N/A

An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue.

N/A

N/A

SmartMesh smart contract 数字错误漏洞

SmartMesh（SMT）是一个基于区块链的物联网底层协议，定位于无网通讯、无网支付等领域。smart contract是其中的一个智能合约。 SmartMesh中的smart contract实现的‘transferProxy’函数存在整数溢出漏洞。攻击者可借助特制的‘_fee and _value’参数利用该漏洞增加数字资产。

N/A

N/A