Here is the report of the ChainLink Token (LINK) security audit performed by the Callisto Network security department in April 2019.
About Callisto Network and the security department:
Utilizing Callisto Network capabilities, we have established a free-for-all system of smart-contracts auditing, to this end, Callisto Network has founded the Callisto security department and deploys treasury funds to pay security auditors for auditing smart-contracts, to reduce risk/flaw in smart-contracts and improve the adoption of programmable blockchains for the whole crypto industry.
ChainLink (LINK) Specificities :
Deployed at :
Number of lines:
ChainLink (LINK) Security Audit Report
Symbol : LINK Name : ChainLink Token Total supply: 1,000,000,000 Decimals : 18 Standard : ERC677
2. In scope
In total, 2 issues were reported including:
- 2 low severity issues.
No critical security issues were found.
3.1. Known vulnerabilities of ERC-20 token
- It is possible to double withdrawal attack. More details here.
- Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here.
Add the following code to the
transfer(_to address, ...) function:
require( _to != address(this) );
3.2. No zero address checking
transfer(Line 81) and
transferFrom(Line 118) there are no zero address checking.
The audited smart contract can be deployed. Only low severity issues were found during the audit.