Iconic’s token is NOT subject to the massive vulnerability that hit various tokens and contracts
As recently published, it was found a very serious vulnerability on several token smart contracts that allowed an attacker to move large quantity of funds to any account without having any right to this funds previously. The bug was found and documented here.
To summarize and make it simple, the bug consisted in exploiting the math of the smart contract by making a simple math operation to perform in an unexpected way by making the operation extrapolate the available memory allocated to it.
Thanks to the time we spent in research prior to publishing our smart contract, we can say it is safe and not subject to the failure described.
Our NIC uses a library called “safe math”, which is used everytime the contract needs to make any math operation. With the “safe math”, we can prevent any kind of overflow in operations with numbers, therefore preventing our contract to behave in unexpected ways whenever this operations may occur.
Blockchain is still teaching us a lot of lessons. One of the most relevant: as we don’t have opportunities to change things in blockchain, dapps must be thought and tested carefully.