Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enjin Coin (ENJ) #308

Closed
yuriy77k opened this issue Jun 27, 2019 · 10 comments
Closed

Enjin Coin (ENJ) #308

yuriy77k opened this issue Jun 27, 2019 · 10 comments
Labels
approved solidity

Comments

@yuriy77k
Copy link
Member

@yuriy77k yuriy77k commented Jun 27, 2019

Audit request

Audit Top 200 CoinMarketCap tokens.

Enjin Coin (ENJ)

https://enjincoin.io/

Deployed at https://etherscan.io/address/0xf629cbd94d3791c9250152bd8dfbdf380e2a3b9c#contracts

Source code

https://etherscan.io/address/0xf629cbd94d3791c9250152bd8dfbdf380e2a3b9c#contracts

Disclosure policy

public

Platform

ETH

Number of lines:

230
@MrCrambo
Copy link

@MrCrambo MrCrambo commented Jun 27, 2019

Auditing time 1 day

Loading

@danbogd
Copy link

@danbogd danbogd commented Jun 27, 2019

Auditing time: 2 days.

Loading

@yuriy77k
Copy link
Member Author

@yuriy77k yuriy77k commented Jun 28, 2019

@MrCrambo @danbogd assigned

Loading

@MrCrambo
Copy link

@MrCrambo MrCrambo commented Jun 28, 2019

My report is finished

Loading

@danbogd
Copy link

@danbogd danbogd commented Jun 28, 2019

My report is finished.

Loading

@gorbunovperm
Copy link

@gorbunovperm gorbunovperm commented Jul 1, 2019

Estimated auditing time is 1 day.

Loading

@gorbunovperm
Copy link

@gorbunovperm gorbunovperm commented Jul 2, 2019

My report is finished.

Loading

@yuriy77k
Copy link
Member Author

@yuriy77k yuriy77k commented Jul 3, 2019

@gorbunovperm assigned

Loading

@yuriy77k
Copy link
Member Author

@yuriy77k yuriy77k commented Jul 4, 2019

Enjin Coin Security Audit Report

1. Summary

Enjin Coin smart contract security audit report performed by Callisto Security Audit Department

Audit Top 200 CoinMarketCap tokens.

https://enjincoin.io/

2. In scope

  1. ENJ.sol

3. Findings

In total, 2 issues were reported including:

  • 1 note.

  • 1 owner privileges (the ability of an owner to manipulate contract, may be risky for investors).

No critical security issues were found.

3.1. ERC20 Compliance — event missing

Severity: note

Description

According to ERC20 standard when coins are minted a Transfer event should be emitted.

Code snippet

  • Lines 352, 353.
    balanceOf[_crowdFundAddress] = minCrowdsaleAllocation + maxPresaleSupply;
    balanceOf[_incentivisationFundAddress] = incentivisationAllocation;

3.2. Owner privileges

Severity: owner privileges

Description

The owner can allocate unsold tokens after crowdsale to incentivisationFundAddress which is managed by the owner. It is common practice to burn unsold tokens.

Code snippet

  • Lines 456.

4. Conclusion

The audited smart contract can be deployed. Only low severity issues were found during the audit.

5. Revealing audit reports

https://gist.github.com/yuriy77k/037ef6b053af5c51bb1942699a3995fe

https://gist.github.com/yuriy77k/3588be37d4f56a9b8f4cfc82b486ab3a

https://gist.github.com/yuriy77k/deebe5089b27642706b8fcd4c7e0bc28

Loading

@yuriy77k yuriy77k closed this Jul 4, 2019
@MillianoConti
Copy link

@MillianoConti MillianoConti commented Jul 5, 2019

Reddit announcement

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
approved solidity
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants
@MrCrambo @danbogd @gorbunovperm @yuriy77k @MillianoConti