Omniscia DAFI Protocol Audit
StandardToken Manual Review Findings
StandardToken Manual Review Findings
STN-01M: Inconsistent Restrictions
Type | Severity | Location |
---|---|---|
Input Sanitization | Minor | StandardToken.sol:L40-L44, L47-L56 |
Description:
The increaseApproval
and decreaseApproval
functions permit the allowance of the zero-address to be set whereas the approve
function allow does not permit it to be done so.
Example:
27function approve(address _spender, uint256 _value) public returns (bool) {28 29 require(_spender != address(0),"invalid address");30 allowed[msg.sender][_spender] = _value;31 emit Approval(msg.sender, _spender, _value);32 return true;33}34
35
36function allowance(address _owner, address _spender) public view returns (uint256) {37 return allowed[_owner][_spender];38}39
40function increaseApproval(address _spender, uint _addedValue) public returns (bool) {41 allowed[msg.sender][_spender] = allowed[msg.sender][_spender].add(_addedValue);42 emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]);43 return true;44}
Recommendation:
We advise the restrictions to become consistent across the codebase by introducing this check in the increase
and decrease
prefixed functions as well.
Alleviation:
A require
check was introduced to both functions disallowing an allowance to be adjusted for the zero-address.
STN-02M: Incorrect Approval Mechanism
Type | Severity | Location |
---|---|---|
Mathematical Operations | Minor | StandardToken.sol:L17, L20, L30 |
Description:
The approve
function sets a _value
that is meant to be transferred from an account by a particular user. However, this _value
is denoted as a literal and is not "normalized" using the demandFactor
which can lead greater or lower values than intended to be transacted if the demandFactor
changes.
Example:
27function approve(address _spender, uint256 _value) public returns (bool) {28 29 require(_spender != address(0),"invalid address");30 allowed[msg.sender][_spender] = _value;31 emit Approval(msg.sender, _spender, _value);32 return true;33}
Recommendation:
We advise the allowed
mapping to contain normalized values that allowance
and the transferFrom
invocations properly utilize.
Alleviation:
The value stored within the allowed
mapping now properly takes into account the demandFactor
of the token.
STN-03M: Redundant & Inaccurate Evaluations
Type | Severity | Location |
---|---|---|
Logical Fault | Minor | StandardToken.sol:L13, L14 |
Description:
The require
check for the balanceOf
measurement is susceptible to the same inaccuracies as the one performed in BasicToken
and is done so for the balanceOf
of the msg.sender
instead of the _from
address. The evaluation of the allowed
value is redundant given that a SafeMath
invocation is performed on the allowed
mapping in its subtraction.
Example:
12require(_to != address(0),"invalid address");13require(_value <= balanceOf(msg.sender),"value exceed user balance");14require(_value <= allowed[_from][msg.sender],"value exceed allowed by user");15require(transferAllowance,"Not allowed to transfer");16
17uint256 _value1 = (_value.mul(1 ether)).div(demandFactor);18balances[_from] = balances[_from].sub(_value1);19balances[_to] = balances[_to].add(_value1);20allowed[_from][msg.sender] = allowed[_from][msg.sender].sub(_value);
Recommendation:
We advise both require
checks to be safely omitted from the codebase. If error messages are desired to be manually specified, a wrapper of the SafeMath
implementation can be used whereby the message is passed along with the invocation of a function allowing custom messages to be emitted.
Alleviation:
The require
checks that were using the incorrect balances were entirely omitted from the codebase thus alleviating this exhibit.