Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
ryzhak2018-06-08 19:14:50
blockchain
ryzhak, 2018-06-08 19:14:50

Does anyone see a vulnerability in this smart contract?

Hello. There is a solidity smart contract for Ethereum. Task: find a vulnerability.

contract SimpleToken{
    mapping(address => uint) public balances;
    
    /// Buy token at the price of 1ETH/token.
    function buyToken() payable {
        balances[msg.sender]+=msg.value / 1 ether;
    }
    
    /** 
     *  @dev Send token.
     *  @param _recipient The recipient.
     *  @param _amount The amount to send.
     */
    function sendToken(address _recipient, uint _amount) {
        require(balances[msg.sender]!=0); // You must have some tokens.
        
        balances[msg.sender]-=_amount;
        balances[_recipient]+=_amount;
    }
    
}

Thanks in advance

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vyacheslav, 2018-06-09
@ryzhak

I would check like this: require(balances[msg.sender]>=_amount);
Because the sender, in theory, could send more than he has, if he has at least some coins.

Similar questions
W
wwwx3m2019-12-17 10:57:16
Is set.has(value) possible under given conditions? 2Reply
A
AliasNameless2019-04-26 13:48:29
How does a bitcoin client look for other participants on the network? 0Reply
B
Babay2019-06-20 07:38:29
How to start learning blockchain? 1Reply
A
aarifkhamdi2021-03-02 09:57:27
What are the blockchain entry books? 1Reply
A
Artur Kranz2019-08-26 16:34:05
Is it possible to display the balance of a smart contract on the site? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question