Bitcoin Forum
November 24, 2017, 12:05:34 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Result of the Cointed (CTD) Token Bug Bounty program  (Read 88 times)
cointed_official
Jr. Member
*
Offline Offline

Activity: 56

Cointed - The future of money


View Profile WWW
October 22, 2017, 04:03:42 PM
 #1


Result of the Cointed (CTD) Token Bug Bounty program

Dear Issue reporters,
   
We want to thank everyone who contributed in the CTD smart contract Bug Bounty program.
Before Cointed published the CTD smart contract for public review, we had already charged the independent Swiss IT security company ChainSecurity with auditing the CTD smart contract. No serious bugs were found during this review. The public audit document of this review can be found here.
For the sake of transparency and impartiality, Cointed also charged ChainSecurity with the task to assess the severity of all issues reported as a result of the CTD Bug Bounty program.

The final result of the review is as follows:
Neither Cointed, nor ChainSecurity were able to find any “bug” in the issues, which have been reported.
Despite the fact that none of the reported issues represented what could be considered a “bug”, we still decided to change the contract’s code based on certain reports, because we care about deploying the most beautiful and clean code possible.
As a Thank-You for their work, we decided to compensate the issue reporters who suggested these changes anyway. The following issues have influenced the latest changes to the smart contract:

#5 by merlox: Overflowing issues and related ( … 3 issues )
… Cointed’s Thank-You: 2 ETH

#2 & #3 by pauliax: function Approve in StandardToken.sol & Mark functions with a specific access level ( … 2 issues )
… Cointed’s Thank-You: 1 ETH

#4 by codingupastorm: Constructor sets owner twice ( 1 issue )
… Cointed’s Thank-You: 0.5 ETH

Further explanations have been posted as comments in the code.
With these changes, the code has now been deployed successfully. The full CTD smart contract can be found here.
The changes are also documented in the latest ChainSecurity public report found above.

The aforementioned Bountyhunters have two options to inform us of their ETH wallet address:
1.   Posting their ETH wallet address as a comment in the GitHub thread here
2.   Sending their ETH wallet address as a plaintext email to bugbounty@cointed.com and posting the SHA256 hash of the content in the GitHub thread

A big Thank-You again to all participants from the whole Cointed IT department!

Cointed - The future of money www.cointedtoken.com
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!