Author

Topic: Bug bounty by Storiqa.com (Read 314 times)

full member
Activity: 363
Merit: 101
Anna Karbysheva
September 15, 2017, 07:17:54 AM
#1
Automatic bug bounty for `multiowned` base contract

Multi-signature wallet is deployed at 0xb5f4651540ae4ad3a5c2a89b0d14eb06df886745 where you can see the wallet code. Balance is 10 Ether. Feel free to search for and exploit any security vulnerabilities in this code and capture by your own hand 10 ether stored in the wallet. That's why this bug bounty is completely automatic and dispute-free.

About multiowned contract. My objective was to create a general-purpose base class contract which provides multi-signature ownership control to any ethereum contract: token, crowdsale, wallet, etc. I enhanced a bit, audited, refactored and tested a part of existing solution which is credited in comments. I like this solution because it's general-purpose and user-friendly: sign any action is as easy as execute desired function in GUI with proper parameters. I considered gnosis multi-signature implementation, but found it inconvenient for the task at hand: it's wallet-centered and you have to pack data of transactions (for submitTransaction) manually. Plus, when confirming transaction (confirmTransaction) you see only transactionId which tells you nothing about action you are about to sign. Have't found any other decent implementation of multi-signature ownership control.

Bug bounty is open for a couple of weeks.



Jump to: