On Friday May 18th, NEO released a statement informing that a vulnerability had been discovered in a number of NEP-5 smart contracts. The statement can be found here.
The below is a collection of updates from NEO ecosystem projects informing the community on their status in relation to the vulnerability.
This list will be updated as more information becomes available.
Last update – 4:39am (UTC + 0), May 23rd, 2018
“The tech team have already tested the deployed BCS smart contract on testnet. They found that BCS does not have any of the security problems mentioned above.”
“Our team wants to reiterate, all IAM tokens are safe. No wallets or transactions are impacted and users can transact and hold IAM tokens without fear.”
“Our analysis has shown that DBC will not be affected by this vulnerability.”
“Narrative confidently states that the NRVE NEP-5 token smart contract is unaffected by the vulnerability.”
“ONT holder accounts are safe and are not affected by the attack.”
Phantasma told NEO News Today – “Phantasma will deploy the smart contract with NEP5 token support before the sale, and the contract was audited by Red4Sec and the storage vulnerability does not affect it”
“QLC holders and their accounts are safe and sound.”
“We at Quarteria are very pleased to announce that our source code is, in fact, safe as per detailed review with NEO GD.”
“All RPX tokens are safe. No wallets or transactions are impacted now and in the future, and users can continue to transact and hold RPX without issue.”
“All the TKY tokens are safe now. No wallets or transactions are being affected or has been affected, and users can continue trading without any additional action.”
“Travala.com and the AVA NEP-5 token smart contract is unaffected by the storage injection vulnerability.”
“TNC holders shall have no concern over the security of TNC.”
“The behaviors in this statement have no impact to #ZPT holders. We are safe.”