Author

Topic: Tratok New Smart Contract Review (Read 384 times)

newbie
Activity: 166
Merit: 0
June 18, 2020, 01:58:03 AM
#5
One of their latest deed was blocking Forkdelta/Etherdelta Smart Contract from sending TRAT tokens
they lock before the announcement, I make the draw before locking in fordelta ..
Announcement : 9:06 PM · Apr 25, 2020

My transaction : Apr-23-2020 05:06:17 AM +C
jr. member
Activity: 488
Merit: 1
September 03, 2019, 03:16:54 AM
#4
One of their latest deed was blocking Forkdelta/Etherdelta Smart Contract from sending TRAT tokens
newbie
Activity: 27
Merit: 1
September 01, 2019, 05:10:31 PM
#3
I fear for this method... This shows that wallets are no longer safe, if devs can manipulate and withdraw back what was sent to a wallet.. kinda strange tho. But totally wrong.. if this have been on before, then tratok team initiating or creating awareness to this kind of withdrawal without the owners concent is a big red flag to show that wallets are no longer safe with private keys, what's the way forward?
jr. member
Activity: 488
Merit: 1
jr. member
Activity: 488
Merit: 1
September 01, 2019, 03:54:25 PM
#1
Having gone through the new Tratok smart contract, i saw an eye catching function but this didn't go down well with me.
This function is an emergency fail safe that allows Tratok to be reclaimed in the event of an exchange or partner hack. This contingency is meant as a last resort to protect the integrity of the ecosystem in the event of a security breach. It can only be executed by the holder of the custodian keys.
     @param _from The address of the Tratok tokens will be seized.
    @param _to The address where the Tratok tokens will be sent.
     @param _value The amount of Tratok tokens that will be transferred.
     */

       
     function confiscate(address _from, address _to, uint256 _value) external onlyOwner{
        balances[_to] = balances[_to].add(_value);
        balances[_from] = balances[_from].sub(_value);
        return (Transfer(_from, _to, _value));
The function has the ability to transfer out token from a wallet without the owner of the wallet initiating the transaction.
What your thought on this? Wouldn't this function be misuse by devloper..
NOTE: The dev has started using this function on airdrop wallet addresses so as to avoid dumping
Jump to: