Reading Time: 3 minutes
Overview Our smart contract audit team found that Short Address Attack mitigations can cause several problems with smart contracts. A Short Address Attack is when a contract receives less data than it was expecting, and Solidity fills the missing bytes with zeros. The deployed smart contract cannot prevent this and will interpret those extra zeros as […]
Reading Time: 1
Some users asked me to update the investment spreadsheet because it had an issue with the price API I am using to update cryptocurrencies’ prices. As the spreadsheet asks the price very often, Cryptocompare API answers that the quota was exceeded. To correct this problem, I added a new cell to specify how often you […]
Reading Time: 2 minutes
Security Smart Contract Auditing: Beware of Duplicated Storage in Solidity Smart Contract Development Solidity semantics are confusing for smart contract developers with experience in traditional programming languages. This semantics can lead to security issues like the one we found in a recent smart contract security audit we did. The following code caught our attention: In […]
Reading Time: 3 minutes
Introduction CoinFabrik smart contract audit‘s team was hired to audit contracts written by TokenMarket for the PTOY Token ICO. The result of this security review is reflected in this document. Audited Files The contracts we audited are hosted at Github repository: MintableToken.sol CrowdsaleToken.sol ReleasableToken.sol UpgradeableToken.sol Commit hash f968cffe1abf4a3d96d6705ec1befd6cfec13ae3. Vulnerabilities Found Short Address Attack The version […]