New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Duplicate method staker_info #11

Closed
k06a opened this Issue Oct 11, 2018 · 5 comments

Comments

Projects
None yet
2 participants
@k06a
Copy link

k06a commented Oct 11, 2018

This method:

function staker_info(address _addr) public constant returns (uint _amount, uint _time)

Is already exist because of this line:

mapping(address => Staker) public staker;

Public property auto-generates getter:

function staker(address staker) public constant returns(uint _amount, uint _time);

Auditing smart contracts in live stream: https://www.youtube.com/watch?v=efZY3_COaiE

Your CryptoManiacs :)

@Dexaran

This comment has been minimized.

Copy link
Member

Dexaran commented Oct 12, 2018

Confirmed.

I can classify this as a minor observation, non-security issue (10,000 CLO) because this does not pose a threat of losing funds for users.

Please, provide your ETH/CLO address.

However, it was stated that you should keep your reports private until the end of security audit EthereumCommonwealth/Roadmap#52

bugbounty

The reward will be evaluated after the end of the security audit.

@Dexaran Dexaran added the confirmed label Oct 12, 2018

@k06a

This comment has been minimized.

Copy link

k06a commented Oct 12, 2018

@Dexaran sorry about that (my public reports), but I mistakely decided such non-critical issues should be public to avoid duplicates.

This contributions were the part of our public live stream smart contract audits, which help people to understand smart contracts logic better. So any reward is welcome, thank you :)

Wallet: 0x083fc10cE7e97CaFBaE0fE332a9c4384c5f54E45

@Dexaran

This comment has been minimized.

Copy link
Member

Dexaran commented Oct 12, 2018

@k06a

sorry about that (my public reports), but I mistakely decided such non-critical issues should be public to avoid duplicates.

The issue with public reports is that we are running an official audit of this contract at the same time by our auditing team. We keep all audit reports and we may assign penalties if an auditor failed to report some issues. Now they can just copy&paste everything from here. However, it is not a great problem. Even more, there were no major issues yet.

This contributions were the part of our public live stream smart contract audits, which help people to understand smart contracts logic better.

Yeah, I've seen the link.
At the end of bugbounty I will write a summary and it is likely that it will be published at Callisto blog. I can provide some links to your channel or any other resources if you would like it.

yuriy77k added a commit to yuriy77k/Cold-staking that referenced this issue Oct 12, 2018

minor fixing
Removed:
- [Duplicate method staker_info](EthereumCommonwealth#11);
- [Duplicate condition](EthereumCommonwealth#8).

Updated function [stake_reward](EthereumCommonwealth#10).
@k06a

This comment has been minimized.

Copy link

k06a commented Oct 28, 2018

@Dexaran thanks!

@k06a k06a closed this Oct 28, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment