Awesome Buggy ERC20 Tokens / Navigation |
| bad_tokens.all.csv | | | Visit for a summary of all Token contracts affected |
| bad_tokens.top.csv | | | Visit for a summary of top ranking Token contracts affected |
| ERC20_token_issue_list.md | | | Visit for a detailed description of all bugs and Token contracts affected |
Awesome Buggy ERC20 Tokens / Recent Updates |
| 2018-08-13, AGC, a25-constructor-naming-error | | | |
| 2018-07-31, AMORCOIN, a24-getToken-anyone | | | |
| 2018-07-25, OPL, a23-fake-burn | | | |
| 2018-07-14, MDOT, a22-constructor-mistyping | | | |
| 2018-07-08, AMMBR, a1-batchtransfer-overflow | | | |
| 2018-06-25, TFD, a16-custom-call-abuse | | | |
| 2018-06-20, ATN, a15-custom-fallback-bypass-ds-auth | | | |
| 2018-06-22, MORPH, a14-constructor-case-insensitive | | | |
| 2018-06-16, ICX, a11-pausetransfer-anyone | | | |
| 2018-06-12, PKT, a8-excess-mint-token-by-overflow | | | |
| 2018-06-08, ITC, b1-transfer-no-return | | | |
Awesome Buggy ERC20 Tokens / Problems in ERC20 Token Contracts / One Solution: Collecting Buggy Token Contracts |
| [16] | | | excessive authorities of Token administrators |
Awesome Buggy ERC20 Tokens / Repo Structure |
| token_dict.json | | | lists addresses and basic info of ERC20 contracts collected by |
| token_detail_dict.json | | | lists addresses and detailed info of ERC20 contracts collected by |
| ERC20_token_issue_list.md | | | lists detailed descriptions of known bugs |
| issues.json | | | maps between known bugs and indexes |
| bad_tokens.all.csv | | | along with are lists of all buggy Token contracts in CSV and JSON formats |
| bad_tokens.top.csv | | | along with are lists of top ranking buggy Token contracts in CSV and JSON formats |
| raw/ | | | , and list all known bugs and addresses of affected contracts in formats of plain text, CSV and JSON |
| gen_token_detail_dict.py | | | is a script to update |
| gen_list_from_raw.py | | | is a script to generate and lists above |
Awesome Buggy ERC20 Tokens / How to Contribute |
| ERC20_token_issue_list.md | | | Add the name and description of the bug with reference to |
| raw | | | Create a new file with the bug name in directory and fill in the address of affected contracts |
| issues.json | | | Add the name and index of the new bug to |
Awesome Buggy ERC20 Tokens / Technical Partnership |
| https://loopring.io/ | | | Loopring |
| https://dex.top/ | | | DEx.top |
| https://consensys.net/ | | | ConsenSys China |
| https://www.chaitin.cn/ | | | Chaitin Tech |
Awesome Buggy ERC20 Tokens / References |
| ERC-20 Token Standard | 12,841 | 12 days ago | [1] , Nov 19, 2015 |
| Understanding The DAO Hack for Journalists | | | [2] , Jun 19, 2016 |
| A disastrous vulnerability found in smart contracts of BeautyChain (BEC) | | | [3] , Apr 23, 2018 |
| SmartMesh Announcement on Ethereum Smart Contract Overflow Vulnerability | | | [4] |
| SECBIT: 智能合约红色预警:四个Token惊爆逻辑漏洞,归零风险或源于代码复制 | | | [5] , May 24, 2018 |
| SECBIT: 围观!81个智能合约惊现同一漏洞,是巧合?还是另有玄机? | | | [6] , Jun 3, 2018 |
| Tsinghua-360 Research Center of Enterprise Security: ERC20智能合约整数溢出系列漏洞披露 | | | [7] , Jun 12, 2018 |
| ChainDD: 【得得预警】ERC20智能合约又现大量整数溢出漏洞 | | | [8] , Jun 12, 2018 |
| Alert! Another integer overflow vulnerability just found in HXG smart contract | | | [9] , May 19, 2018 |
| UselessEthereumToken(UET), ERC20 token, allows attackers to steal all victim’s balances (CVE-2018–10468) | | | [10] , May 3, 2018 |
| Bugged Smart Contract FuturXE: How Could Someone Mess up with Boolean? (CVE-2018–12025) | | | [11] , Jun 6, 2018 |
| An Incompatibility in Ethereum Smart Contract Threatening dApp Ecosystem | | | [12] , Jun 8, 2018 |
| Redundant Check in ERC20 Smart Contracts’ approve() | | | [13] , Jun 15, 2018 |
| token-erc20: add event Approval to follow eip20 | 409 | over 3 years ago | [14] |
| DASP - Top 10 of 2018 | | | [15] |
| PeckShield: Highly-Manipulatable ERC20 Tokens Identified in Multiple Top Exchanges | | | [16] , Jun 9, 2018 |
| A guide to smart contract security best practices | 7,476 | 3 months ago | [17] |
| OpenZeppelin, a framework to build secure smart contracts on Ethereum | 24,807 | 3 days ago | [18] |
| 360 0KEE Team: 以太坊智能合约Hexagon存在溢出漏洞 | | | [19] , May 18, 2018 |
| SlowMist:ATN 披露特殊场景下的以太坊合约重大漏洞 | | | [20] , Jun 20, 2018 |
| BCSEC: 一些智能合约存在笔误,一个字母可造成代币千万市值蒸发! | | | [21] , Jun 22, 2018 |
| LianAn:小心!智能合约再爆高危漏洞,两大加密货币直接变废纸! | | | [22] , Jun 6, 2018 |
| PeckShield: New allowAnyone Bug Identified in Multiple ERC20 Smart Contracts | | | [23] , May 23, 2018 |
awesome-buggy-erc20-tokens 
offciercia/defi-developer-road-map
crytic/awesome-ethereum-security
saeidshirazi/awesome-smart-contract-security
kareniel/awesome-evm-security