How to Stake CLO

Cold staking is a protocol that rewards long-term coin holders for staking their Callisto coins.
Blog

ChainLink (LINK) Security Audit Report

ChainLink (LINK) Security Audit Report

Here is the report of the ChainLink Token (LINK) security audit performed by the Callisto Network security department in April 2019.

About Callisto Network and the security department:

Utilizing Callisto Network capabilities, we have established a free-for-all system of smart-contracts auditing, to this end, Callisto Network has founded the Callisto security department and deploys treasury funds to pay security auditors for auditing smart-contracts, to reduce risk/flaw in smart-contracts and improve the adoption of programmable blockchains for the whole crypto industry.

ChainLink (LINK) Specificities :

Deployed at :

https://etherscan.io/address/0x514910771af9ca656af840dff83e8264ecf986ca#code

Source Code:

https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158

Platform:

ETH

Number of lines:

160

ChainLink (LINK) Security Audit Report

1. Summary

ChainLink Token smart contract security audit report performed by Callisto Security Audit Department

Token description:

Symbol      : LINK
Name        : ChainLink Token
Total supply: 1,000,000,000
Decimals    : 18 
Standard    : ERC677

2. In scope

3. Findings

In total, 2 issues were reported including:

  • 2 low severity issues.

No critical security issues were found.

3.1. Known vulnerabilities of ERC-20 token

Severity: low

Description

  1. It is possible to double withdrawal attack. More details here.
  2. Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.

Recommendation

Add the following code to the transfer(_to address, ...) function:

require( _to != address(this) );

3.2. No zero address checking

Severity: low

Description

In functions transfer(Line 81) and transferFrom(Line 118) there are no zero address checking.

Code snippet

https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158#file-linktoken-sol-L81

https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158#file-linktoken-sol-L118

4. Conclusion

The audited smart contract can be deployed. Only low severity issues were found during the audit.

5. Revealing audit reports

https://gist.github.com/yuriy77k/18f0b9562bfba4210550f251d91fe2ca

https://gist.github.com/yuriy77k/6ea910cccecf1c44f93b0551a474db51

https://gist.github.com/yuriy77k/6a6833c14f6a688eb142a00fd50630d9

Topics: