Smart Contract
Security Scan
Scanning Result
ETH
  • ETH
  • TRON
-
0x4165ab544d23de2996b261ee8446b76697683c76
2.1
score
2.14/5
Defeated 5% of the rest smart contracts
0
High
risks
9
Medium
risks
38
Low
risks
Contact Us
To get detail info about vulnerability of smart contract and suggestion for optimizing, please contact: audit@cmcm.com
Details
Integers Overflow/Underflow
Integer Underflow

Very severe. Once the vulnerability is exploited, it might result in loss of large amount of assets directly.
To elaborate a bit: There might exist an integer underflow in the contract code, which can be exploited by attackers to steal funds or execute malicious transfers, etc.

Integer Overflow

There might exist an integer overflow in the contract code, which can be exploited by attackers to steal funds.

There might exist an integer overflow in the contract code, which can be exploited by attackers to steal funds.

Very severe. Once the vulnerability is exploited, it might result in loss of large amount of assets directly.
To elaborate a bit: There might exist an integer underflow in the contract code, which can be exploited by attackers to steal funds or execute malicious transfers, etc.

Vulnerabilities in external calls
Message call to external contract

There are vulnerabilities in message call to external contract. Attackers can exploit them with double spend attacks and malicious transfers.

State change after external call

To some extent at risk.
Status of contract has been changed after external call. Attackers can repeatedly exploit this vulnerability and it might result in business logic errors.

Unchecked CALL return value

To some extent at risk.
Vulnerabilities found with the function call and the contract might not be executed properly.

Multiple calls

Multiple sends exist in one transaction. This might lead to instability in contract execution.

There are vulnerabilities in message call to external contract. Attackers can exploit them with double spend attacks and malicious transfers.

To some extent at risk.
Status of contract has been changed after external call. Attackers can repeatedly exploit this vulnerability and it might result in business logic errors.

To some extent at risk.
Vulnerabilities found with the function call and the contract might not be executed properly.

Multiple sends exist in one transaction. This might lead to instability in contract execution.

Abnormalities in code execution
Use of tx.origin

To some extent at risk.
Wrong ORIGIN opcode was used.

Dependence on predictable variable

A function call error.
Might be exploited, with limited harm.

Exception state

Optimization is suggested. Abnormalities were detected in the contract and the execution might be unstable.

To some extent at risk.
Wrong ORIGIN opcode was used.

A function call error.
Might be exploited, with limited harm.

Optimization is suggested. Abnormalities were detected in the contract and the execution might be unstable.

Vulnerabilities in business logic
Dependence on predictable environment variable

To some extent at risk.
The output of the method is predictable and it can be used to determine the status of ETH transfer.

Transaction order dependence

To some extent at risk.
In the transaction sequence with different input orders, the results of the contract output are inconsistent, which might result in business logic errors.

To some extent at risk.
The output of the method is predictable and it can be used to determine the status of ETH transfer.

To some extent at risk.
In the transaction sequence with different input orders, the results of the contract output are inconsistent, which might result in business logic errors.