Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
TokenTraderFactory And TokenSellerFactory Bug Bounty
A bug bounty is on offer for bugs in the following smart contracts:
- TokenTraderFactory.sol v1.0 (463 lines of code) that has been deployed to Mainnet at 0xa9f801f160fe6a866dd3404599350abbcaa95274 and Testnet at 0x66bdad9baac0deed299bcd6331e02bc92865db8d. You can find the ABIs at TokenTrader & Factory.
- TokenSellerFactory.sol v1.0 (318 lines of code) that has been deployed to Mainnet at 0xb1eb96f752c624dc784d80961a1accfaf348c923 and Testnet at 0x2b8ce19465f35419e757e4458defc1c3fd0ffb40. You can find the ABIs at TokenSeller & Factory.
If you want to test the contracts above on Testnet, I have deployed a TestERC20Token at 0x583cbbb8a8443b38abcc0c956bece47340ea1367. Send some Testnet ethers to the test token contract and your account will receive the equivalent number of Testnet BOKKY tokens. This TestERC20Token is not included in this bug bounty program.
The Bug Bounty - Reward Now 220 ETH
The maximum reward paid under this bounty is 50 ethers for bugs that would result in the loss of ethers and/or tokens. In addition to the bounty reward, you will be entered into The BokkyPooBah Hall of Fame.
This amount will be supplemented by any donations to the https://cryptoderivatives.market/ donation address 0x000001f568875f378bf6d170b790967fe429c81a during the months of January and February 2017. Donations so far are:
- Jan 21 2017 - Tx #0xeecd2155 3 ETH. The maximum reward is now 53 ETH.
- Jan 23 2017 - A very generous donation Tx #0xcc9226e3... of 55 ETH. The maximum reward is now 108 ETH
- Feb 12 2017 - /u/JonnyLatte, the original TokenTraderFactory author, has matched the 108 ETH bug bountry with an additional 108 ETH - 0x4ddb6065....
- Feb 14 2017 - Bartosz Ocytko has been awarded 40 ETH for finding some (impossible in real-life, but very useful to know) overflow conditions - see below for details. I will add another 40 ETH to the bug bounty, bringing the new balance to 216 ETH.
- Feb 26 2017 - Another donation Tx 0xc3468cd4... of 4 ETH. Thank you! The new bug bounty balances is 220 ETH
- Feb 05 2017 - /u/JonnyLatte, the original TokenTraderFactory author, has found a bug in the TokenTraderFactory (see below) but has decided not to claim the bounty.
Please email firstname.lastname@example.org to report any bugs you find in the contracts.
Contributing To The Bug Bounty
If you want to support this bug bounty (and https://cryptoderivatives.market/), please consider a donation to the address listed above. Executing trades on this site does not cost anything more than the standard Ethereum gas fees.
Rules And Rewards
- Bugs that have already been submitted by another user or are already known to the BokkyPooBah are not eligible for bounty rewards.
- Public disclosure of a vulnerability makes it ineligible for a bounty.
- You can deploy the contracts on your private chain for bug hunting. Please respect the Ethereum Mainnet and Testnet and refrain from attacking them.
- The value of rewards paid out will depend on the severity of the bugs found. Determinations of this amount is at the sole and final discretion of the BokkyPooBah but the BokkyPooBah will be fair.
The BokkyPooBah Hall of Fame
- Feb 05 2017 - /u/JonnyLatte, the original TokenTraderFactory author, has found a bug in the TokenTraderFactory code when it interacts with the 🦄 ‐ Unicorn token where the natural unit is 1.
Here are the diffs of the fixed bug in in
- Feb 14 2017 - Bartosz Ocytko has found an overflow condition that allows the GNTTokenTrader, TokenTrader and TokenSeller contracts to exchange the tokens for very little ethers. The conditions for this situation to occur are very very unlikely as it requires:
- the ERC20 token supply to be at least
2^256 - 1
- the Maker creates a TokenTrader or TokenSeller contract with
sellPrice = 2^256 - 1and
units = 1
- the Maker transfers
2^256 - 1tokens to the newly created contract
All the existing GNTTokenTrader, TokenTrader and TokenSeller contracts as listed on the https://cryptoderivatives.market/ site are safe from the overflow bug described above as:
- The are no tokens with supply
2^256 - 1
- If there was a token with supply
2^256 - 1, it is even more unlikely that the Maker would own this whole amount
- The GNTTokenTrader, TokenTrader and TokenSeller with
sellPrice = 2^256 - 1will automatically get filtered out from the existing "reasonableness" checks
Following is Ocytko's email detailing the overflow conditions:
For his efforts of pointing out this condition and suggesting a fix, 40 ETH has been awarded to Bartosz. Thanks Bartosz for auditing the contracts and helping keep it safe!