Security Update: AirToken ERC20 Contract is Safe from “batchOverflow” Exploit
On April 22, an exploit was discovered in certain ERC20 contracts, as outlined in this Medium post. Airfox’s AirToken smart contract is unaffected by this exploit.
Known as “batchOverflow”, this exploit affects contracts that implement a certain “batchTransfer” convenience function that allows transferring the same amount to multiple addresses in the same transaction.
The AirToken contract does not implement the batchTransfer function, and we are not affected. There is no cause for alarm. Additionally, our code passed a security audit by Hosho before it was deployed, and no issues were discovered.