Audit Gives Binance-Listed ERC20 Tokens Clean Bill of Health from ‘batchOverflow’ Bug

Smart contract security firm Quantstamp has given Binance-listed ERC20 tokens a clean bill of health after conducting an audit to determine whether any of the exchange’s listed assets were subject to the recently-discovered batchOverflow and proxyOverflow vulnerabilities.

Quantstam released its audit report in late April, confirming that no ERC20 token currently listed on Binance — the world’s largest cryptocurrency exchange — is subject to the vulnerabilities, which allow attackers to essentially print tokens out of thin air.

“Quantstamp shares Binance’s safety-first philosophy in protecting their customers and supports the exchange’s ambitions to create the gold standard in security for the mass adoption of digital currencies, said Richard Ma, CEO of Quantstamp. “In light of the recent vulnerabilities, we are proud to have assisted Binance in its mission to help protect their token holders and the wider Ethereum community.”

As CCN reported, the vulnerability is believed by researchers to affect about a dozen tokens, whose developers utilized a function — batchTransfer — that was not included in the ERC20 token standard.

Attackers were able to exploit the function with a type of integer overflow error, which essentially means that they attempted to store more data in a variable than its data type would allow. Since the contracts did not have a provision to prevent this occurrence, the attackers successfully created an additional supply of tokens far in excess of the token’s original supply…

Read Full: Audit Gives Binance-Listed ERC20 Tokens Clean Bill of Health from ‘batchOverflow’ Bug