Quantstamp Smart Contract Audit Report
Quantstamp Score
Warning, vulnerabilities detected
+5
ASF
+-3
TID
+-3
TOD
+-3
SDC
+-3
REE
8
Total
DecisionToken
0x554c20b7c486beee439277b4540a434566dc4c02 Submitted by isaac
Smart Contract Audit Report
2018-08-03 Quantstamp version 0.1
What you are looking at and why it matters.

This report lists the potential vulnerabilities found in the smart contract you submitted as well as any library contracts it called. We also give hints to the developer about how to write better contracts. To the extent that that any software or components in the library contracts are subject to open source or other third party license terms, you are responsible for reviewing and determining compliance with such terms.

Our mission at Quantstamp is to give you the knowledge and power over your own security. By creating automated tools and allowing you to release the reports to the public, we hope to give you the tools to protect the projects you care about, and ask good questions.

This report is our first iteration out of many, feedback is appreciated.

DecisionToken

0x554c20b7c486beee439277b4540a434566dc4c02
Completed on 2018-08-03 | Quantstamp version 0.1

4 contracts were audited

8 warnings were detected across 1 vulnerability


How to read this report (PDF)

Vulnerability Review

Number of warnings

A critical flaw where one contract exploits the execution state of another contract. Overall Severity: Critical

Is this smart contract at risk?

Critical in all cases because reentrancy takes little skill to exploit once discovered by an attacker. It is relatively prevalent in smart contracts.

A flaw in how a library contract delegates its functions to smart contracts that invoke it. Overall Severity: Critical

Is this smart contract at risk?

Critical in all cases because it jeopardizes not only the library contract but every contract that calls it. It may allow ownership to transfer to an unknown person, or permit a similarly catastophic exploit.

An uncommon flaw that allows a miner to manipulate a transaction's output by its timestamp. Overall Severity: Low

Is this smart contract at risk?

Critical in cases where value is transferred by a function that depends on the results of another function. Examples: decentralized exchanges, games or contests.

Medium to Low in cases that do not involve transferring value. May negatively impact people who feel cheated even without staking.

A bug that changes the result of a transaction depending on when it executes within a block. Overall Severity: Medium

Is this smart contract at risk?

Critical in the unlikely case that a timestamp triggers a critical operation such as transferring value.

Low in all other cases. Found very rarely in published contracts.

An indication that another, potentially critical flaw occurred upstream. Overall Severity: Medium

Is this smart contract at risk?

Medium to Critical in all cases. An assertion failure warrants attention because it signals the smart contract may have other, more critical vulnerabilities.

  • Found in line 29
    29:5: Warning: Assertion Failure. assert(c >= a) Assertion violates when: _value = 57938452453005874615280298637860938028508748633530783054289495821861177524225 balances = 66856184261385214108408597654402785422430169472278770250914080072048199204049 balances = 57938452453005874615280298637860938028508748633530783054289495821861177524225 _to = 1461501637330902918203684832716283019655932542975
  • Found in line 23
    23:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: balances = 0 _value = 1 _to = 1461501637330902918203684832716283019655932542975
  • Found in line 29
    29:5: Warning: Assertion Failure. assert(c >= a) Assertion violates when: owner = 0 totalSupply = 1 _amount = 115792089237316195423570985008687907853269984665640564039457584007913129639935
  • Found in line 23
    23:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: balances = 0 _value = 1 _to = 1461501637330902918203684832716283019655932542975 triggerTime = 0
  • Found in line 29
    29:5: Warning: Assertion Failure. assert(c >= a) Assertion violates when: balances = 66856184261385214108408597654402785422430169472278770250914080072048199204049 _value = 57938452453005874615280298637860938028508748633530783054289495821861177524225 balances = 57938452453005874615280298637860938028508748633530783054289495821861177524225 _to = 1461501637330902918203684832716283019655932542975
  • Found in line 23
    23:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: balances = 4508769347782401458705517025387897205596078271950785851734831520149395176954 _value = 78688076515438089151930679296578588174097162198376772189512346275218743852540 allowed = 78688076515438089151930679296578588174097162198376772189512346275218743852539 balances = 78688076515438089151930679296578588174097162198376772189512346275218743852540 _to = 1461501637330902918203684832716283019655932542975
  • Found in line 29
    29:5: Warning: Assertion Failure. assert(c >= a) Assertion violates when: balances = 66856184261385214108408597654402785422430169472278770250914080072048199204049 _value = 57938452453005874615280298637860938028508748633530783054289495821861177524225 balances = 57938452453005874615280298637860938028508748633530783054289495821861177524225 _to = 1461501637330902918203684832716283019655932542975
  • Found in line 23
    23:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: balances = 4508769347782401458705517025387897205596078271950785851734831520149395176954 _value = 78688076515438089151930679296578588174097162198376772189512346275218743852540 allowed = 78688076515438089151930679296578588174097162198376772189512346275218743852539 balances = 78688076515438089151930679296578588174097162198376772189512346275218743852540 _to = 1461501637330902918203684832716283019655932542975
What you are looking at and why it matters.

This report lists the potential vulnerabilities found in the smart contract you submitted as well as any library contracts it called. We also give hints to the developer about how to write better contracts. To the extent that that any software or components in the library contracts are subject to open source or other third party license terms, you are responsible for reviewing and determining compliance with such terms.

Our mission at Quantstamp is to give you the knowledge and power over your own security. By creating automated tools and allowing you to release the reports to the public, we hope to give you the tools to protect the projects you care about, and ask good questions.

This report is our first iteration out of many, feedback is appreciated.