Zilliqa Token (ZIL) Security Audit Report

Zilliqa Token (ZIL) security audit, conducted by the Callisto Network Security Department in April 2019.

Zilliqa (ZIL) Specificities

Audit Request

Audit Top 200 CoinMarketCap tokens.

Symbol      : ZIL
Name        : Zilliqa
Circulating Supply: 8 750 823 775
Total Supply: 12 599 999 804

https://www.zilliqa.com/

Deployed at:

https://etherscan.io/address/0x05f4a42e251f2d52b8ed15e9fedaacfcef1fad27#code

Source Code:

https://gist.github.com/yuriy77k/cd476ddc9a1c1685dc39e399fcd08b3e

Disclosure policy

Public.

Platform:

ETH.

Number of lines:

192.

Zilliqa Token (ZIL) Smart Contract Security Audit Report

Are Your Funds Safe?

1. In scope

- ZilliqaToken.sol.

2. Findings

In total, 3 issues were reported including:

3 low severity issues.

2.1. Known vulnerabilities of ERC-20 token

Severity: low.

Description:

It is possible to double withdrawal attack. More details here
Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.

Recommendation:

Add the following code to the transfer(_to address, ...) function:
require( _to != address(this) );

2.2. Transfer Admin to zero address

Severity: low.

Description:

Possibility of setting zero address as newAdnin at changeAdmin function.

Code snippet:

lines 344-348

Recommendation:

Need to check if newOwner address is not zero address.
require( newAdmin != address(0) );

2.3. Owner Privileges

Severity: low.

Description:

The contract owner allow himself:

to pause functions of contract (transfer, transferFrom, approve, increaseApproval, decreaseApproval), besides burn function;
Evacuate Tokens at any time.

The contract is managed manually by the owner which is not good for investors.

Code snippet:

lines 236-245

3. Conclusion

The audited smart contract can be deployed. Only low severity issues were found during the audit.

4. Revealing audit reports

Appendix

Smart Contract Audits by Callisto Network.

Miscellaneous

Why Audit Smart Contracts?

Our Most Popular Audit Reports.

Trust the Blockchain, Audit the Smart Contracts.

Follow Callisto’s Security Department on Twitter to get our latest news and updates!

Callisto Evolution

Fushuma On-chain Democracy

Philosophy of Decentralization - Blueprint

Fushuma Tokenomics

Decentralized X-Chain Bridge

Progress Tracker

News & Updates

Security Department

Funding Program

Cold Staking

ERC-223 Token Standard

Callisto NFT Standard

Callisto Network Mining

Network Explorer

Supply & Burn Metrics

Live Network Data

DApps

Wallets

Callistonians NFT Collection

One Earth, One Heart

Callisto Network Essentials

Testnet Tools

Zilliqa Token (ZIL) security audit, conducted by the Callisto Network Security Department in April 2019.

Zilliqa (ZIL) Specificities

Audit Request

Zilliqa Token (ZIL) Smart Contract Security Audit Report

Are Your Funds Safe?

1. In scope

2. Findings

3. Conclusion

4. Revealing audit reports

Appendix

Miscellaneous

Trust the Blockchain, Audit the Smart Contracts.

Callisto Evolution

Fushuma On-chain Democracy

Philosophy of Decentralization - Blueprint

Fushuma Tokenomics

Decentralized X-Chain Bridge

Progress Tracker

News & Updates

Security Department

Funding Program

Cold Staking

ERC-223 Token Standard

Callisto NFT Standard

Callisto Network Mining

Network Explorer

Supply & Burn Metrics

Live Network Data

DApps

Wallets

Callistonians NFT Collection

One Earth, One Heart

Callisto Network Essentials

Testnet Tools

Zilliqa Token (ZIL) Security Audit

Zilliqa Token (ZIL) security audit, conducted by the Callisto Network Security Department in April 2019.

Zilliqa (ZIL) Specificities

Audit Request

Zilliqa Token (ZIL) Smart Contract Security Audit Report

Are Your Funds Safe?

1. In scope

2. Findings

3. Conclusion

4. Revealing audit reports

Appendix

Miscellaneous

Trust the Blockchain, Audit the Smart Contracts.

Share This Story, Choose Your Platform!