ChainLink Token (LINK) security audit, conducted by the Callisto Network Security Department in April 2019.
ChainLink Token (LINK) Specificities
Token Description
Symbol : LINK
Name : ChainLink Token
Total supply: 1,000,000,000
Decimals : 18
Standard : ERC677
Deployed at:
https://etherscan.io/address/0x514910771af9ca656af840dff83e8264ecf986ca#code
Source Code:
https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158
Platform:
ETH.
Number of lines:
160.
ChainLink (LINK) Smart Contract Security Audit Report
Are Your Funds Safe?
1. In scope
2. Findings
In total, 2 issues were reported including:
- 2 low severity issues.
No critical security issues were found.
2.1. Known vulnerabilities of ERC-20 token
Severity: low.
Description:
- It is possible to double withdrawal attack. More details here.
- Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Recommendation:
Add the following code to the
transfer(_to address, ...)
function:
require( _to != address(this) );
2.2. No zero address checking
Severity: low.
Description:
- In functions
transfer
(Line 81) andtransferFrom
(Line 118) there are no zero address checking.
Code snippet:
https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158#file-linktoken-sol-L81
https://gist.github.com/yuriy77k/c3a70d212a7f9ecda715252e45073158#file-linktoken-sol-L118
3. Conclusion
The audited smart contract can be deployed. Only low severity issues were found during the audit.
4. Revealing audit reports
Appendix
Smart Contract Audits by Callisto Network.
Miscellaneous
Our Most Popular Audit Reports.
Trust the Blockchain, Audit the Smart Contracts.
Follow Callisto’s Security Department on Twitter to get our latest news and updates!