Bitcoin Forum>Alternate cryptocurrencies>Marketplace (Altcoins)>Bounties (Altcoins)
Author

Topic: Result of the Cointed (CTD) Token Bug Bounty program (Read 253 times)

cointed_official
member
Activity: 154
Merit: 10
Cointed - The future of money
Result of the Cointed (CTD) Token Bug Bounty program
October 22, 2017, 11:03:42 AM
#1

Result of the Cointed (CTD) Token Bug Bounty program

Dear Issue reporters,
   
We want to thank everyone who contributed in the CTD smart contract Bug Bounty program.
Before Cointed published the CTD smart contract for public review, we had already charged the independent Swiss IT security company ChainSecurity with auditing the CTD smart contract. No serious bugs were found during this review. The public audit document of this review can be found here.
For the sake of transparency and impartiality, Cointed also charged ChainSecurity with the task to assess the severity of all issues reported as a result of the CTD Bug Bounty program.

The final result of the review is as follows:
Neither Cointed, nor ChainSecurity were able to find any “bug” in the issues, which have been reported.
Despite the fact that none of the reported issues represented what could be considered a “bug”, we still decided to change the contract’s code based on certain reports, because we care about deploying the most beautiful and clean code possible.
As a Thank-You for their work, we decided to compensate the issue reporters who suggested these changes anyway. The following issues have influenced the latest changes to the smart contract:

#5 by merlox: Overflowing issues and related ( … 3 issues )
… Cointed’s Thank-You: 2 ETH

#2 & #3 by pauliax: function Approve in StandardToken.sol & Mark functions with a specific access level ( … 2 issues )
… Cointed’s Thank-You: 1 ETH

#4 by codingupastorm: Constructor sets owner twice ( 1 issue )
… Cointed’s Thank-You: 0.5 ETH

Further explanations have been posted as comments in the code.
With these changes, the code has now been deployed successfully. The full CTD smart contract can be found here.
The changes are also documented in the latest ChainSecurity public report found above.

The aforementioned Bountyhunters have two options to inform us of their ETH wallet address:
1.   Posting their ETH wallet address as a comment in the GitHub thread here
2.   Sending their ETH wallet address as a plaintext email to [email protected] and posting the SHA256 hash of the content in the GitHub thread

A big Thank-You again to all participants from the whole Cointed IT department!
Bitcoin Forum>Alternate cryptocurrencies>Marketplace (Altcoins)>Bounties (Altcoins)
Jump to: