Jarvis + Token (JAR) security audit, conducted by the Callisto Network Security Department in October 2018.
Jarvis + (JAR) Specificities
Audit Request
The ERC20 token in before of the Jarvis+ mainnet, providing exchanges and project participants.
Symbol : JAR Name : Jarvis+ Token
Total supply : 600,000,000
Decimals : 18
Standard : ERC20
Source Code:
https://github.com/x-contract/JarvisPlusToken/blob/master/flats/JarvisPlusToken_flat.sol
Disclosure policy:
Platform:
ETH.
Complexity:
Low.
Jarvis+ Token (JAR) Smart Contract Security Audit Report
Are Your Funds Safe?
1. In scope
JarvisPlusToken_flat.sol github commit hash b1e9458f8a77fe13d09940547da7824f3066cf17.
2. Findings
In total, 2 issues were reported including:
-
1 low severity issues.
-
1 minor observation.
No critical security issues were found.
2.1. Known vulnerabilities of ERC-20 token
Severity: low.
Description:
-
It is possible to double withdrawal attack. More details here.
- Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Code snippet:
2.2. Extra checking
Severity: minor observation.
Description:
Extra checking in 96, 165, 166 lines of BasicToken and StandardToken contracts. SafeMath library checks it anyway.
Code snippet:
- https://github.com/x-contract/JarvisPlusToken/blob/8dca09084a7e9178ee5770228219bf901ecaf21e/flats/JarvisPlusToken_flat.sol#L96
- https://github.com/x-contract/JarvisPlusToken/blob/8dca09084a7e9178ee5770228219bf901ecaf21e/flats/JarvisPlusToken_flat.sol#L165
- https://github.com/x-contract/JarvisPlusToken/blob/8dca09084a7e9178ee5770228219bf901ecaf21e/flats/JarvisPlusToken_flat.sol#L166
3. Conclusion
The token contract is safe to be deployed, developers should consider checking ERC20 known issues.
4. Revealing audit reports
- https://gist.github.com/yuriy77k/6d6b617a907b4454ddf05661d5b66f91
- https://gist.github.com/yuriy77k/d1f01c441cb6ac96d25368a25cf4407d
- https://gist.github.com/yuriy77k/141fc6fc44b69cfeb06fe0335c72475d
Appendix
Smart Contract Audits by Callisto Network.
Miscellaneous
Our Most Popular Audit Reports.
Trust the Blockchain, Audit the Smart Contracts.
Follow Callisto’s Security Department on Twitter to get our latest news and updates!