ConsenSys MultiSigWallet security audit report performed by Callisto Security Audit Department
No critical issue, bug fixing is necessary. It is highly recommended to complete a bug bounty before use.
getTransactionIdsfunction return wrong result.
https://gist.github.com/RideSolo/efb8638625069b1f6e7ef9a54e7bcb46
https://gist.github.com/gorbunovperm/651fa4f1440eeedc0b906edaf7878358
https://gist.github.com/alexo18/6dca5191096ca1cd6b3a06f4359a1eab
https://gist.github.com/MrCrambo/a230677041444d7a563d8983d2ec21fa
Notes regarding the https://gist.github.com/yuriy77k/c6cb9dd084c0441ab2cec9f2acafd9e9 report.
- Ownership Managment fully corresponds to its purpose. If, for example, required 4 out of 5 signatures is established, then the use of the voting system you propose, security will automatically go down to 3 out of 5. Losing money when lose secret key is common problem for cryptocurrency. This is not a security issue.
Yor report is fine.
Notes regarding the https://gist.github.com/yuriy77k/98940814d0919d59bcf973da4b71dc10 report.
Yor report is fine.
Notes regarding the https://gist.github.com/yuriy77k/23f40a008aa26c30ddfd08f36f3320a1 report.
-
The uint is unsigned type and can't be negative.
-
Gas consumption in not security issue.
Notes regarding the https://gist.github.com/yuriy77k/5e6348abd2399024768e51157bae33e6 report.
-
Integer over-/under- flow is NOT possible in the specified places. You do not need to change all mathematical operations to SafeMath. This will lead to an increased gas consumption. You must analyze each specific situation. This is not a security issue.
-
Function
isConfirmedworks fine. In solidity, the default value is 'zero', for uint is 0, bool is false. This is not a security issue. -
[Using require instead of if throw] is not a security issue. It's minor observation.
You need to study the smart-contract more thoroughly. Analyze the reports of other auditors.