The smart contracts that have been audited were taken from the RCN repository at: https://github.com/ripio/rcn-network/tree/v2. The audit is based on the commit 3ded36151ad55543d16c354e70161852de4061d0, which was updated to reflect changes at: 052e5fd4d77301e854d0ecdaadbd785dd91950ce.
Coinfabrik security audit’s team was asked to audit the BasicCosigner contract. This contract is part of a Loan system where multiple contracts interact, where the main contract is NanoLoanEngine. Particularly, this is an example implementation of a loan cosigner, which serves as a guarantee for the lender. In the first part, we will give a summary […]
Coinfabrik was asked to audit the contracts for the Theta Token sale. In the first part, we will give a summary of our discoveries and follow them with the details of our findings. The contracts audited are from the Theta repository at https://github.com/thetatoken/theta-erc20-token-sale. The audit is based on the commit 46592ac461949fa793b9d0dc1f59df9bf7ea07f3 and updated to reflect […]
Coinfabrik was hired to audit the contract in terms of its security. First of all, we will analyze the code and deliver a summary of the reviewed contract. After evaluating the contract, we will write a detailed description of our discoveries and proposed changes, followed by the conclusion. The audited contract is from the DMarket […]
CoinFabrik’s Smart Contract Audit team audited WorldBit Token sale ICO’s smart contracts. The contracts audited are taken from the WorldBit repository on https://github.com/CoinFabrik/ico/tree/world-bit. The audit is based on the commit 445cc0c28894a85cb58f54631666deafdd35d859, and updated to reflect changes on 21abcc3bde6d64d4aee391544fc9332fc9f2749d. Summary The audited contracts are: ERC20Basic: non-approval half of ERC20 interface. ERC20: Full ERC20 interface. FractionalERC20: Full ERC20 interface […]
Coinfabrik’s smart contract audit team was commissioned to conduct a security audit of the contracts for the RCN Network. RCN Network is a P2P lending protocol based on smart contracts. The protocol connects lenders and borrowers from anywhere in the world. The engine allows borrowers to create loan requests, and lenders to fulfill those requests. […]
By Ismael Bejarano and Pablo Yabo Coinfabrik smart contract audit’s team was hired to review the contracts for the Realisto’s ICO or token sale. We audited the contracts from repository https://github.com/realisto/smartcontract at commit b8f68bd4330f4852260636c00013794ffec1c6a7. In the next section, we provide a short summary of the contracts and our discoveries. After that, we present our detailed […]
Coinfabrik’s smart contracts auditing team was asked to audit the contracts for the Flixxo Token sale. In the first part, we will give a summary of our discoveries and then the details of our findings.
The audited contracts are in Flixxo repository on https://github.com/AdrianClv/icofunding-flixxo. The audit is based on the commit 739f8dda4fdeffb65a6631ed9d86a42233085cd3, and updated to reflect changes at a2e9ba2cd1953a886c4e367b672cab34f8dede08
By Pablo Yabo and Ismael Bejarano Introduction CoinFabrik’s smart contract audit team was requested to review contracts of the Líf Token for the Winding Tree platform. In the following sections, we will write the discoveries of this process. The contracts audited are from the repository https://github.com/windingtree/LifToken, the audit was started at commit fa503ebe495b7ec11d19333731b1f506e897929b, and completed […]
By Sergio Demian Lerner Executive Summary In August 2017, REAL engaged Coinfabrik smart contract audit team to perform a security audit of the REAL crowdsale smart contracts. The purpose of the audit was to evaluate the security of the smart contracts. The source code was retrieved by Coinfabrik from https://github.com/RealEstateAssetLedger/real_contract commit e8af021445785ad0e36c54adf6568b079ec6293d on August 11th […]
Overview Our smart contract audit team found that Short Address Attack mitigations can cause several problems with smart contracts. A Short Address Attack is when a contract receives less data than it was expecting, and Solidity fills the missing bytes with zeros. The deployed smart contract cannot prevent this and will interpret those extra zeros as […]
08-Ago-2018 Update: Removed update and queries point to CoinFabrik servers to solve quota issues in both Google and Crypto APIs. You can get the spreadsheet here. To create your own version go to ‘File’ -> ‘Make a copy’. Keep updated on my Twitter account. Thanks to the smart contract development team.