Victor Tran tranvictor

In the dates of June 20th 2017 to June 30th 2017, CoinDash engaged Yaron Velner and Victor Tran from the SmartPool team to perform security audit for their ICO contracts. The audited contracts currently resides in CoinDash private repository. The audited code was timestamped with the hash 0b8fc008894dddc60d1233b84d877b5a76473d32 in the CoinDash repository.

Terminology

This audit uses the following terminology. Note that we only rank the likelihood, impact and $Severity$ for bug/security-related issues.

init.vim and settings.vim go under ~/.config/nvim Follow the installation instructions for https://github.com/junegunn/vim-plug and place plug.vim in ~/.config/nvim/autoload

	victor@Vus-MacBook-Pro ~/Dropbox/Project/audit-coindash/ver3 (dev●)$ truffle test [ruby-2.0.0p648]
	Compiling ./contracts/CDTMultiSigWallet.sol...
	Compiling ./contracts/CDTToken.sol...
	Compiling ./contracts/Contribution.sol...
	Compiling ./contracts/Migrations.sol...
	Compiling ./contracts/zeppelin-solidity/contracts/Bounty.sol...
	Compiling ./contracts/zeppelin-solidity/contracts/DayLimit.sol...
	Compiling ./contracts/zeppelin-solidity/contracts/LimitBalance.sol...
	Compiling ./contracts/zeppelin-solidity/contracts/MultisigWallet.sol...
	Compiling ./contracts/zeppelin-solidity/contracts/ReentrancyGuard.sol...

	sync(ethereum, callback) {
	var promise
	promise = new Promise((resolve, reject) => {
	const acc = this.shallowClone()
	ethereum.getBalance(acc.address, (balance) => {
	acc.balance = balance
	resolve(acc)
	})
	})

	-bash: ./smartpool: No such file or directory
	nohup: ignoring input
	SmartPool is in Hot-Stop mode: It will exit immediately if the contract returns errors.
	Loaded 153 works from last session.
	Using miner address: 0xa837c07c0fa74df46e3759e14cb7647480e84ec0
	Connected to Ethereum node: Parity//v1.6.8-beta-c396229-20170608/x86_64-linux-gnu/rustc1.17.0
	Couldn't read your passphrase file. Abort!
	nohup: ignoring input
	SmartPool is in Hot-Stop mode: It will exit immediately if the contract returns errors.
	Loaded 153 works from last session.

	rejected = User.where(approval: 'rejected').count
	(15.6ms) SELECT COUNT(*) FROM "users" WHERE "users"."approval" = $1 [["approval", "rejected"]]
	=> 630
	2.4.1 :054 > rejected_by_artemis = User.where(approval: 'rejected', artemis_approval: 'rejected').count
	(15.2ms) SELECT COUNT(*) FROM "users" WHERE "users"."approval" = $1 AND "users"."artemis_approval" = $2 [["approval", "rejected"], ["artemis_approval", "rejected"]]
	=> 220
	2.4.1 :055 > rejected_not_by_artemis = User.where(approval: 'rejected').where.not(artemis_approval: 'rejected').count
	(19.2ms) SELECT COUNT(*) FROM "users" WHERE "users"."approval" = $1 AND ("users"."artemis_approval" != $2) [["approval", "rejected"], ["artemis_approval", "rejected"]]
	=> 387
	2.4.1 :056 > rejected_by_manual_check = User.where(approval: 'rejected', admin_approval: ['hard_reject', 'soft_reject']).count

	Total accounts: 27410
	Not activated: 1706
	\|__ Code sent: 1690
	\|__ Code was not sent: 16
	=> error check: Passed
	Activated: 25704
	\|__ Pending accounts: 11280
	\| \|__ waiting for artemis approval: 1923
	\| \|__ waiting for staff approval: 8560
	\| \|__ waiting for admin approval: 797

	==============================
	Total accounts: 28971
	Not activated: 1629
	\|__ Code sent: 1629
	\|__ Code was not sent: 0
	=> error check: Passed
	Activated: 27342
	\|__ Pending accounts: 11235
	\| \|__ waiting for artemis approval: 1529
	\| \|__ waiting for staff approval: 9236

	==============================
	Total accounts: 30346
	Not activated: 1540
	\|__ Code sent: 1539
	\|__ Code was not sent: 1
	=> error check: Passed
	Activated: 28806
	\|__ Pending accounts: 9417
	\| \|__ waiting for artemis approval: 804
	\| \|__ waiting for staff approval: 8567

	==============================
	Total accounts: 30963
	Not activated: 1538
	\|__ Code sent: 1535
	\|__ Code was not sent: 3
	=> error check: Passed
	Activated: 29425
	\|__ Pending accounts: 6909
	\| \|__ waiting for artemis approval: 544
	\| \|__ waiting for staff approval: 6322