitter.com/furusiyya_
* Block360
*/
pragma solidity 0.4.18;

Audit

Files imported from OpenZeppelin are not audited. In the audit OpenZeppelin latest commit 99f3e26f83f4628246b48c8b3afa5bb3958f5224 is considered. Only Coin.sol is audited.

2. High Severity

  • Token minting is only allowed to owner so contract is centralized and not compliant to escrow standards.
  • No unit test are provided which is a big red flag. I will recommend to write unit test and use of truffle.

3. Medium Severity Issue

  1. Check that destination of token transfers is not 0x0
  • Rate of Occurrence: Low
pragma solidity ^0.4.13;
contract ERC20Basic {
uint256 public totalSupply;
function balanceOf(address who) constant returns (uint256);
function transfer(address to, uint256 value) returns (bool);
event Transfer(address indexed from, address indexed to, uint256 value);
}
contract ERC20 is ERC20Basic {

Specifications of a contract

  • A flat pricing with ETH: USD - $0.02 per token (50 tokens to 1 USD)
  • Coin rate should be $0.02 (can just use the live feed from www.oraclize.it or similar)
  • Token supply: 1 billion, selling 150 million e.g. $3M cap.
  • Token: 8 decimals
  • Multisig wallet for the proceeds, as per gnosis (as that doesn't seem to have had any issues vs. parity)
  • Ensure tokens are reserved and allocated by a certain date when they unlock to subscribers
  • No ETH cap: Anyone can buy as many tokens as they like until all tokens are sold
  • Sale ends when 150m tokens (out of 1bn) allocated to contract run out or a certain date is reached
  • Ideally the smart contract should verify in etherscan and fit into the token tracker

You have to create a smart contract in solidity language and deploy it on ethereum testnet. Smart contract will represent an ERC20 token that have only one function used for transferring tokens. Solidity: https://solidity.readthedocs.io

Verifying that "furusiyya.id" is my Blockstack ID. https://onename.com/furusiyya