
Why you should verify the tokens you own: Deep dive into hacked ERC20 contracts - ksaitor
https://cryptojobslist.com/blog/two-vulnerable-erc20-contracts-deep-dive-beautychain-smartmesh
======
dopetard
This is case of substandard programming. Ethereum’s solidity tutorial has
clear instructions for avoiding integer overflow and underflow bugs. Third
party contract audit should be defacto standard for token roadmaps.

------
ksaitor
Hi HN,

This week trading on several tokens got halted due to discovered & exploited
vulnerabilities in two smart contracts. One of them lost about 90% of its
value… and another one lost 26% - $40,000,000 in market cap.

We wanted to focus more on the technical analysis of the situation to shed
some light on common vulnerabilities that still abound.

Would love your feedback, since we got some mixed reviews on whether we did a
correct technical judgment of one of the contracts. Especially of the SMT
token.

~~~
readbyhumans
it's pretty scary how many newbies to programming think they could charge
money for consulting on Solidity projects. Which creates this massive bounty
opportunity.

Especially for those with C/C++ experience, this must be a lot of fun

