awesome-buggy-erc20-tokens - A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

  •        1

ERC20 Token specification has gone through challenges and improvements during its growth. Lots of critical security issues have been revealed, some of which have led to severe financial losses [2-11] for developers, investors, even Ethereum community as well. On June 18th, 2016, the DAO hack caused a total loss of over 3,600,000 ethers(ETH) worth over a billion dollars, and the Ethereum hard-fork afterwards led to the Ethereum community breaking apart [2].

https://secbit.io
https://github.com/sec-bit/awesome-buggy-erc20-tokens

Tags
Implementation
License
Platform

   




Related Projects

tokens - Directory of ERC20 token images. Upload yours to get displayed in the Trust Wallet

  •    Javascript

Directory of ERC20 token images. Upload yours to get displayed in the Trust Wallet

ERC223-token-standard - ERC223 token standard reference implementation.

  •    

ERC20 token standard suffers critical problems, that caused loss of approximately $3,000,000 at the moment (31 Dec, 2017). The main and the most important is lack of event handling mechanism of ERC20 standard. ERC223 is a superset of the ERC20 token standard. It is a step forward towards economic abstraction at the application/contract level allowing the use of tokens as first class value transfer assets in smart contract development. It is also a more safe standard as it doesn't allow token transfers to contracts that don't support token receiving and handling.

openzeppelin-solidity - OpenZeppelin is a library for secure smart contract development

  •    Javascript

OpenZeppelin is a library for secure smart contract development. It provides implementations of standards like ERC20 and ERC721 which you can deploy as-is or extend to suit your needs, as well as Solidity components to build custom contracts and more complex decentralized systems. To write your custom contracts, import ours and extend them through inheritance.

Tokens - Ethereum Token Contracts

  •    Javascript

This repo contains Solidity smart contract code for simple, standards-compliant tokens on Ethereum. Adhering to standards allows other contract developers to easily incorporate your token into their applications. The repo currently implements EIP20 tokens, and more may be added in the future.

awesome-solidity - :small_blue_diamond: A curated list of awesome Solidity resources, libraries, tools and more

  •    Shell

A curated list of awesome Solidity resources, libraries, tools and more. Please check the contribution guidelines for info on formatting and writing pull requests.


Issue-your-own-ERC20-token - Tutorial of how to issue your own Ethereum ERC20 Token!

  •    

This tutorial will take you through the steps of issuing your first ERC20 token on the Ethereum network using a single smart contract and MyEtherWallet.

mythril-classic - Mythril Classic: Security analysis tool for Ethereum smart contracts

  •    Python

Mythril Classic is an open-source security analysis tool for Ethereum smart contracts. It uses concolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. If you a smart contract developer who wants convenience and comprehensive results, you should be using MythX, our next-gen smart contract security API that integrates with Truffle Framework and other development environments.

mythril - Security analysis tool for Ethereum smart contracts

  •    Python

Mythril is a security analysis tool for Ethereum smart contracts. It uses concolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. See the Wiki for more detailed instructions.

Waves - Blockchain platform

  •    Scala

Waves is an open-source blockchain platform, that allows users to launch their own custom cryptocurrency tokens. Whilst popular cryptocurrencies such as Bitcoin and Ethereum can be traded on external exchanges, and Ethereum allows users to create new tokens on the platform using a smart contract, Waves includes this functionality in its core software and wallet. Users can create, transfer and exchange blockchain tokens on a peer-to-peer basis, paying transaction fees in the native WAVES token.

Solium - Linter to identify and fix style & security issues in Solidity

  •    Javascript

Solium analyzes your Solidity code for style & security issues and fixes them. To know which lint rules Solium applies for you, see Style rules and Security rules.

awesome-web-security - 🐶 A curated list of Web Security materials and resources.

  •    

🐶 Curated list of Web Security materials and resources.Needless to say, most of websites on-line are suffered from various type of bugs, which might eventually lead to vulnerabilities. Why would this happen so often? Many factors can be involved, including misconfiguration, shortage of engineers' security skills, and etc. Therefore, here is the curated list of Web Security materials and resources for learning the cutting edge penetrating techniques.

minime - Minimi Token. ERC20 compatible clonable token

  •    Javascript

Anybody can create a new clone token from any token using this contract with an initial distribution identical to the original token at a specified block. The address calling the createCloneToken function will become the token controller and the token's default settings can be specified in the function call. Once the clone token is created, it acts as a completely independent token, with it's own unique functionalities.

token-wizard - A DApp to create token and crowdsale campaigns (ICO, TGE) on Ethereum compatible networks using open source Wizard

  •    Javascript

ICO tools should be available for non-coders for free. Raising funds from a crowd is our basic human right. Token Wizard is a tool to create token and crowdsale contracts in five simple steps. Wizard is based on TokenMarket contracts. Wizard is baked how we like it: decentralized, client side, serverless, open source, free, awesome.

OpenZeppelin - A Framework to build secure smart contracts on Ethereum

  •    Javascript

OpenZeppelin is a library for writing secure Smart Contracts on Ethereum. With OpenZeppelin, you can build distributed applications, protocols and organizations. It is meant to provide secure, tested and audited code to enable the new generation of distributed applications, protocols and organizations. OpenZeppelin is a community effort to reduce the hurdle to develop and use them.

awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things

  •    

A collection of awesome penetration testing resources. Penetration testing is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities.

augur-core - Augur back-end (Ethereum contracts)

  •    TypeScript

Smart contracts for Augur, a decentralized prediction market platform on the Ethereum blockchain. Note: on macOS, you need to use virtualenv or homebrew Python to work around System Integrity Protection.

awesome-linux - :penguin: A list of awesome projects and resources that make Linux even more awesome

  •    

We all know that Linux is awesome, but here's a list of especially awesome things related to the Linux ecosystem. You might also want to check awesome-c, awesome-shell, awesome-sysadmin, and awesome-security.

BlockchainStore - :moneybag: Retail Store that runs on Ethereum

  •    TypeScript

It is written in Solidity and represents a retail store. It supports customer and product registrations. Every registered customer owns a shopping cart to collect products before checking out.