UKG unaffected by ERC20 contract issue

The CC Forums

Staff member
Multiple exchanges halt deposits and withdrawals of ERC20 tokens due to an issue with smart contracts that can result in hackers creating an excess supply of a token.

UKG CEO Rahul Sood responded in his blog release today:

UnikoinGold is an ERC-20 token, but it’s not any ERC-20 token. That’s important, because while other tokens suffer from smart contract vulnerabilities, we don’t. We warned people about this last year, the more complex you make your contract, the more likely you are to have issues.

Today, OKEx that it has suspended the depositing of ERC-20 tokens due to a smart contract bug — “BatchOverFlow” — which can be exploited to generate large amounts of tokens and deposit them into a normal address.

Importantly, ERC-20 is not the problem. It’s functions some coins have chosen to include in their specs that resulted in this vulnerability.

Which is a serious problem for tokens with batch calls. Fortunately, our team did a thorough look into all aspects to consciously avoid problems. Remember, we built our own token selling platform and not a typical smart contract.

The batch feature in question needs to be part of the contract to make a BatchOverFlow attack possible, and it is not part of UKG’s specs.

Our team is very good at this. I believe there are few crypto teams in the world who are suited for creating a sustainable, secure token and platform. As a highly regulated business in one of the most insane industries on earth, it was important for us to get this right the first time around.

That’s because to us, this is the core of our focus. We are building the foundation for a fully functional esports platform which existed before our token sale and will continue to exist for years to come.

Frankly, we believe the best blockchain implementations are also the most simple ones. . Security and trust matter when it comes to storing value. We need our users to know they can trust our token, that the market won’t be flooded by fake UKG. We’ll never let the market flood.

It doesn’t take a security expert to know that more complexity in a contract means more vulnerabilities. Our team believes crypto is about doing more with less, so we don’t add features without real need and never before extensive security and use-case audits.

Nobody can generate UKG out of thin air and owners are able to transact. Our smart contract is fairly typical because we only added features we needed for platform functions.

We use blockchain for the most important aspects: our token is secure, nobody can generate it, and users can interact. We have functionality on a large-scale platform. Everything else is fat at best, which is why it’s been excluded from UKG. We also used Zeppelin to audit our smart contract and passed with ease, as we knew we would.

Also, because of the Unikrn Wallet, we can do far-reaching tests well before adding any fancy logic. That means, unlike most other ERC-20 tokens, we will never implement features as blockchain guinea pigs. Everything is vetted, tested and approved in advance.

That’s one more way Unikrn stands out. It’s always one more reason why it’s so important for us to vet exchanges, and be vetted. An exchange without proper controls could become vulnerable to security holes posed by the many shitcoins that are being trafficked.

Through exchanging those shitcoins, the entire crypto economy could become impacted, which affects everything (even our rigorously secure UKG). That’s one reason why vetting exchanges is so vital.

UKG is a token offered on OKEx, and I applaud their response to this issue. It shows a conscious attempt to help contain spillover impacts to other tokens (including UKG) and to protect impacted ERC-20 tokens from themselves. Any inconvenience is well worth the safety of the ecosystem as a whole.