Quantstamp Smart Contract Audit Report
Quantstamp Score
Warning, vulnerabilities detected
+14
ASF
+-3
TID
+-3
TOD
+-3
SDC
+-3
REE
17
Total
CrowdsaleToken
0xebe4a49df7885d015329c919bf43e6460a858f1e Submitted by isaac
Smart Contract Audit Report
2018-08-02 Quantstamp version 0.1
What you are looking at and why it matters.

This report lists the potential vulnerabilities found in the smart contract you submitted as well as any library contracts it called. We also give hints to the developer about how to write better contracts. To the extent that that any software or components in the library contracts are subject to open source or other third party license terms, you are responsible for reviewing and determining compliance with such terms.

Our mission at Quantstamp is to give you the knowledge and power over your own security. By creating automated tools and allowing you to release the reports to the public, we hope to give you the tools to protect the projects you care about, and ask good questions.

This report is our first iteration out of many, feedback is appreciated.

CrowdsaleToken

0xebe4a49df7885d015329c919bf43e6460a858f1e
Completed on 2018-08-02 | Quantstamp version 0.1

7 contracts were audited

17 warnings were detected across 1 vulnerability


How to read this report (PDF)

Vulnerability Review

Number of warnings

A critical flaw where one contract exploits the execution state of another contract. Overall Severity: Critical

Is this smart contract at risk?

Critical in all cases because reentrancy takes little skill to exploit once discovered by an attacker. It is relatively prevalent in smart contracts.

A flaw in how a library contract delegates its functions to smart contracts that invoke it. Overall Severity: Critical

Is this smart contract at risk?

Critical in all cases because it jeopardizes not only the library contract but every contract that calls it. It may allow ownership to transfer to an unknown person, or permit a similarly catastophic exploit.

An uncommon flaw that allows a miner to manipulate a transaction's output by its timestamp. Overall Severity: Low

Is this smart contract at risk?

Critical in cases where value is transferred by a function that depends on the results of another function. Examples: decentralized exchanges, games or contests.

Medium to Low in cases that do not involve transferring value. May negatively impact people who feel cheated even without staking.

A bug that changes the result of a transaction depending on when it executes within a block. Overall Severity: Medium

Is this smart contract at risk?

Critical in the unlikely case that a timestamp triggers a critical operation such as transferring value.

Low in all other cases. Found very rarely in published contracts.

An indication that another, potentially critical flaw occurred upstream. Overall Severity: Medium

Is this smart contract at risk?

Medium to Critical in all cases. An assertion failure warrants attention because it signals the smart contract may have other, more critical vulnerabilities.

  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: a = 0 b = 1
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: a = 1 b = 115792089237316195423570985008687907853269984665640564039457584007913129639935
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: value = 115792089237316195423570985008687907853269984665640564039457584007913129639935 totalSupply = 115792089237316195423570985008687907853269984665640564039457584007913129639934 balances = 115792089237316195423570985008687907853269984665640564039457584007913129639935 totalUpgraded = 115792089237316195423570985008687907853269984665640564039457584007913129639935 upgradeAgent = 1461501637330902918203684832716283019655932542975
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: value = 53821470925654293804584836994976222826831830672723930112106168805817558368251 totalUpgraded = 104473442578719370260521105416346750194196177199412398972487952819982540865531 totalSupply = 53821470925654293804584836994976222826831830672723930112106168805817558368251 balances = 53821470925654293804584836994976222826831830672723930112106168805817558368251 upgradeAgent = 1461501637330902918203684832716283019655932542975
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: a = 0 b = 1
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: totalSupply = 1 amount = 115792089237316195423570985008687907853269984665640564039457584007913129639935 mintingFinished = 0 mintAgents = 255
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: a = 0 b = 1
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: requireCustomerId = 0 tokenAmountOf = 115453297822401953588809216214273298100959382352094751766509824960617443753984 investedAmountOf = 115792089237316195423570985008687907853269984665640564039457584007913129639935 earlyParticipantWhitelist = 255 startsAt = 1 finalizeAgent = 1461501637330902918203684832716283019655932542975 halted = 0
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: a = 0 b = 1
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: a = 1 b = 115792089237316195423570985008687907853269984665640564039457584007913129639935
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: value = 115792089237316195423570985008687907853269984665640564039457584007913129639935 totalSupply = 115792089237316195423570985008687907853269984665640564039457584007913129639934 balances = 115792089237316195423570985008687907853269984665640564039457584007913129639935 totalUpgraded = 115792089237316195423570985008687907853269984665640564039457584007913129639935 upgradeAgent = 1461501637330902918203684832716283019655932542975 released = 372682917519380244141939632342652170012262798458880
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: totalSupply = 1 amount = 115792089237316195423570985008687907853269984665640564039457584007913129639935 mintingFinished = 0 mintAgents = 255
  • Found in line 17
    17:5: Warning: Assertion Failure. assert(c>=a) Assertion violates when: a = 1 b = 115792089237316195423570985008687907853269984665640564039457584007913129639935
  • Found in line 11
    11:5: Warning: Assertion Failure. assert(b <= a) Assertion violates when: a = 0 b = 1
  • Found in line 1409
    1409:12: Warning: Assertion Failure. return safeMul(value, multiplier) Assertion violates when: weiRaised = 0 tranches = 1 tranches = 0 tranches = 0 tranches = 0 tranches = 0 tranches = 0 tranches = 0 value = 0 preicoAddresses = 0
  • Found in line 1367
    1367:12: Warning: Assertion Failure. return getLastTranche() Assertion violates when: trancheCount = 11
  • Found in line 1394
    1394:12: Warning: Assertion Failure. return getCurrentTranche(weiRaised) Assertion violates when: weiRaised = 0 tranches = 1 preicoAddresses = 0
What you are looking at and why it matters.

This report lists the potential vulnerabilities found in the smart contract you submitted as well as any library contracts it called. We also give hints to the developer about how to write better contracts. To the extent that that any software or components in the library contracts are subject to open source or other third party license terms, you are responsible for reviewing and determining compliance with such terms.

Our mission at Quantstamp is to give you the knowledge and power over your own security. By creating automated tools and allowing you to release the reports to the public, we hope to give you the tools to protect the projects you care about, and ask good questions.

This report is our first iteration out of many, feedback is appreciated.