This is the report from a security audit performed on Gigzi smart contract (ETH) by alexo18. The audit focused primarily on the security of funds and fault tolerance of the Gigzi contract. The main intention of this contract is to serve as token ecosystem.
FeeableToken.sol
GigBlack.sol
GigCrowdsale.sol
GigGold.sol
GigSilver.sol
GigPlatinum.sol
Migrations.sol
MessageHelper.sol
In total, 2 issues were reported including:
- 2 low severity issues.
The 'setTxFeeCollector' function not update the 'accountReserved[]' with new fee collector address, moreover, the function does not remove last collector address from the array.
https://github.com/GigziProject/GigziContracts/blob/master/contracts/FeeableToken.sol#L69
ERC20 Tokens have some well-known issues (listed bellow), This is just a reminder for the contract developers.
- Approve + transferFrom mechanism allows double Withdrawal attack (as commented on the contract).
- Lack of transaction handling.
No critical vulnerabilities were detected.This contract can be considered safe to be deployed.