Closed SerecThunderson closed 3 years ago
yuriy77k
commented
3 years ago @SerecThunderson The audit fee is 672 USDT. You may send USDT (ERC20 or BEP20) to: 0xb9662e592f2f0412be62f0833ca463a9b1aabebb or USDT (TRC20) to: TBzUKbek9AYVBwf91ykh3KY4Ushk95SCiB
The estimated auditing time - 5 days after payment.
SerecThunderson
commented
3 years ago SerecThunderson
commented
3 years ago Thank you kindly for the service.
yuriy77k
commented
3 years ago SHUSKY smart contract security audit report performed by Callisto Security Audit Department
https://etherscan.io/address/0x236d53148f83706c3d670064809577385f923a75#code
The correctness of the mathematical calculations was not verified during the audit due to the lack of complete documentation of what the contract should do and under what conditions.
In total, 4 issues were reported including:
0 medium severity issues.
1 low severity issues.
Add the following code to the transfer(_to address, ...) function:
require( _to != address(this) );
Every user on the entire Ethereum ecosystem can send ERC20 tokens to this contract and he will have no ability to extract it back unless there is a special "ERC20-rescue" function implemented in your contract. It is advised to implement this function.
Example: here is BAT contract address. As you can see the contract itself holds $497,000 worth of different ERC20 tokens - all these tokens are permanently "stuck" inside the contract and therefore uselessly lost.
A simple "ERC20-rescue" function can solve the problem.
function rescueERC20(address _token, uint256 _amount) external onlyOwner {
IERC20(_token).transfer(owner(), _amount);
}The audited smart contract can be deployed. Only low severity issues were found during security audit.
SerecThunderson
commented
3 years ago Hello, we would like to bring contention to a couple of points:
3.4 Owner privileges This is not a security issue, because the ownership of this contract has already been revoked to a burn address, and cannot be redeemed. https://etherscan.io/token/0x236d53148f83706c3d670064809577385f923a75
3.2. Function includeAccount() waste a Gas and has a risk of OUT_OF_GAS exception. This is not a gas issue, because the function is only inefficient when the list of excluded accounts is large. Because there is no, and never will be, an owner to add accounts to the excluded list, this can never grow to be a gas issue.
We understand the reasonings for the judgements, and also agree with and understand the rest of the audit in entirety. But it is important that the issues above be addressed, please.
yuriy77k
commented
3 years ago @SerecThunderson thank you for your notice. The report was updated.
yuriy77k
commented
3 years ago
Audit request
SHUSKY (Siberian Husky) is a decentralized community token and store of value. 50% burned, 40% locked, 10% dumped on open market already, contract revoked
Source code
https://etherscan.io/address/0x236d53148f83706c3d670064809577385f923a75#code
Disclosure policy
Talk to me first in case it is a misunderstanding, but publish it later
Standard disclosure policy.
Contact information (optional)
admin@SHUSKYTOKEN.com T.me/serecthunderson
https://SHUSKYTOKEN.com https://twitter.com/SHUSKYTOKEN https://t.me/SHUSKYTOKEN https://reddit.com/r/SHUSKYTOKEN https://discord.gg/XGPhdcp9nA
Platform
ETH