There are common attacks which need closer attention when building smart contracts. A series of measures was taken into account to avoid these common attacks.
This attack is mitigated by performing internal work first and then call external contracts.
(Similar to above) This attack is mitigated by performing internal work first and then call external contracts.
This attack is not an issue to this project. Therefore, the intervention of the miners on the order of the transactions is an important issue to take into account for the future improvements on this project.
Timestamps of blocks can be manipulated by the miner.
This project uses block.timestamp to know when Entry or Submission was added. It can tolerate 30 second window.
This project use SafeMath from OpenZeppelin library which has math operations with safety checks that throw on error.
In this project it is used pull payments pattern to avoid these DoS attacks.
In this project it is not used the contract balance.
Simple programming mistakes can cause the contract to behave differently to its stated rules, especially on 'edge cases'.
In this project this attack is mitigated by:
- Running tests against the contracts
- Following Solidity coding standards and general coding best practices for safety-critical software
- Avoiding overly complex rules (even at the cost of some functionality) or complicated implementation (even at the cost of some gas)
In this project contracts do not rely on any secret information.
In this project it is not used the tx.origin.