Pillar Token Code Review

Similar documents
SECURITY AUDIT REPORT

Table of contents. Abstract. Disclaimer. Scope. Procedure. AS-IS overview. Audit overview. Conclusion. Appendix A. Automated tools reports 12

Bob s Repair Contract Audit

QIIBEE Security Audit

Security Audit of FuzeX Smart Contract This report is public. ChainSecurity Ltd. January 11, 2018

FanChain Contract Audit

kasko2go Token Contract Audit

GUTS Token Sale Audit

Gnosis Safe Documentation. Gnosis

POA Bridge. Security Assessment. Cris Neckar SECUREWARE.IO

TABLE OF CONTENTS 1.0 TOKEN SALE SUMMARY INTRODUCTION HOW TO BUY LION HOW TO BUY LION WITH METAMASK

a new cryptocurrency STK GLOBAL PAYMENTS USER GUIDE USER GUIDE: PARTICIPATING IN IN STK STK TOKEN TOKEN SALE USING SALE MYETHERWALLET

LECTURE 2 BLOCKCHAIN TECHNOLOGY EVOLUTION

Secure Token Development and Deployment. Dmitry Khovratovich and Mikhail Vladimirov, University of Luxembourg and ABDK Consulting

Lecture 10. A2 - will post tonight - due in two weeks

TABLE OF CONTENTS 1.0 TOKEN SALE SUMMARY INTRODUCTION HOW TO BUY LION HOW TO BUY LION WITH METAMASK

NEW TOKEN SWAP INSTRUCTIONS For action after July 23, 2018.

Ethereum. Smart Contracts Programming Model

OW TO PARTICIPAT HOW TO PARTICIPATE

VB.NET. Exercise 1: Creating Your First Application in Visual Basic.NET

Securify: Practical Security Analysis of Smart Contracts

FXY TOKEN SMART CONTRACT AUDIT RESULTS FOR FIXY NETWORK LTD

TOKEN SWAP FAQ. For action before July 23, 2018.

M Introduction to Visual Basic.NET Programming with Microsoft.NET 5 Day Course

Kibo Contract Audit. Prepared by Hosho July 17th, Report Version: 2.0. Copyright 2018 Hosho Group Inc.

ICO Review: Raiden Network (RDN)

3Lesson 3: Web Project Management Fundamentals Objectives

HowtobuyHUMToken. Table of Contents. Beforeproceedingwiththepurchase Pre-saleguideusingMyEtherWallet Pre-saleguideusingMetamask

ICO Review: Etherparty (FUEL)

SmartDec icumulate.io Smart Contracts Security Analysis

Test Planning Guide. Summary: The purpose of this document is to define and document requirements in order to create and execute a test plan.

Beerchain. Creating the beer-based cryptocurrency. Yellowpaper version 0.3, 3/11/2018

Microsoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit. Alan Maddison, Architect Amit Bhatia, Architect

Introduction to Blockchain

Knowledge Platform TOKEN SALE. GUIDELINE (MetaMask & MyEtherWallet)

CresTech Software Systems Your Testing Partner

CLOUD GOVERNANCE SPECIALIST Certification

Information Security Office. Server Vulnerability Management Standards

ETHEREUM META. Whitepaper 2018/2019. A decentralized token with privacy features. Ethereum Meta team

TRAPS ADVANCED ENDPOINT PROTECTION

DISTRIBUTION PLAN. Operation of EMMARES smart contract. EMA Token Allocation

Introduction to User Stories. CSCI 5828: Foundations of Software Engineering Lecture 05 09/09/2014

Effective Threat Modeling using TAM

Vladimir Groshev. COO, Project Coordinator.

Course 55197A: Microsoft SharePoint Server 2016 for the Site Owner/Power User

Development, testing and quality assurance report

MYETHERWALLET GUIDE 1

Privacy-Enabled NFTs: User-Mintable, Non-Fungible Tokens With Private Off-Chain Data

t a Foresight Consulting, GPO Box 116, Canberra ACT 2601, AUSTRALIA e foresightconsulting.com.

How Secure is Blockchain? June 6 th, 2017

General Data Protection Regulation (GDPR)

2559 : Introduction to Visual Basic.NET Programming with Microsoft.NET

An Analysis of Atomic Swaps on and between Ethereum Blockchains Research Project I

OWASP Top 10 The Ten Most Critical Web Application Security Risks

GENESIS VISION NETWORK

TOKEN PAPER.

HOW TO PARTICIPATE IN VESTARIN PRE-ICO & ICO with ETHERIUM

CASE STUDY FINANCE. Enhancing software development with SQL Monitor

Inspector Software Appliance User Guide

Saving the Project Brief document under its own name

Guide to a Successful Wanchain Token Contribution

There is detailed documentation associated with using query tables that can be found with the Support Pac.

Terms, Methodology, Preparation, Obstacles, and Pitfalls. Vulnerability Assessment Course

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Creating a Corporate Taxonomy. Internet Librarian November 2001 Betsy Farr Cogliano

IoT security based on the DPK platform

OPEN SOURCE SECURITY ANALYSIS The State of Open Source Security in Commercial Applications

Introduction to INFOASSIST Training Course Manual

Threat and Vulnerability Assessment Tool

ForeScout Extended Module for Tenable Vulnerability Management

Managed Administration Service (MAS): Hitachi ID Password Manager

Wanchain Hackathon Handbook San Jose

How to Invest in the Gizer Token Sale. A guide for contributing to the Initial Offering of GZR Tokens

Design Book of TRON Architecture

every Website Packages

Assessment of Programming Skills of First Year CS Students: Problem Set

IoT & SCADA Cyber Security Services

Internet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin

SEGUE DISCOVERY PARTICIPATION IN DISCOVERY DISCOVERY DELIVERABLES. Discovery

MS 50547: Microsoft SharePoint 2010 Site Collection and Site Administration Duration: 5 Days Method: Instructor-Led

Administering System Center 2012 Configuration Manager

MANUAL 2 - CREATING YOUR CAMPAIGN PART 1

Information Security Controls Policy

Development Authority of the North Country Governance Policies

Replay Attacks on Ethereum Smart Contracts. Zhenxuan Bai, Yuwei Zheng, Kunzhe Chai Senhua Wang

Defying Logic. Theory, Design, and Implementation of Complex Systems for Testing Application Logic. Rafal Los, Prajakta Jagdale

Categorizing Migrations

PARTICIPATING IN PODONE s ICO

For further information about the GRID token sale, please visit gridplus.io/token-sale.

Ruckus Wireless Security Advisory ID FAQ

Service Description: Software Support

Microsoft SDL 한국마이크로소프트보안프로그램매니저김홍석부장. Security Development Lifecycle and Building Secure Applications

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

How to Buy TRVR Tokens

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

Instruction for creating an Ethereum based wallet and MUH ICO participation

Types of Software Testing: Different Testing Types with Details

ZEUS NETWORK ZEUS OFFICIAL ERC-20 TOKEN SWAP MANUAL

Script for Visualization of Algorithms: Framework for Animation Environment and Composite Structures

Specifying the Ethereum Virtual Machine for Theorem Provers

Transcription:

Pillar Token Code Review July 14, 2017 Prepared By: Kshitish Balhotra Independent Reviewers Umesh Kushwaha, Bhavish Balhotra kshitish@dltlabs.io dltlabs.io

Table of Contents I. Introduction... 2 II. Overview... 4 III. General Findings... 4

1 Introduction DLT Labs conducted a review of the smart contracts that make up the Pillar Token Sale service. The findings of the review are presented in this document. This review was performed under a contracted fixed rate and performed by independent reviewers. Update: The Pillar Token Development team has informed us that they have deployed the fixes to the issues observed in our reviews and details of which are stated below. DLT Labs independent reviewers have verified the fixes for the issues stated below and they can be marked as fixed from a review perspective. 1.1 Review Goals and Focus Sound Architecture This review includes both objective findings from the contract code as well as subjective assessments of the overall architecture and design choices. Given the subjective nature of certain findings it will be up to the Pillar Token development team to determine the appropriate response to each issue. Smart Contract Best Practices This review will evaluate whether the codebase follows the current established best practices for smart contract development. Code Correctness This review will evaluate whether the code does what it is intended to do. Code Quality This review will evaluate whether the code has been written in a way that ensures readability and maintainability. Security This review will look for exploitable security vulnerabilities. 1.2 Terminology This review uses the following terminology. Code Coverage Terms Measurement of the testing code coverage. PILLAR TOKEN CODE REVIEW - JULY 14, 2017 2

1.2.1.1 Untested No tests. 1.2.1.2 Low The tests do not cover some set of non-trivial functionality. 1.2.1.3 Good The tests cover all major functionality. 1.2.1.4 Excellent The tests cover all code paths. Severity Terms Measurement of magnitude of an issue. 1.2.2.1 Minor Minor issues are generally subjective in nature, or potentially deal with topics like "best practices" or "readability". Minor issues in general will not indicate an actual problem or bug in code. The maintainers should use their own judgement as to whether addressing these issues improves the codebase. 1.2.2.2 Medium Medium issues are generally objective in nature. Most medium level issues will not represent an actively exploitable bugs or security problem, but rather an issue that is likely to lead to a future error or security issue. In most cases a medium issue should be addressed unless there is a clear reason not to. 1.2.2.3 Major Major issues will be things like bugs or security vulnerabilities. These issues may not be directly exploitable such as requiring a specific condition to arise in order to be exploited. Left unaddressed these issues are highly likely to cause problems with the operation of the contract or lead to a situation which allows the system to be exploited in some way. 1.2.2.4 Critical Critical issues are directly exploitable bugs or security vulnerabilities. Left unaddressed these issues are highly likely or guaranteed to cause major problems or potentially a full failure in the operations of the contract. PILLAR TOKEN CODE REVIEW - JULY 14, 2017 3

2 Overview 2.1 Source Code The source code under review can be found in the public github repository https://github.com/twentythirty/pillartoken/ 2.2 Contracts The tests were primarily limited to test files related to the main sale namely PillarToken.sol and unsoldallocation.sol Zeppelin Base Contracts The contracts make use of a small number of the re-usable contracts provided by Zeppelin. These contracts were not covered by this review. 3 General Findings This section contains detailed issues and analysis. 3.1 General Thoughts The first review identified multiple issues that require patching prior to the contracts being deployed and used. The changes necessary to fix these issues are likely to change a sufficiently large amount of code to warrant an additional follow up review. This was reported in our meeting held on 5 th July 2017. The following issue numbers were identified in the first review: Critical: 3.4.1-3.4.2, Major: 3.3.1-3.3.3, Minor: 3.2.1-3.2.4 A second review was conducted to further review the previously identified issues and also see if any new issues were created due to code update. The issues have been detailed in relevant sections below. A third review was conducted at the request of the Pillar Project team to further review the previously identified issues and also see if any new issues were created due to code update. The issues have been detailed in relevant sections below. All issues stated below have been fixed and reviewed. Code Quality The code reviewed in this review is generally of good quality. We do feel that there is scope to improve code verbosity by adopting the latest standards set for token contracts and also improve the comments provided. The contracts themselves could have been architected and organized as per design standards. Commonly used logic for token sale has been encapsulated in internal utility functions. The Token contract is ERC-20 compatible and uses standard Zeppelin libraries. The Zero address attack have also been handled appropriately. PILLAR TOKEN CODE REVIEW - JULY 14, 2017 4

3.2 Minor Issues Remove isfundable modifier In line 134, isfundable modifier is not required as function fundingactive() is required to return current funding status whether funding is active or not. totalusedtokens condition implementation needs to be fixed In line number 135, condition totalusedtokens > totalavailableforsale will never be met so funding status will show as active only even though all available token has been sold. No specific function exists to start token sale As per current implementation, Sale for PillarToken will be started as soon as smart contract is published. It is advisable to add specific function for starting token sale so that owner can start sale at specified time avoiding any last moment deployment issues. allocatetokens purpose needs to be defined The purpose of function allocatetokens has not been clearly defined due to which it is difficult to assess its usage. We also need to clearly identify as to why are we subtracting token assigned from totalusedtokens. Refund function calculation formula needs to be fixed In function refund() at line number 161, ethvalue for refund is calculated as below: uint ethvalue = plrvalue.mul(tokenprice); This should be modified to uint ethvalue = plrvalue.mul(tokenprice).div(1e18); because tokenprice is for per token but plrvalue is holding token amount multiplied with 1e18 (as per line number 103). Implement unpausetokensale function to unpause sale We need to have unpausetokensale() function in contract that will set fundingmode to true so that paused sale can be resumed. The current implementation does not have any function that can be used to resume paused token sale leading to a deadlock state. This issue was reported in first review, the incorporated fix provided after second review has not taken care of the scenario mentioned here. Token Sale finalization issue when we hit max token limit As per the current implementation, Token sale cannot be finalized in case totalunsold =0. This causes issues when we hit the limit for the tokens to be sold hence leaving the token sale open PILLAR TOKEN CODE REVIEW - JULY 14, 2017 5

even though there are no more tokens to be sold. We suggest removing condition if (_tokens <= 0) throw; from line number 27 of UnsoldAllocation.sol so that the sale can be finalized. 3.3 Major Issues No Implementation of unpause function Token sale cannot be un-paused, if once it is paused as there is no implementation for un-pause. totalsupply function implementation logic In fallback function, as per line number 90 & 99, token sale is allowed till totalsupply for direct transfers of ether to contract. In this scenario, it may lead to over sale of token because all totalsupply is not available for sale. allocateforrefund function needs to accept ether In line number 194, function allocateforrefund must be payable to accept ether. Refunds will not be successful until smart contract is funded with ether using function allocateforrefund(). This is not automated process so business to take prompt action in case ICO is not successful to avoid any chaos. Set saleperiod, fundingstartblock and fundingstopblock in starttokensale In order to show accurate data, saleperiod, fundingstartblock and fundingstopblock should be set in function starttokensale() not in constructor as these parameters should be set while starting sale not at point of deployment. This is necessitated by the fact that the saleperiod gets calculated based on current block timestamp, so it will show wrong data if set in constructor. Update the condition for the finalize function In line number 134, below condition for function finalize() needs to be corrected as in the current implementation, sale can be finalized when block.number > fundingstopblock even though mintokensforsale are not sold. if ((block.number <= fundingstopblock && totalusedtokens < mintokensforsale)) throw; Set fundingstatus as a constant keyword In line number 206, function fundingstatus() should include 'constant' keyword in signature to get the value from function, as this function is not changing any state variable. This is needed in order to ensure that we are able to query a response for the status while the sale is on. PILLAR TOKEN CODE REVIEW - JULY 14, 2017 6

3.4 Critical Issues Decimal Placement As PillarToken supports 18 places of decimals, it means all transactions will happen in minimum possible unit and also balances of any address will be stored in minimum possible unit not in PillarToken. And all other wallets will understand as same way. So as per current implementation 1000 PillarToken received from PillarToken smart contract will display balance as 0.000000000000001000 PillarToken in other wallets. totalunsold exception In line number 168, totalunsold will always be calculated as 0 because finalize function will be executed only when either block.number > fundingstopblock or totalusedtokens = totalavailableforsale. So, line number 169 will always throw exception and finalize will never be possible. PILLAR TOKEN CODE REVIEW - JULY 14, 2017 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback