initial commit

data/CVE/2018-13071.sol

@@ -0,0 +1,231 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-11-18
+*/
+
+//ERC20 Token
+pragma solidity ^0.4.17;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = "T10 1.0";
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /*************************************************/
+    mapping(address=>uint256) public indexes;
+    mapping(uint256=>address) public addresses;
+    uint256 public lastIndex = 0;
+    /*************************************************/
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+        /*****************************************/
+        addresses[1] = msg.sender;
+        indexes[msg.sender] = 1;
+        lastIndex = 1;
+        /*****************************************/
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts _ to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract CCindexToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping(address=>bool) public frozenAccount;
+
+
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    uint256 public constant initialSupply = 40000000 * 10**18;
+    uint8 public constant decimalUnits = 18;
+    string public tokenName = "CCindex10";
+    string public tokenSymbol = "T10";
+    function CCindexToken() token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+     /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        // if(!canHolderTransfer()) throw;
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+        if(_value > 0){
+            if(balanceOf[msg.sender] == 0){
+                addresses[indexes[msg.sender]] = addresses[lastIndex];
+                indexes[addresses[lastIndex]] = indexes[msg.sender];
+                indexes[msg.sender] = 0;
+                delete addresses[lastIndex];
+                lastIndex--;
+            }
+            if(indexes[_to]==0){
+                lastIndex++;
+                addresses[lastIndex] = _to;
+                indexes[_to] = lastIndex;
+            }
+        }
+    }
+
+    function getAddresses() constant returns (address[]){
+        address[] memory addrs = new address[](lastIndex);
+        for(uint i = 0; i < lastIndex; i++){
+            addrs[i] = addresses[i+1];
+        }
+        return addrs;
+    }
+
+    function distributeTokens(uint startIndex,uint endIndex) onlyOwner returns (uint) {
+        // if(balanceOf[owner] < _amount) throw;
+        uint distributed = 0;
+        require(startIndex < endIndex);
+
+        for(uint i = startIndex; i < lastIndex; i++){
+            address holder = addresses[i+1];
+            uint reward = balanceOf[holder] * 3 / 100;
+            balanceOf[holder] += reward;
+            distributed += reward;
+            Transfer(0, holder, reward);
+        }
+
+        // balanceOf[owner] -= distributed;
+        totalSupply += distributed;
+        return distributed;
+    }
+
+    /************************************************************************/
+
+    /************************************************************************/
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }
+    }
+}

data/CVE_clean/2018-13071.sol

@@ -0,0 +1,171 @@
+pragma solidity ^0.4.17;
+contract owned {
+    address public owner;
+    function owned() {
+        owner = msg.sender;
+    }
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+contract token {
+    string public standard = "T10 1.0";
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+    mapping(address=>uint256) public indexes;
+    mapping(uint256=>address) public addresses;
+    uint256 public lastIndex = 0;
+    event Transfer(address indexed from, address indexed to, uint256 value);
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              
+        totalSupply = initialSupply;                        
+        name = tokenName;                                   
+        symbol = tokenSymbol;                               
+        decimals = decimalUnits;                            
+        addresses[1] = msg.sender;
+        indexes[msg.sender] = 1;
+        lastIndex = 1;
+    }
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; 
+        balanceOf[msg.sender] -= _value;                     
+        balanceOf[_to] += _value;                            
+        Transfer(msg.sender, _to, _value);                   
+    }
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  
+        if (_value > allowance[_from][msg.sender]) throw;   
+        balanceOf[_from] -= _value;                          
+        balanceOf[_to] += _value;                            
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+    function () {
+        throw;     
+    }
+}
+contract CCindexToken is owned, token {
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+    mapping(address=>bool) public frozenAccount;
+    event FrozenFunds(address target, bool frozen);
+    uint256 public constant initialSupply = 40000000 * 10**18;
+    uint8 public constant decimalUnits = 18;
+    string public tokenName = "CCindex10";
+    string public tokenSymbol = "T10";
+    function CCindexToken() token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; 
+        if (frozenAccount[msg.sender]) throw;                
+        balanceOf[msg.sender] -= _value;                     
+        balanceOf[_to] += _value;                            
+        Transfer(msg.sender, _to, _value);                   
+        if(_value > 0){
+            if(balanceOf[msg.sender] == 0){
+                addresses[indexes[msg.sender]] = addresses[lastIndex];
+                indexes[addresses[lastIndex]] = indexes[msg.sender];
+                indexes[msg.sender] = 0;
+                delete addresses[lastIndex];
+                lastIndex--;
+            }
+            if(indexes[_to]==0){
+                lastIndex++;
+                addresses[lastIndex] = _to;
+                indexes[_to] = lastIndex;
+            }
+        }
+    }
+    function getAddresses() constant returns (address[]){
+        address[] memory addrs = new address[](lastIndex);
+        for(uint i = 0; i < lastIndex; i++){
+            addrs[i] = addresses[i+1];
+        }
+        return addrs;
+    }
+    function distributeTokens(uint startIndex,uint endIndex) onlyOwner returns (uint) {
+        uint distributed = 0;
+        require(startIndex < endIndex);
+        for(uint i = startIndex; i < lastIndex; i++){
+            address holder = addresses[i+1];
+            uint reward = balanceOf[holder] * 3 / 100;
+            balanceOf[holder] += reward;
+            distributed += reward;
+            Transfer(0, holder, reward);
+        }
+        totalSupply += distributed;
+        return distributed;
+    }
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        
+        if (balanceOf[_from] < _value) throw;                 
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  
+        if (_value > allowance[_from][msg.sender]) throw;   
+        balanceOf[_from] -= _value;                          
+        balanceOf[_to] += _value;                            
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                
+        if (balanceOf[this] < amount) throw;               
+        balanceOf[msg.sender] += amount;                   
+        balanceOf[this] -= amount;                         
+        Transfer(this, msg.sender, amount);                
+    }
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        
+        balanceOf[this] += amount;                         
+        balanceOf[msg.sender] -= amount;                   
+        if (!msg.sender.send(amount * sellPrice)) {        
+            throw;                                         
+        } else {
+            Transfer(msg.sender, this, amount);            
+        }
+    }
+}

data/CVE_label/CVE2label.json

@@ -0,0 +1,21 @@
+{
+  "CVE-2018-10299": "Integer Overflow",
+  "CVE-2018-10376": "Integer Overflow",
+  "CVE-2018-11335": "Integer Overflow",
+  "CVE-2018-13836": "Integer Overflow",
+  "CVE-2018-17882": "Integer Overflow",
+  "CVE-2018-10468": "Wrong Logic",
+  "CVE-2018-11411": "Wrong Logic",
+  "CVE-2018-12025": "Wrong Logic",
+  "CVE-2021-3004": "Wrong Logic",
+  "CVE-2018-15552": "Bad Randomness",
+  "CVE-2018-14715": "Bad Randomness",
+  "CVE-2018-17877": "Bad Randomness",
+  "CVE-2018-10666": "Access Control",
+  "CVE-2018-10705": "Access Control",
+  "CVE-2018-19830": "Access Control",
+  "CVE-2019-15078": "Typo Constructor",
+  "CVE-2019-15079": "Typo Constructor",
+  "CVE-2019-15080": "Typo Constructor",
+  "CVE-2018-18425": "Token Devalue"
+}

data_full/CVE/2018-10299.sol

@@ -0,0 +1,299 @@
+pragma solidity ^0.4.16;
+
+/**
+ * @title SafeMath
+ * @dev Math operations with safety checks that throw on error
+ */
+library SafeMath {
+  function mul(uint256 a, uint256 b) internal constant returns (uint256) {
+    uint256 c = a * b;
+    assert(a == 0 || c / a == b);
+    return c;
+  }
+
+  function div(uint256 a, uint256 b) internal constant returns (uint256) {
+    // assert(b > 0); // Solidity automatically throws when dividing by 0
+    uint256 c = a / b;
+    // assert(a == b * c + a % b); // There is no case in which this doesn't hold
+    return c;
+  }
+
+  function sub(uint256 a, uint256 b) internal constant returns (uint256) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  function add(uint256 a, uint256 b) internal constant returns (uint256) {
+    uint256 c = a + b;
+    assert(c >= a);
+    return c;
+  }
+}
+
+/**
+ * @title ERC20Basic
+ * @dev Simpler version of ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/179
+ */
+contract ERC20Basic {
+  uint256 public totalSupply;
+  function balanceOf(address who) public constant returns (uint256);
+  function transfer(address to, uint256 value) public returns (bool);
+  event Transfer(address indexed from, address indexed to, uint256 value);
+}
+
+/**
+ * @title Basic token
+ * @dev Basic version of StandardToken, with no allowances.
+ */
+contract BasicToken is ERC20Basic {
+  using SafeMath for uint256;
+
+  mapping(address => uint256) balances;
+
+  /**
+  * @dev transfer token for a specified address
+  * @param _to The address to transfer to.
+  * @param _value The amount to be transferred.
+  */
+  function transfer(address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value > 0 && _value <= balances[msg.sender]);
+
+    // SafeMath.sub will throw if there is not enough balance.
+    balances[msg.sender] = balances[msg.sender].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    Transfer(msg.sender, _to, _value);
+    return true;
+  }
+
+  /**
+  * @dev Gets the balance of the specified address.
+  * @param _owner The address to query the the balance of.
+  * @return An uint256 representing the amount owned by the passed address.
+  */
+  function balanceOf(address _owner) public constant returns (uint256 balance) {
+    return balances[_owner];
+  }
+}
+
+/**
+ * @title ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/20
+ */
+contract ERC20 is ERC20Basic {
+  function allowance(address owner, address spender) public constant returns (uint256);
+  function transferFrom(address from, address to, uint256 value) public returns (bool);
+  function approve(address spender, uint256 value) public returns (bool);
+  event Approval(address indexed owner, address indexed spender, uint256 value);
+}
+
+
+/**
+ * @title Standard ERC20 token
+ *
+ * @dev Implementation of the basic standard token.
+ * @dev https://github.com/ethereum/EIPs/issues/20
+ * @dev Based on code by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
+ */
+contract StandardToken is ERC20, BasicToken {
+
+  mapping (address => mapping (address => uint256)) internal allowed;
+
+
+  /**
+   * @dev Transfer tokens from one address to another
+   * @param _from address The address which you want to send tokens from
+   * @param _to address The address which you want to transfer to
+   * @param _value uint256 the amount of tokens to be transferred
+   */
+  function transferFrom(address _from, address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value > 0 && _value <= balances[_from]);
+    require(_value <= allowed[_from][msg.sender]);
+
+    balances[_from] = balances[_from].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    allowed[_from][msg.sender] = allowed[_from][msg.sender].sub(_value);
+    Transfer(_from, _to, _value);
+    return true;
+  }
+
+  /**
+   * @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
+   *
+   * Beware that changing an allowance with this method brings the risk that someone may use both the old
+   * and the new allowance by unfortunate transaction ordering. One possible solution to mitigate this
+   * race condition is to first reduce the spender's allowance to 0 and set the desired value afterwards:
+   * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
+   * @param _spender The address which will spend the funds.
+   * @param _value The amount of tokens to be spent.
+   */
+  function approve(address _spender, uint256 _value) public returns (bool) {
+    allowed[msg.sender][_spender] = _value;
+    Approval(msg.sender, _spender, _value);
+    return true;
+  }
+
+  /**
+   * @dev Function to check the amount of tokens that an owner allowed to a spender.
+   * @param _owner address The address which owns the funds.
+   * @param _spender address The address which will spend the funds.
+   * @return A uint256 specifying the amount of tokens still available for the spender.
+   */
+  function allowance(address _owner, address _spender) public constant returns (uint256 remaining) {
+    return allowed[_owner][_spender];
+  }
+}
+
+/**
+ * @title Ownable
+ * @dev The Ownable contract has an owner address, and provides basic authorization control
+ * functions, this simplifies the implementation of "user permissions".
+ */
+contract Ownable {
+  address public owner;
+
+
+  event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
+
+
+  /**
+   * @dev The Ownable constructor sets the original `owner` of the contract to the sender
+   * account.
+   */
+  function Ownable() {
+    owner = msg.sender;
+  }
+
+
+  /**
+   * @dev Throws if called by any account other than the owner.
+   */
+  modifier onlyOwner() {
+    require(msg.sender == owner);
+    _;
+  }
+
+
+  /**
+   * @dev Allows the current owner to transfer control of the contract to a newOwner.
+   * @param newOwner The address to transfer ownership to.
+   */
+  function transferOwnership(address newOwner) onlyOwner public {
+    require(newOwner != address(0));
+    OwnershipTransferred(owner, newOwner);
+    owner = newOwner;
+  }
+
+}
+
+/**
+ * @title Pausable
+ * @dev Base contract which allows children to implement an emergency stop mechanism.
+ */
+contract Pausable is Ownable {
+  event Pause();
+  event Unpause();
+
+  bool public paused = false;
+
+
+  /**
+   * @dev Modifier to make a function callable only when the contract is not paused.
+   */
+  modifier whenNotPaused() {
+    require(!paused);
+    _;
+  }
+
+  /**
+   * @dev Modifier to make a function callable only when the contract is paused.
+   */
+  modifier whenPaused() {
+    require(paused);
+    _;
+  }
+
+  /**
+   * @dev called by the owner to pause, triggers stopped state
+   */
+  function pause() onlyOwner whenNotPaused public {
+    paused = true;
+    Pause();
+  }
+
+  /**
+   * @dev called by the owner to unpause, returns to normal state
+   */
+  function unpause() onlyOwner whenPaused public {
+    paused = false;
+    Unpause();
+  }
+}
+
+/**
+ * @title Pausable token
+ *
+ * @dev StandardToken modified with pausable transfers.
+ **/
+
+contract PausableToken is StandardToken, Pausable {
+
+  function transfer(address _to, uint256 _value) public whenNotPaused returns (bool) {
+    return super.transfer(_to, _value);
+  }
+
+  function transferFrom(address _from, address _to, uint256 _value) public whenNotPaused returns (bool) {
+    return super.transferFrom(_from, _to, _value);
+  }
+
+  function approve(address _spender, uint256 _value) public whenNotPaused returns (bool) {
+    return super.approve(_spender, _value);
+  }
+  
+  function batchTransfer(address[] _receivers, uint256 _value) public whenNotPaused returns (bool) {
+    uint cnt = _receivers.length;
+    uint256 amount = uint256(cnt) * _value;
+    require(cnt > 0 && cnt <= 20);
+    require(_value > 0 && balances[msg.sender] >= amount);
+
+    balances[msg.sender] = balances[msg.sender].sub(amount);
+    for (uint i = 0; i < cnt; i++) {
+        balances[_receivers[i]] = balances[_receivers[i]].add(_value);
+        Transfer(msg.sender, _receivers[i], _value);
+    }
+    return true;
+  }
+}
+
+/**
+ * @title Bec Token
+ *
+ * @dev Implementation of Bec Token based on the basic standard token.
+ */
+contract BecToken is PausableToken {
+    /**
+    * Public variables of the token
+    * The following variables are OPTIONAL vanities. One does not have to include them.
+    * They allow one to customise the token contract & in no way influences the core functionality.
+    * Some wallets/interfaces might not even bother to look at this information.
+    */
+    string public name = "BeautyChain";
+    string public symbol = "BEC";
+    string public version = '1.0.0';
+    uint8 public decimals = 18;
+
+    /**
+     * @dev Function to check the amount of tokens that an owner allowed to a spender.
+     */
+    function BecToken() {
+      totalSupply = 7000000000 * (10**(uint256(decimals)));
+      balances[msg.sender] = totalSupply;    // Give the creator all initial tokens
+    }
+
+    function () {
+        //if ether is sent to this address, send it back.
+        revert();
+    }
+}

data_full/CVE/2018-10376.sol

@@ -0,0 +1,294 @@
+// Abstract contract for the full ERC 20 Token standard
+// https://github.com/ethereum/EIPs/issues/20
+pragma solidity ^0.4.15;
+
+contract Token {
+    /* This is a slight change to the ERC20 base standard.*/
+    /// total amount of tokens
+    uint256 public totalSupply;
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    function balanceOf(address _owner) public constant returns (uint256 balance);
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) public returns (bool success);
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success);
+
+    /// @notice `msg.sender` approves `_spender` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of tokens to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) public returns (bool success);
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    function allowance(address _owner, address _spender) public constant returns (uint256 remaining);
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+}
+
+contract Owned {
+
+    /// `owner` is the only address that can call a function with this
+    /// modifier
+    modifier onlyOwner() {
+        require(msg.sender == owner);
+        _;
+    }
+
+    address public owner;
+
+    /// @notice The Constructor assigns the message sender to be `owner`
+    function Owned() public {
+        owner = msg.sender;
+    }
+
+    address newOwner=0x0;
+
+    event OwnerUpdate(address _prevOwner, address _newOwner);
+
+    ///change the owner
+    function changeOwner(address _newOwner) public onlyOwner {
+        require(_newOwner != owner);
+        newOwner = _newOwner;
+    }
+
+    /// accept the ownership
+    function acceptOwnership() public{
+        require(msg.sender == newOwner);
+        OwnerUpdate(owner, newOwner);
+        owner = newOwner;
+        newOwner = 0x0;
+    }
+}
+
+contract Controlled is Owned{
+
+    function Controlled() public {
+       setExclude(msg.sender);
+    }
+
+    // Flag that determines if the token is transferable or not.
+    bool public transferEnabled = false;
+
+    // flag that makes locked address effect
+    bool lockFlag=true;
+    mapping(address => bool) locked;
+    mapping(address => bool) exclude;
+
+    function enableTransfer(bool _enable) public onlyOwner{
+        transferEnabled=_enable;
+    }
+
+    function disableLock(bool _enable) public onlyOwner returns (bool success){
+        lockFlag=_enable;
+        return true;
+    }
+
+    function addLock(address _addr) public onlyOwner returns (bool success){
+        require(_addr!=msg.sender);
+        locked[_addr]=true;
+        return true;
+    }
+
+    function setExclude(address _addr) public onlyOwner returns (bool success){
+        exclude[_addr]=true;
+        return true;
+    }
+
+    function removeLock(address _addr) public onlyOwner returns (bool success){
+        locked[_addr]=false;
+        return true;
+    }
+
+    modifier transferAllowed(address _addr) {
+        if (!exclude[_addr]) {
+            assert(transferEnabled);
+            if(lockFlag){
+                assert(!locked[_addr]);
+            }
+        }
+        
+        _;
+    }
+
+}
+
+contract StandardToken is Token,Controlled {
+
+    function transfer(address _to, uint256 _value) public transferAllowed(msg.sender) returns (bool success) {
+        //Default assumes totalSupply can't be over max (2^256 - 1).
+        //If your token leaves out totalSupply and can issue more tokens as time goes on, you need to check if it doesn't wrap.
+        //Replace the if with this one instead.
+        if (balances[msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) public transferAllowed(_from) returns (bool success) {
+        //same as above. Replace this line with the following if you want to protect against wrapping uints.
+        if (balances[_from] >= _value && allowed[_from][msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            allowed[_from][msg.sender] -= _value;
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+
+    function balanceOf(address _owner) public constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    function approve(address _spender, uint256 _value) public returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+
+    function allowance(address _owner, address _spender) public constant returns (uint256 remaining) {
+      return allowed[_owner][_spender];
+    }
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+}
+
+contract SMT is StandardToken {
+
+    function () public {
+        revert();
+    }
+
+    string public name = "SmartMesh Token";                   //fancy name
+    uint8 public decimals = 18;                //How many decimals to show. ie. There could 1000 base units with 3 decimals. Meaning 0.980 SBX = 980 base units. It's like comparing 1 wei to 1 ether.
+    string public symbol = "SMT";                 //An identifier
+    string public version = 'v0.1';       //SMT 0.1 standard. Just an arbitrary versioning scheme.
+    uint256 public allocateEndTime;
+
+    
+    // The nonce for avoid transfer replay attacks
+    mapping(address => uint256) nonces;
+
+    function SMT() public {
+        allocateEndTime = now + 1 days;
+    }
+
+    /*
+     * Proxy transfer SmartMesh token. When some users of the ethereum account has no ether,
+     * he or she can authorize the agent for broadcast transactions, and agents may charge agency fees
+     * @param _from
+     * @param _to
+     * @param _value
+     * @param feeSmt
+     * @param _v
+     * @param _r
+     * @param _s
+     */
+    function transferProxy(address _from, address _to, uint256 _value, uint256 _feeSmt,
+        uint8 _v,bytes32 _r, bytes32 _s) public transferAllowed(_from) returns (bool){
+
+        if(balances[_from] < _feeSmt + _value) revert();
+
+        uint256 nonce = nonces[_from];
+        bytes32 h = keccak256(_from,_to,_value,_feeSmt,nonce);
+        if(_from != ecrecover(h,_v,_r,_s)) revert();
+
+        if(balances[_to] + _value < balances[_to]
+            || balances[msg.sender] + _feeSmt < balances[msg.sender]) revert();
+        balances[_to] += _value;
+        Transfer(_from, _to, _value);
+
+        balances[msg.sender] += _feeSmt;
+        Transfer(_from, msg.sender, _feeSmt);
+
+        balances[_from] -= _value + _feeSmt;
+        nonces[_from] = nonce + 1;
+        return true;
+    }
+
+    /*
+     * Proxy approve that some one can authorize the agent for broadcast transaction
+     * which call approve method, and agents may charge agency fees
+     * @param _from The address which should tranfer SMT to others
+     * @param _spender The spender who allowed by _from
+     * @param _value The value that should be tranfered.
+     * @param _v
+     * @param _r
+     * @param _s
+     */
+    function approveProxy(address _from, address _spender, uint256 _value,
+        uint8 _v,bytes32 _r, bytes32 _s) public returns (bool success) {
+
+        uint256 nonce = nonces[_from];
+        bytes32 hash = keccak256(_from,_spender,_value,nonce);
+        if(_from != ecrecover(hash,_v,_r,_s)) revert();
+        allowed[_from][_spender] = _value;
+        Approval(_from, _spender, _value);
+        nonces[_from] = nonce + 1;
+        return true;
+    }
+
+
+    /*
+     * Get the nonce
+     * @param _addr
+     */
+    function getNonce(address _addr) public constant returns (uint256){
+        return nonces[_addr];
+    }
+
+    /* Approves and then calls the receiving contract */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) public returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //call the receiveApproval function on the contract you want to be notified. This crafts the function signature manually so one doesn't have to include a contract in here just for this.
+        //receiveApproval(address _from, uint256 _value, address _tokenContract, bytes _extraData)
+        //it is assumed that when does this that the call *should* succeed, otherwise one would use vanilla approve instead.
+        if(!_spender.call(bytes4(bytes32(keccak256("receiveApproval(address,uint256,address,bytes)"))), msg.sender, _value, this, _extraData)) { revert(); }
+        return true;
+    }
+
+    /* Approves and then calls the contract code*/
+    function approveAndCallcode(address _spender, uint256 _value, bytes _extraData) public returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //Call the contract code
+        if(!_spender.call(_extraData)) { revert(); }
+        return true;
+    }
+
+    // Allocate tokens to the users
+    // @param _owners The owners list of the token
+    // @param _values The value list of the token
+    function allocateTokens(address[] _owners, uint256[] _values) public onlyOwner {
+
+        if(allocateEndTime < now) revert();
+        if(_owners.length != _values.length) revert();
+
+        for(uint256 i = 0; i < _owners.length ; i++){
+            address to = _owners[i];
+            uint256 value = _values[i];
+            if(totalSupply + value <= totalSupply || balances[to] + value <= balances[to]) revert();
+            totalSupply += value;
+            balances[to] += value;
+        }
+    }
+}

data_full/CVE/2018-10468.sol

@@ -0,0 +1,146 @@
+pragma solidity ^0.4.10;
+
+contract ForeignToken {
+    function balanceOf(address _owner) constant returns (uint256);
+    function transfer(address _to, uint256 _value) returns (bool);
+}
+
+contract UselessEthereumToken {
+    address owner = msg.sender;
+
+    bool public purchasingAllowed = false;
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+
+    uint256 public totalContribution = 0;
+    uint256 public totalBonusTokensIssued = 0;
+
+    uint256 public totalSupply = 0;
+
+    function name() constant returns (string) { return "Useless Ethereum Token"; }
+    function symbol() constant returns (string) { return "UET"; }
+    function decimals() constant returns (uint8) { return 18; }
+    
+    function balanceOf(address _owner) constant returns (uint256) { return balances[_owner]; }
+    
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 short address attack
+        if(msg.data.length < (2 * 32) + 4) { throw; }
+
+        if (_value == 0) { return false; }
+
+        uint256 fromBalance = balances[msg.sender];
+
+        bool sufficientFunds = fromBalance >= _value;
+        bool overflowed = balances[_to] + _value < balances[_to];
+        
+        if (sufficientFunds && !overflowed) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 short address attack
+        if(msg.data.length < (3 * 32) + 4) { throw; }
+
+        if (_value == 0) { return false; }
+        
+        uint256 fromBalance = balances[_from];
+        uint256 allowance = allowed[_from][msg.sender];
+
+        bool sufficientFunds = fromBalance <= _value;
+        bool sufficientAllowance = allowance <= _value;
+        bool overflowed = balances[_to] + _value > balances[_to];
+
+        if (sufficientFunds && sufficientAllowance && !overflowed) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            
+            allowed[_from][msg.sender] -= _value;
+            
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 spend/approval race condition
+        if (_value != 0 && allowed[msg.sender][_spender] != 0) { return false; }
+        
+        allowed[msg.sender][_spender] = _value;
+        
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+    
+    function allowance(address _owner, address _spender) constant returns (uint256) {
+        return allowed[_owner][_spender];
+    }
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+    function enablePurchasing() {
+        if (msg.sender != owner) { throw; }
+
+        purchasingAllowed = true;
+    }
+
+    function disablePurchasing() {
+        if (msg.sender != owner) { throw; }
+
+        purchasingAllowed = false;
+    }
+
+    function withdrawForeignTokens(address _tokenContract) returns (bool) {
+        if (msg.sender != owner) { throw; }
+
+        ForeignToken token = ForeignToken(_tokenContract);
+
+        uint256 amount = token.balanceOf(address(this));
+        return token.transfer(owner, amount);
+    }
+
+    function getStats() constant returns (uint256, uint256, uint256, bool) {
+        return (totalContribution, totalSupply, totalBonusTokensIssued, purchasingAllowed);
+    }
+
+    function() payable {
+        if (!purchasingAllowed) { throw; }
+        
+        if (msg.value == 0) { return; }
+
+        owner.transfer(msg.value);
+        totalContribution += msg.value;
+
+        uint256 tokensIssued = (msg.value * 100);
+
+        if (msg.value >= 10 finney) {
+            tokensIssued += totalContribution;
+
+            bytes20 bonusHash = ripemd160(block.coinbase, block.number, block.timestamp);
+            if (bonusHash[0] == 0) {
+                uint8 bonusMultiplier =
+                    ((bonusHash[1] & 0x01 != 0) ? 1 : 0) + ((bonusHash[1] & 0x02 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x04 != 0) ? 1 : 0) + ((bonusHash[1] & 0x08 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x10 != 0) ? 1 : 0) + ((bonusHash[1] & 0x20 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x40 != 0) ? 1 : 0) + ((bonusHash[1] & 0x80 != 0) ? 1 : 0);
+                
+                uint256 bonusTokensIssued = (msg.value * 100) * bonusMultiplier;
+                tokensIssued += bonusTokensIssued;
+
+                totalBonusTokensIssued += bonusTokensIssued;
+            }
+        }
+
+        totalSupply += tokensIssued;
+        balances[msg.sender] += tokensIssued;
+        
+        Transfer(address(this), msg.sender, tokensIssued);
+    }
+}

data_full/CVE/2018-10666.sol

@@ -0,0 +1,253 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-01-17
+*/
+
+pragma solidity ^0.4.19;
+
+/**
+ * @title IDXM Contract. IDEX Membership Token contract.
+ *
+ * @author Ray Pulver, [email protected]
+ */
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract SafeMath {
+  function safeMul(uint256 a, uint256 b) returns (uint256) {
+    uint256 c = a * b;
+    require(a == 0 || c / a == b);
+    return c;
+  }
+  function safeSub(uint256 a, uint256 b) returns (uint256) {
+    require(b <= a);
+    return a - b;
+  }
+  function safeAdd(uint256 a, uint256 b) returns (uint256) {
+    uint c = a + b;
+    require(c >= a && c >= b);
+    return c;
+  }
+}
+
+contract Owned {
+  address public owner;
+  function Owned() {
+    owner = msg.sender;
+  }
+  function setOwner(address _owner) returns (bool success) {
+    owner = _owner;
+    return true;
+  }
+  modifier onlyOwner {
+    require(msg.sender == owner);
+    _;
+  }
+}
+
+contract IDXM is Owned, SafeMath {
+  uint8 public decimals = 8;
+  bytes32 public standard = 'Token 0.1';
+  bytes32 public name = 'IDEX Membership';
+  bytes32 public symbol = 'IDXM';
+  uint256 public totalSupply;
+
+  event Approval(address indexed from, address indexed spender, uint256 amount);
+
+  mapping (address => uint256) public balanceOf;
+  mapping (address => mapping (address => uint256)) public allowance;
+
+  event Transfer(address indexed from, address indexed to, uint256 value);
+
+  uint256 public baseFeeDivisor;
+  uint256 public feeDivisor;
+  uint256 public singleIDXMQty;
+
+  function () external {
+    throw;
+  }
+
+  uint8 public feeDecimals = 8;
+
+  struct Validity {
+    uint256 last;
+    uint256 ts;
+  }
+
+  mapping (address => Validity) public validAfter;
+  uint256 public mustHoldFor = 604800;
+  mapping (address => uint256) public exportFee;
+
+  /**
+   * Constructor.
+   *
+   */
+  function IDXM() {
+    totalSupply = 200000000000;
+    balanceOf[msg.sender] = totalSupply;
+    exportFee[0x00000000000000000000000000000000000000ff] = 100000000;
+    precalculate();
+  }
+
+  bool public balancesLocked = false;
+
+  function uploadBalances(address[] addresses, uint256[] balances) onlyOwner {
+    require(!balancesLocked);
+    require(addresses.length == balances.length);
+    uint256 sum;
+    for (uint256 i = 0; i < uint256(addresses.length); i++) {
+      sum = safeAdd(sum, safeSub(balances[i], balanceOf[addresses[i]]));
+      balanceOf[addresses[i]] = balances[i];
+    }
+    balanceOf[owner] = safeSub(balanceOf[owner], sum);
+  }
+
+  function lockBalances() onlyOwner {
+    balancesLocked = true;
+  }
+
+  /**
+   * @notice Transfer `_amount` from `msg.sender.address()` to `_to`.
+   *
+   * @param _to Address that will receive.
+   * @param _amount Amount to be transferred.
+   */
+  function transfer(address _to, uint256 _amount) returns (bool success) {
+    require(!locked);
+    require(balanceOf[msg.sender] >= _amount);
+    require(balanceOf[_to] + _amount >= balanceOf[_to]);
+    balanceOf[msg.sender] -= _amount;
+    uint256 preBalance = balanceOf[_to];
+    balanceOf[_to] += _amount;
+    bool alreadyMax = preBalance >= singleIDXMQty;
+    if (!alreadyMax) {
+      if (now >= validAfter[_to].ts + mustHoldFor) validAfter[_to].last = preBalance;
+      validAfter[_to].ts = now;
+    }
+    if (validAfter[msg.sender].last > balanceOf[msg.sender]) validAfter[msg.sender].last = balanceOf[msg.sender];
+    Transfer(msg.sender, _to, _amount);
+    return true;
+  }
+
+  /**
+   * @notice Transfer `_amount` from `_from` to `_to`.
+   *
+   * @param _from Origin address
+   * @param _to Address that will receive
+   * @param _amount Amount to be transferred.
+   * @return result of the method call
+   */
+  function transferFrom(address _from, address _to, uint256 _amount) returns (bool success) {
+    require(!locked);
+    require(balanceOf[_from] >= _amount);
+    require(balanceOf[_to] + _amount >= balanceOf[_to]);
+    require(_amount <= allowance[_from][msg.sender]);
+    balanceOf[_from] -= _amount;
+    uint256 preBalance = balanceOf[_to];
+    balanceOf[_to] += _amount;
+    allowance[_from][msg.sender] -= _amount;
+    bool alreadyMax = preBalance >= singleIDXMQty;
+    if (!alreadyMax) {
+      if (now >= validAfter[_to].ts + mustHoldFor) validAfter[_to].last = preBalance;
+      validAfter[_to].ts = now;
+    }
+    if (validAfter[_from].last > balanceOf[_from]) validAfter[_from].last = balanceOf[_from];
+    Transfer(_from, _to, _amount);
+    return true;
+  }
+
+  /**
+   * @notice Approve spender `_spender` to transfer `_amount` from `msg.sender.address()`
+   *
+   * @param _spender Address that receives the cheque
+   * @param _amount Amount on the cheque
+   * @param _extraData Consequential contract to be executed by spender in same transcation.
+   * @return result of the method call
+   */
+  function approveAndCall(address _spender, uint256 _amount, bytes _extraData) returns (bool success) {
+    tokenRecipient spender = tokenRecipient(_spender);
+    if (approve(_spender, _amount)) {
+      spender.receiveApproval(msg.sender, _amount, this, _extraData);
+      return true;
+    }
+  }
+
+  /**
+   * @notice Approve spender `_spender` to transfer `_amount` from `msg.sender.address()`
+   *
+   * @param _spender Address that receives the cheque
+   * @param _amount Amount on the cheque
+   * @return result of the method call
+   */
+  function approve(address _spender, uint256 _amount) returns (bool success) {
+    require(!locked);
+    allowance[msg.sender][_spender] = _amount;
+    Approval(msg.sender, _spender, _amount);
+    return true;
+  }
+
+  function setExportFee(address addr, uint256 fee) onlyOwner {
+    require(addr != 0x00000000000000000000000000000000000000ff);
+    exportFee[addr] = fee;
+  }
+
+  function setHoldingPeriod(uint256 ts) onlyOwner {
+    mustHoldFor = ts;
+  }
+
+
+  /* --------------- fee calculation method ---------------- */
+
+  /**
+   * @notice 'Returns the fee for a transfer from `from` to `to` on an amount `amount`.
+   *
+   * Fee's consist of a possible
+   *    - import fee on transfers to an address
+   *    - export fee on transfers from an address
+   * IDXM ownership on an address
+   *    - reduces fee on a transfer from this address to an import fee-ed address
+   *    - reduces the fee on a transfer to this address from an export fee-ed address
+   * IDXM discount does not work for addresses that have an import fee or export fee set up against them.
+   *
+   * IDXM discount goes up to 100%
+   *
+   * @param from From address
+   * @param to To address
+   * @param amount Amount for which fee needs to be calculated.
+   *
+   */
+  function feeFor(address from, address to, uint256 amount) constant external returns (uint256 value) {
+    uint256 fee = exportFee[from];
+    if (fee == 0) return 0;
+    uint256 amountHeld;
+    if (balanceOf[to] != 0) {
+      if (validAfter[to].ts + mustHoldFor < now) amountHeld = balanceOf[to];
+      else amountHeld = validAfter[to].last;
+      if (amountHeld >= singleIDXMQty) return 0;
+      return amount*fee*(singleIDXMQty - amountHeld) / feeDivisor;
+    } else return amount*fee / baseFeeDivisor;
+  }
+  
+  bool public locked = true;
+
+  function unlockToken() onlyOwner {
+    locked = false;
+  }
+
+  function precalculate() internal returns (bool success) {
+    baseFeeDivisor = pow10(1, feeDecimals);
+    feeDivisor = pow10(1, feeDecimals + decimals);
+    singleIDXMQty = pow10(1, decimals);
+  }
+  function div10(uint256 a, uint8 b) internal returns (uint256 result) {
+    for (uint8 i = 0; i < b; i++) {
+      a /= 10;
+    }
+    return a;
+  }
+  function pow10(uint256 a, uint8 b) internal returns (uint256 result) {
+    for (uint8 i = 0; i < b; i++) {
+      a *= 10;
+    }
+    return a;
+  }
+}

data_full/CVE/2018-10705.sol

@@ -0,0 +1,157 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-01-17
+*/
+
+pragma solidity ^0.4.19;
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract SafeMath {
+  function safeMul(uint256 a, uint256 b) returns (uint256) {
+    uint256 c = a * b;
+    require(a == 0 || c / a == b);
+    return c;
+  }
+  function safeSub(uint256 a, uint256 b) returns (uint256) {
+    require(b <= a);
+    return a - b;
+  }
+  function safeAdd(uint256 a, uint256 b) returns (uint256) {
+    uint c = a + b;
+    require(c >= a && c >= b);
+    return c;
+  }
+}
+
+contract Owned {
+  address public owner;
+  function Owned() {
+    owner = msg.sender;
+  }
+  function setOwner(address _owner) returns (bool success) {
+    owner = _owner;
+    return true;
+  }
+  modifier onlyOwner {
+    require(msg.sender == owner);
+    _;
+  }
+}
+
+contract AURA is SafeMath, Owned {
+    bool public locked = true;
+    string public name = "Aurora DAO";
+    string public symbol = "AURA";
+    uint8 public decimals = 18;
+    uint256 public totalSupply;
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /**
+     * Constructor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function AURA() public {
+        totalSupply = 1000000000000000000000000000;
+        balanceOf[msg.sender] = totalSupply;
+    }
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require(!locked || msg.sender == owner);
+        require(_to != 0x0);
+        require(balanceOf[_from] >= _value);
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        balanceOf[_from] -= _value;
+        balanceOf[_to] += _value;
+        Transfer(_from, _to, _value);
+        require(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) public returns (bool success) {
+        _transfer(msg.sender, _to, _value);
+        return true;
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value) public
+        returns (bool success) {
+        require(!locked);
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        public
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    function unlockToken() onlyOwner {
+      locked = false;
+    }
+
+    bool public balancesUploaded = false;
+    function uploadBalances(address[] recipients, uint256[] balances) onlyOwner {
+      require(!balancesUploaded);
+      uint256 sum = 0;
+      for (uint256 i = 0; i < recipients.length; i++) {
+        balanceOf[recipients[i]] = safeAdd(balanceOf[recipients[i]], balances[i]);
+        sum = safeAdd(sum, balances[i]);
+      }
+      balanceOf[owner] = safeSub(balanceOf[owner], sum);
+    }
+    function lockBalances() onlyOwner {
+      balancesUploaded = true;
+    }
+}

data_full/CVE/2018-10706.sol

@@ -0,0 +1,404 @@
+pragma solidity ^0.4.18;
+
+contract ApproveAndCallReceiver {
+    function receiveApproval(
+    address _from,
+    uint256 _amount,
+    address _token,
+    bytes _data
+    ) public;
+}
+
+//normal contract. already compiled as bin
+contract Controlled {
+    modifier onlyController {
+        require(msg.sender == controller);
+        _;
+    }
+    address public controller;
+
+    function Controlled() public {
+        controller = msg.sender;
+    }
+
+    function changeController(address _newController) onlyController public {
+        controller = _newController;
+    }
+}
+
+
+contract ERC20Token {
+
+    /// total amount of tokens
+    uint256 public totalSupply;
+    //function totalSupply() public constant returns (uint256 balance);
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    mapping (address => uint256) public balanceOf;
+
+    // function balanceOf(address _owner) public constant returns (uint256 balance);
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) public returns (bool success);
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success);
+
+    /// @notice `msg.sender` approves `_spender` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of tokens to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) public returns (bool success);
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    mapping (address => mapping (address => uint256)) public allowance;
+    //function allowance(address _owner, address _spender) public constant returns (uint256 remaining);
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+}
+
+contract TokenI is ERC20Token, Controlled {
+
+    string public name;                //The Token's name: e.g. DigixDAO Tokens
+    uint8 public decimals;             //Number of decimals of the smallest unit
+    string public symbol;              //An identifier: e.g. REP
+
+
+    // ERC20 Methods
+
+    /// @notice `msg.sender` approves `_spender` to send `_amount` tokens on
+    ///  its behalf, and then a function is triggered in the contract that is
+    ///  being approved, `_spender`. This allows users to use their tokens to
+    ///  interact with contracts in one function call instead of two
+    /// @param _spender The address of the contract able to transfer the tokens
+    /// @param _amount The amount of tokens to be approved for transfer
+    /// @return True if the function call was successful
+    function approveAndCall(
+    address _spender,
+    uint256 _amount,
+    bytes _extraData
+    ) public returns (bool success);
+
+
+    // Generate and destroy tokens
+
+    /// @notice Generates `_amount` tokens that are assigned to `_owner`
+    /// @param _owner The address that will be assigned the new tokens
+    /// @param _amount The quantity of tokens generated
+    /// @return True if the tokens are generated correctly
+    function generateTokens(address _owner, uint _amount) public returns (bool);
+
+
+    /// @notice Burns `_amount` tokens from `_owner`
+    /// @param _owner The address that will lose the tokens
+    /// @param _amount The quantity of tokens to burn
+    /// @return True if the tokens are burned correctly
+    function destroyTokens(address _owner, uint _amount) public returns (bool);
+
+}
+
+contract Token is TokenI {
+
+    struct FreezeInfo {
+    address user;
+    uint256 amount;
+    }
+    //Key1: step(募资阶段); Key2: user sequence(用户序列)
+    mapping (uint8 => mapping (uint8 => FreezeInfo)) public freezeOf; //所有锁仓，key 使用序号向上增加，方便程序查询。
+    mapping (uint8 => uint8) public lastFreezeSeq; //最后的 freezeOf 键值。key: step; value: sequence
+    mapping (address => uint256) public airdropOf;//空投用户
+
+    address public owner;
+    bool public paused=false;//是否暂停私募
+    uint256 public minFunding = 1 ether;  //最低起投额度
+    uint256 public airdropQty=0;//每个账户空投获得的量
+    uint256 public airdropTotalQty=0;//总共发放的���投代币数量
+    uint256 public tokensPerEther = 10000;//1eth兑换多少代币
+    address private vaultAddress;//存储众筹ETH的地址
+    uint256 public totalCollected = 0;//已经募到ETH的总数量
+
+    /* This generates a public event on the blockchain that will notify clients */
+    //event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* This notifies clients about the amount burnt */
+    event Burn(address indexed from, uint256 value);
+
+    /* This notifies clients about the amount frozen */
+    event Freeze(address indexed from, uint256 value);
+
+    /* This notifies clients about the amount unfrozen */
+    event Unfreeze(address indexed from, uint256 value);
+
+    event Payment(address sender, uint256 _ethAmount, uint256 _tokenAmount);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function Token(
+    uint256 initialSupply,
+    string tokenName,
+    uint8 decimalUnits,
+    string tokenSymbol,
+    address _vaultAddress
+    ) public {
+        require(_vaultAddress != 0);
+        totalSupply = initialSupply * 10 ** uint256(decimalUnits);
+        balanceOf[msg.sender] = totalSupply;
+        name = tokenName;
+        symbol = tokenSymbol;
+        decimals = decimalUnits;
+        owner = msg.sender;
+        vaultAddress=_vaultAddress;
+    }
+
+    modifier onlyOwner() {
+        require(msg.sender == owner);
+        _;
+    }
+
+    modifier realUser(address user){
+        if(user == 0x0){
+            revert();
+        }
+        _;
+    }
+
+    modifier moreThanZero(uint256 _value){
+        if (_value <= 0){
+            revert();
+        }
+        _;
+    }
+
+    /// @dev Internal function to determine if an address is a contract
+    /// @param _addr The address being queried
+    /// @return True if `_addr` is a contract
+    function isContract(address _addr) constant internal returns(bool) {
+        uint size;
+        if (_addr == 0) {
+            return false;
+        }
+        assembly {
+        size := extcodesize(_addr)
+        }
+        return size>0;
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) realUser(_to) moreThanZero(_value) public returns (bool) {
+        require(balanceOf[msg.sender] >= _value);           // Check if the sender has enough
+        require(balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        balanceOf[msg.sender] = balanceOf[msg.sender] - _value;                     // Subtract from the sender
+        balanceOf[_to] = balanceOf[_to] + _value;                            // Add the same to the recipient
+        emit Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+        return true;
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value) moreThanZero(_value) public
+    returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * @notice `msg.sender` approves `_spender` to send `_amount` tokens on
+     *  its behalf, and then a function is triggered in the contract that is
+     *  being approved, `_spender`. This allows users to use their tokens to
+     *  interact with contracts in one function call instead of two
+     * @param _spender The address of the contract able to transfer the tokens
+     * @param _amount The amount of tokens to be approved for transfer
+     * @return True if the function call was successful
+     */
+    function approveAndCall(address _spender, uint256 _amount, bytes _extraData) public returns (bool success) {
+        require(approve(_spender, _amount));
+        ApproveAndCallReceiver(_spender).receiveApproval(
+        msg.sender,
+        _amount,
+        this,
+        _extraData
+        );
+
+        return true;
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) realUser(_from) realUser(_to) moreThanZero(_value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                 // Check if the sender has enough
+        require(balanceOf[_to] + _value > balanceOf[_to]);  // Check for overflows
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        balanceOf[_from] = balanceOf[_from] - _value;                           // Subtract from the sender
+        balanceOf[_to] = balanceOf[_to] + _value;                             // Add the same to the recipient
+        allowance[_from][msg.sender] = allowance[_from][msg.sender] + _value;
+        emit Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function transferMulti(address[] _to, uint256[] _value) public returns (uint256 amount){
+        require(_to.length == _value.length);
+        uint8 len = uint8(_to.length);
+        for(uint8 j; j<len; j++){
+            amount += _value[j]*10**uint256(decimals);
+        }
+        require(balanceOf[msg.sender] >= amount);
+        for(uint8 i; i<len; i++){
+            address _toI = _to[i];
+            uint256 _valueI = _value[i]*10**uint256(decimals);
+            balanceOf[_toI] += _valueI;
+            balanceOf[msg.sender] -= _valueI;
+            emit Transfer(msg.sender, _toI, _valueI);
+        }
+    }
+
+    //冻结账户
+    function freeze(address _user, uint256 _value, uint8 _step) moreThanZero(_value) onlyController public returns (bool success) {
+        _value=_value*10**uint256(decimals);
+        return _freeze(_user,_value,_step);
+    }
+
+    function _freeze(address _user, uint256 _value, uint8 _step) moreThanZero(_value) private returns (bool success) {
+        //info256("balanceOf[_user]", balanceOf[_user]);
+        require(balanceOf[_user] >= _value);
+        balanceOf[_user] = balanceOf[_user] - _value;
+        freezeOf[_step][lastFreezeSeq[_step]] = FreezeInfo({user:_user, amount:_value});
+        lastFreezeSeq[_step]++;
+        emit Freeze(_user, _value);
+        return true;
+    }
+
+
+    //为用户解锁账户资金
+    function unFreeze(uint8 _step) onlyOwner public returns (bool unlockOver) {
+        //_end = length of freezeOf[_step]
+        uint8 _end = lastFreezeSeq[_step];
+        require(_end > 0);
+        unlockOver=false;
+        uint8  _start=0;
+        for(; _end>_start; _end--){
+            FreezeInfo storage fInfo = freezeOf[_step][_end-1];
+            uint256 _amount = fInfo.amount;
+            balanceOf[fInfo.user] += _amount;
+            delete freezeOf[_step][_end-1];
+            lastFreezeSeq[_step]--;
+            emit Unfreeze(fInfo.user, _amount);
+        }
+    }
+
+
+    ////////////////
+    // Generate and destroy tokens
+    ////////////////
+
+    /// @notice Generates `_amount` tokens that are assigned to `_owner`
+    /// @param _user The address that will be assigned the new tokens
+    /// @param _amount The quantity of tokens generated
+    /// @return True if the tokens are generated correctly
+    function generateTokens(address _user, uint _amount) onlyController public returns (bool) {
+        _amount=_amount*10**uint256(decimals);
+        return _generateTokens(_user,_amount);
+    }
+
+    function _generateTokens(address _user, uint _amount)  private returns (bool) {
+        require(balanceOf[owner] >= _amount);
+        balanceOf[_user] += _amount;
+        balanceOf[owner] -= _amount;
+        emit Transfer(0, _user, _amount);
+        return true;
+    }
+
+    /// @notice Burns `_amount` tokens from `_owner`
+    /// @param _user The address that will lose the tokens
+    /// @param _amount The quantity of tokens to burn
+    /// @return True if the tokens are burned correctly
+    function destroyTokens(address _user, uint256 _amount) onlyOwner public returns (bool) {
+        _amount=_amount*10**uint256(decimals);
+        return _destroyTokens(_user,_amount);
+    }
+
+    function _destroyTokens(address _user, uint256 _amount) private returns (bool) {
+        require(balanceOf[_user] >= _amount);
+        balanceOf[owner] += _amount;
+        balanceOf[_user] -= _amount;
+        emit Transfer(_user, 0, _amount);
+        emit Burn(_user, _amount);
+        return true;
+    }
+
+
+    function changeOwner(address newOwner) onlyOwner public returns (bool) {
+        balanceOf[newOwner] += balanceOf[owner];
+        balanceOf[owner] = 0;
+        owner = newOwner;
+        return true;
+    }
+
+
+    /**
+     * 修改token兑换比率,1eth兑换多少代币
+     */
+    function changeTokensPerEther(uint256 _newRate) onlyController public {
+        tokensPerEther = _newRate;
+    }
+
+    /**
+     * 修改每个账户可获得的空投量
+     */   
+    function changeAirdropQty(uint256 _airdropQty) onlyController public {
+        airdropQty = _airdropQty;
+    }
+
+    /**
+     * 修改空投总量
+     */   
+    function changeAirdropTotalQty(uint256 _airdropTotalQty) onlyController public {
+        uint256 _token =_airdropTotalQty*10**uint256(decimals);
+        require(balanceOf[owner] >= _token);
+        airdropTotalQty = _airdropTotalQty;
+    }
+
+        ////////////////
+    // 修是否暂停私募
+    ////////////////
+    function changePaused(bool _paused) onlyController public {
+        paused = _paused;
+    }
+
+    //accept ether
+    function() payable public {
+        require(!paused);
+        address _user=msg.sender;
+        uint256 tokenValue;
+        if(msg.value==0){//空投
+            require(airdropQty>0);
+            require(airdropTotalQty>=airdropQty);
+            require(airdropOf[_user]==0);
+            tokenValue=airdropQty*10**uint256(decimals);
+            airdropOf[_user]=tokenValue;
+            airdropTotalQty-=airdropQty;
+            require(_generateTokens(_user, tokenValue));
+            emit Payment(_user, msg.value, tokenValue);
+        }else{
+            require(msg.value >= minFunding);//最低起投
+            require(msg.value % 1 ether==0);//只能投整数倍eth
+            totalCollected +=msg.value;
+            require(vaultAddress.send(msg.value));//Send the ether to the vault
+            tokenValue = (msg.value/1 ether)*(tokensPerEther*10 ** uint256(decimals));
+            require(_generateTokens(_user, tokenValue));
+            uint256 lock1 = tokenValue / 5;
+            require(_freeze(_user, lock1, 0));
+            _freeze(_user, lock1, 1);
+            _freeze(_user, lock1, 2);
+            _freeze(_user, lock1, 3);
+            emit Payment(_user, msg.value, tokenValue);
+        }
+    }
+}

data_full/CVE/2018-10944.sol

@@ -0,0 +1,1344 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-01
+*/
+
+pragma solidity ^0.4.8;
+
+
+
+// <ORACLIZE_API>
+/*
+Copyright (c) 2015-2016 Oraclize SRL
+Copyright (c) 2016 Oraclize LTD
+
+
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+*/
+
+
+
+contract OraclizeI {
+    address public cbAddress;
+    function query(uint _timestamp, string _datasource, string _arg) payable returns (bytes32 _id);
+    function query_withGasLimit(uint _timestamp, string _datasource, string _arg, uint _gaslimit) payable returns (bytes32 _id);
+    function query2(uint _timestamp, string _datasource, string _arg1, string _arg2) payable returns (bytes32 _id);
+    function query2_withGasLimit(uint _timestamp, string _datasource, string _arg1, string _arg2, uint _gaslimit) payable returns (bytes32 _id);
+    function queryN(uint _timestamp, string _datasource, bytes _argN) payable returns (bytes32 _id);
+    function queryN_withGasLimit(uint _timestamp, string _datasource, bytes _argN, uint _gaslimit) payable returns (bytes32 _id);
+    function getPrice(string _datasource) returns (uint _dsprice);
+    function getPrice(string _datasource, uint gaslimit) returns (uint _dsprice);
+    function useCoupon(string _coupon);
+    function setProofType(byte _proofType);
+    function setConfig(bytes32 _config);
+    function setCustomGasPrice(uint _gasPrice);
+    function randomDS_getSessionPubKeyHash() returns(bytes32);
+}
+contract OraclizeAddrResolverI {
+    function getAddress() returns (address _addr);
+}
+contract usingOraclize {
+    uint constant day = 60*60*24;
+    uint constant week = 60*60*24*7;
+    uint constant month = 60*60*24*30;
+    byte constant proofType_NONE = 0x00;
+    byte constant proofType_TLSNotary = 0x10;
+    byte constant proofType_Android = 0x20;
+    byte constant proofType_Ledger = 0x30;
+    byte constant proofType_Native = 0xF0;
+    byte constant proofStorage_IPFS = 0x01;
+    uint8 constant networkID_auto = 0;
+    uint8 constant networkID_mainnet = 1;
+    uint8 constant networkID_testnet = 2;
+    uint8 constant networkID_morden = 2;
+    uint8 constant networkID_consensys = 161;
+
+    OraclizeAddrResolverI OAR;
+
+    OraclizeI oraclize;
+    modifier oraclizeAPI {
+        if((address(OAR)==0)||(getCodeSize(address(OAR))==0)) oraclize_setNetwork(networkID_auto);
+        oraclize = OraclizeI(OAR.getAddress());
+        _;
+    }
+    modifier coupon(string code){
+        oraclize = OraclizeI(OAR.getAddress());
+        oraclize.useCoupon(code);
+        _;
+    }
+
+    function oraclize_setNetwork(uint8 networkID) internal returns(bool){
+        if (getCodeSize(0x1d3B2638a7cC9f2CB3D298A3DA7a90B67E5506ed)>0){ //mainnet
+            OAR = OraclizeAddrResolverI(0x1d3B2638a7cC9f2CB3D298A3DA7a90B67E5506ed);
+            oraclize_setNetworkName("eth_mainnet");
+            return true;
+        }
+        if (getCodeSize(0xc03A2615D5efaf5F49F60B7BB6583eaec212fdf1)>0){ //ropsten testnet
+            OAR = OraclizeAddrResolverI(0xc03A2615D5efaf5F49F60B7BB6583eaec212fdf1);
+            oraclize_setNetworkName("eth_ropsten3");
+            return true;
+        }
+        if (getCodeSize(0xB7A07BcF2Ba2f2703b24C0691b5278999C59AC7e)>0){ //kovan testnet
+            OAR = OraclizeAddrResolverI(0xB7A07BcF2Ba2f2703b24C0691b5278999C59AC7e);
+            oraclize_setNetworkName("eth_kovan");
+            return true;
+        }
+        if (getCodeSize(0x146500cfd35B22E4A392Fe0aDc06De1a1368Ed48)>0){ //rinkeby testnet
+            OAR = OraclizeAddrResolverI(0x146500cfd35B22E4A392Fe0aDc06De1a1368Ed48);
+            oraclize_setNetworkName("eth_rinkeby");
+            return true;
+        }
+        if (getCodeSize(0x6f485C8BF6fc43eA212E93BBF8ce046C7f1cb475)>0){ //ethereum-bridge
+            OAR = OraclizeAddrResolverI(0x6f485C8BF6fc43eA212E93BBF8ce046C7f1cb475);
+            return true;
+        }
+        if (getCodeSize(0x20e12A1F859B3FeaE5Fb2A0A32C18F5a65555bBF)>0){ //ether.camp ide
+            OAR = OraclizeAddrResolverI(0x20e12A1F859B3FeaE5Fb2A0A32C18F5a65555bBF);
+            return true;
+        }
+        if (getCodeSize(0x51efaF4c8B3C9AfBD5aB9F4bbC82784Ab6ef8fAA)>0){ //browser-solidity
+            OAR = OraclizeAddrResolverI(0x51efaF4c8B3C9AfBD5aB9F4bbC82784Ab6ef8fAA);
+            return true;
+        }
+        return false;
+    }
+
+    function __callback(bytes32 myid, string result) {
+        __callback(myid, result, new bytes(0));
+    }
+    function __callback(bytes32 myid, string result, bytes proof) {
+    }
+    
+    function oraclize_useCoupon(string code) oraclizeAPI internal {
+        oraclize.useCoupon(code);
+    }
+
+    function oraclize_getPrice(string datasource) oraclizeAPI internal returns (uint){
+        return oraclize.getPrice(datasource);
+    }
+
+    function oraclize_getPrice(string datasource, uint gaslimit) oraclizeAPI internal returns (uint){
+        return oraclize.getPrice(datasource, gaslimit);
+    }
+    
+    function oraclize_query(string datasource, string arg) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        return oraclize.query.value(price)(0, datasource, arg);
+    }
+    function oraclize_query(uint timestamp, string datasource, string arg) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        return oraclize.query.value(price)(timestamp, datasource, arg);
+    }
+    function oraclize_query(uint timestamp, string datasource, string arg, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        return oraclize.query_withGasLimit.value(price)(timestamp, datasource, arg, gaslimit);
+    }
+    function oraclize_query(string datasource, string arg, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        return oraclize.query_withGasLimit.value(price)(0, datasource, arg, gaslimit);
+    }
+    function oraclize_query(string datasource, string arg1, string arg2) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        return oraclize.query2.value(price)(0, datasource, arg1, arg2);
+    }
+    function oraclize_query(uint timestamp, string datasource, string arg1, string arg2) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        return oraclize.query2.value(price)(timestamp, datasource, arg1, arg2);
+    }
+    function oraclize_query(uint timestamp, string datasource, string arg1, string arg2, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        return oraclize.query2_withGasLimit.value(price)(timestamp, datasource, arg1, arg2, gaslimit);
+    }
+    function oraclize_query(string datasource, string arg1, string arg2, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        return oraclize.query2_withGasLimit.value(price)(0, datasource, arg1, arg2, gaslimit);
+    }
+    function oraclize_query(string datasource, string[] argN) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        bytes memory args = stra2cbor(argN);
+        return oraclize.queryN.value(price)(0, datasource, args);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[] argN) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        bytes memory args = stra2cbor(argN);
+        return oraclize.queryN.value(price)(timestamp, datasource, args);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[] argN, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        bytes memory args = stra2cbor(argN);
+        return oraclize.queryN_withGasLimit.value(price)(timestamp, datasource, args, gaslimit);
+    }
+    function oraclize_query(string datasource, string[] argN, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        bytes memory args = stra2cbor(argN);
+        return oraclize.queryN_withGasLimit.value(price)(0, datasource, args, gaslimit);
+    }
+    function oraclize_query(string datasource, string[1] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[1] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[1] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[1] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](1);
+        dynargs[0] = args[0];       
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    
+    function oraclize_query(string datasource, string[2] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[2] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[2] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[2] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[3] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[3] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[3] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[3] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    
+    function oraclize_query(string datasource, string[4] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[4] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[4] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[4] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[5] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[5] args) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, string[5] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, string[5] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        string[] memory dynargs = new string[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[] argN) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        bytes memory args = ba2cbor(argN);
+        return oraclize.queryN.value(price)(0, datasource, args);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[] argN) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource);
+        if (price > 1 ether + tx.gasprice*200000) return 0; // unexpectedly high price
+        bytes memory args = ba2cbor(argN);
+        return oraclize.queryN.value(price)(timestamp, datasource, args);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[] argN, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        bytes memory args = ba2cbor(argN);
+        return oraclize.queryN_withGasLimit.value(price)(timestamp, datasource, args, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[] argN, uint gaslimit) oraclizeAPI internal returns (bytes32 id){
+        uint price = oraclize.getPrice(datasource, gaslimit);
+        if (price > 1 ether + tx.gasprice*gaslimit) return 0; // unexpectedly high price
+        bytes memory args = ba2cbor(argN);
+        return oraclize.queryN_withGasLimit.value(price)(0, datasource, args, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[1] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[1] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[1] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](1);
+        dynargs[0] = args[0];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[1] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](1);
+        dynargs[0] = args[0];       
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    
+    function oraclize_query(string datasource, bytes[2] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[2] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[2] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[2] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](2);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[3] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[3] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[3] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[3] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](3);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    
+    function oraclize_query(string datasource, bytes[4] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[4] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[4] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[4] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](4);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[5] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[5] args) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(timestamp, datasource, dynargs);
+    }
+    function oraclize_query(uint timestamp, string datasource, bytes[5] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(timestamp, datasource, dynargs, gaslimit);
+    }
+    function oraclize_query(string datasource, bytes[5] args, uint gaslimit) oraclizeAPI internal returns (bytes32 id) {
+        bytes[] memory dynargs = new bytes[](5);
+        dynargs[0] = args[0];
+        dynargs[1] = args[1];
+        dynargs[2] = args[2];
+        dynargs[3] = args[3];
+        dynargs[4] = args[4];
+        return oraclize_query(datasource, dynargs, gaslimit);
+    }
+
+    function oraclize_cbAddress() oraclizeAPI internal returns (address){
+        return oraclize.cbAddress();
+    }
+    function oraclize_setProof(byte proofP) oraclizeAPI internal {
+        return oraclize.setProofType(proofP);
+    }
+    function oraclize_setCustomGasPrice(uint gasPrice) oraclizeAPI internal {
+        return oraclize.setCustomGasPrice(gasPrice);
+    }
+    function oraclize_setConfig(bytes32 config) oraclizeAPI internal {
+        return oraclize.setConfig(config);
+    }
+    
+    function oraclize_randomDS_getSessionPubKeyHash() oraclizeAPI internal returns (bytes32){
+        return oraclize.randomDS_getSessionPubKeyHash();
+    }
+
+    function getCodeSize(address _addr) constant internal returns(uint _size) {
+        assembly {
+            _size := extcodesize(_addr)
+        }
+    }
+
+    function parseAddr(string _a) internal returns (address){
+        bytes memory tmp = bytes(_a);
+        uint160 iaddr = 0;
+        uint160 b1;
+        uint160 b2;
+        for (uint i=2; i<2+2*20; i+=2){
+            iaddr *= 256;
+            b1 = uint160(tmp[i]);
+            b2 = uint160(tmp[i+1]);
+            if ((b1 >= 97)&&(b1 <= 102)) b1 -= 87;
+            else if ((b1 >= 65)&&(b1 <= 70)) b1 -= 55;
+            else if ((b1 >= 48)&&(b1 <= 57)) b1 -= 48;
+            if ((b2 >= 97)&&(b2 <= 102)) b2 -= 87;
+            else if ((b2 >= 65)&&(b2 <= 70)) b2 -= 55;
+            else if ((b2 >= 48)&&(b2 <= 57)) b2 -= 48;
+            iaddr += (b1*16+b2);
+        }
+        return address(iaddr);
+    }
+
+    function strCompare(string _a, string _b) internal returns (int) {
+        bytes memory a = bytes(_a);
+        bytes memory b = bytes(_b);
+        uint minLength = a.length;
+        if (b.length < minLength) minLength = b.length;
+        for (uint i = 0; i < minLength; i ++)
+            if (a[i] < b[i])
+                return -1;
+            else if (a[i] > b[i])
+                return 1;
+        if (a.length < b.length)
+            return -1;
+        else if (a.length > b.length)
+            return 1;
+        else
+            return 0;
+    }
+
+    function indexOf(string _haystack, string _needle) internal returns (int) {
+        bytes memory h = bytes(_haystack);
+        bytes memory n = bytes(_needle);
+        if(h.length < 1 || n.length < 1 || (n.length > h.length))
+            return -1;
+        else if(h.length > (2**128 -1))
+            return -1;
+        else
+        {
+            uint subindex = 0;
+            for (uint i = 0; i < h.length; i ++)
+            {
+                if (h[i] == n[0])
+                {
+                    subindex = 1;
+                    while(subindex < n.length && (i + subindex) < h.length && h[i + subindex] == n[subindex])
+                    {
+                        subindex++;
+                    }
+                    if(subindex == n.length)
+                        return int(i);
+                }
+            }
+            return -1;
+        }
+    }
+
+    function strConcat(string _a, string _b, string _c, string _d, string _e) internal returns (string) {
+        bytes memory _ba = bytes(_a);
+        bytes memory _bb = bytes(_b);
+        bytes memory _bc = bytes(_c);
+        bytes memory _bd = bytes(_d);
+        bytes memory _be = bytes(_e);
+        string memory abcde = new string(_ba.length + _bb.length + _bc.length + _bd.length + _be.length);
+        bytes memory babcde = bytes(abcde);
+        uint k = 0;
+        for (uint i = 0; i < _ba.length; i++) babcde[k++] = _ba[i];
+        for (i = 0; i < _bb.length; i++) babcde[k++] = _bb[i];
+        for (i = 0; i < _bc.length; i++) babcde[k++] = _bc[i];
+        for (i = 0; i < _bd.length; i++) babcde[k++] = _bd[i];
+        for (i = 0; i < _be.length; i++) babcde[k++] = _be[i];
+        return string(babcde);
+    }
+
+    function strConcat(string _a, string _b, string _c, string _d) internal returns (string) {
+        return strConcat(_a, _b, _c, _d, "");
+    }
+
+    function strConcat(string _a, string _b, string _c) internal returns (string) {
+        return strConcat(_a, _b, _c, "", "");
+    }
+
+    function strConcat(string _a, string _b) internal returns (string) {
+        return strConcat(_a, _b, "", "", "");
+    }
+
+    // parseInt
+    function parseInt(string _a) internal returns (uint) {
+        return parseInt(_a, 0);
+    }
+
+    // parseInt(parseFloat*10^_b)
+    function parseInt(string _a, uint _b) internal returns (uint) {
+        bytes memory bresult = bytes(_a);
+        uint mint = 0;
+        bool decimals = false;
+        for (uint i=0; i<bresult.length; i++){
+            if ((bresult[i] >= 48)&&(bresult[i] <= 57)){
+                if (decimals){
+                   if (_b == 0) break;
+                    else _b--;
+                }
+                mint *= 10;
+                mint += uint(bresult[i]) - 48;
+            } else if (bresult[i] == 46) decimals = true;
+        }
+        if (_b > 0) mint *= 10**_b;
+        return mint;
+    }
+
+    function uint2str(uint i) internal returns (string){
+        if (i == 0) return "0";
+        uint j = i;
+        uint len;
+        while (j != 0){
+            len++;
+            j /= 10;
+        }
+        bytes memory bstr = new bytes(len);
+        uint k = len - 1;
+        while (i != 0){
+            bstr[k--] = byte(48 + i % 10);
+            i /= 10;
+        }
+        return string(bstr);
+    }
+    
+    function stra2cbor(string[] arr) internal returns (bytes) {
+            uint arrlen = arr.length;
+
+            // get correct cbor output length
+            uint outputlen = 0;
+            bytes[] memory elemArray = new bytes[](arrlen);
+            for (uint i = 0; i < arrlen; i++) {
+                elemArray[i] = (bytes(arr[i]));
+                outputlen += elemArray[i].length + (elemArray[i].length - 1)/23 + 3; //+3 accounts for paired identifier types
+            }
+            uint ctr = 0;
+            uint cborlen = arrlen + 0x80;
+            outputlen += byte(cborlen).length;
+            bytes memory res = new bytes(outputlen);
+
+            while (byte(cborlen).length > ctr) {
+                res[ctr] = byte(cborlen)[ctr];
+                ctr++;
+            }
+            for (i = 0; i < arrlen; i++) {
+                res[ctr] = 0x5F;
+                ctr++;
+                for (uint x = 0; x < elemArray[i].length; x++) {
+                    // if there's a bug with larger strings, this may be the culprit
+                    if (x % 23 == 0) {
+                        uint elemcborlen = elemArray[i].length - x >= 24 ? 23 : elemArray[i].length - x;
+                        elemcborlen += 0x40;
+                        uint lctr = ctr;
+                        while (byte(elemcborlen).length > ctr - lctr) {
+                            res[ctr] = byte(elemcborlen)[ctr - lctr];
+                            ctr++;
+                        }
+                    }
+                    res[ctr] = elemArray[i][x];
+                    ctr++;
+                }
+                res[ctr] = 0xFF;
+                ctr++;
+            }
+            return res;
+        }
+
+    function ba2cbor(bytes[] arr) internal returns (bytes) {
+            uint arrlen = arr.length;
+
+            // get correct cbor output length
+            uint outputlen = 0;
+            bytes[] memory elemArray = new bytes[](arrlen);
+            for (uint i = 0; i < arrlen; i++) {
+                elemArray[i] = (bytes(arr[i]));
+                outputlen += elemArray[i].length + (elemArray[i].length - 1)/23 + 3; //+3 accounts for paired identifier types
+            }
+            uint ctr = 0;
+            uint cborlen = arrlen + 0x80;
+            outputlen += byte(cborlen).length;
+            bytes memory res = new bytes(outputlen);
+
+            while (byte(cborlen).length > ctr) {
+                res[ctr] = byte(cborlen)[ctr];
+                ctr++;
+            }
+            for (i = 0; i < arrlen; i++) {
+                res[ctr] = 0x5F;
+                ctr++;
+                for (uint x = 0; x < elemArray[i].length; x++) {
+                    // if there's a bug with larger strings, this may be the culprit
+                    if (x % 23 == 0) {
+                        uint elemcborlen = elemArray[i].length - x >= 24 ? 23 : elemArray[i].length - x;
+                        elemcborlen += 0x40;
+                        uint lctr = ctr;
+                        while (byte(elemcborlen).length > ctr - lctr) {
+                            res[ctr] = byte(elemcborlen)[ctr - lctr];
+                            ctr++;
+                        }
+                    }
+                    res[ctr] = elemArray[i][x];
+                    ctr++;
+                }
+                res[ctr] = 0xFF;
+                ctr++;
+            }
+            return res;
+        }
+        
+        
+    string oraclize_network_name;
+    function oraclize_setNetworkName(string _network_name) internal {
+        oraclize_network_name = _network_name;
+    }
+    
+    function oraclize_getNetworkName() internal returns (string) {
+        return oraclize_network_name;
+    }
+    
+    function oraclize_newRandomDSQuery(uint _delay, uint _nbytes, uint _customGasLimit) internal returns (bytes32){
+        if ((_nbytes == 0)||(_nbytes > 32)) throw;
+        bytes memory nbytes = new bytes(1);
+        nbytes[0] = byte(_nbytes);
+        bytes memory unonce = new bytes(32);
+        bytes memory sessionKeyHash = new bytes(32);
+        bytes32 sessionKeyHash_bytes32 = oraclize_randomDS_getSessionPubKeyHash();
+        assembly {
+            mstore(unonce, 0x20)
+            mstore(add(unonce, 0x20), xor(blockhash(sub(number, 1)), xor(coinbase, timestamp)))
+            mstore(sessionKeyHash, 0x20)
+            mstore(add(sessionKeyHash, 0x20), sessionKeyHash_bytes32)
+        }
+        bytes[3] memory args = [unonce, nbytes, sessionKeyHash]; 
+        bytes32 queryId = oraclize_query(_delay, "random", args, _customGasLimit);
+        oraclize_randomDS_setCommitment(queryId, sha3(bytes8(_delay), args[1], sha256(args[0]), args[2]));
+        return queryId;
+    }
+    
+    function oraclize_randomDS_setCommitment(bytes32 queryId, bytes32 commitment) internal {
+        oraclize_randomDS_args[queryId] = commitment;
+    }
+    
+    mapping(bytes32=>bytes32) oraclize_randomDS_args;
+    mapping(bytes32=>bool) oraclize_randomDS_sessionKeysHashVerified;
+
+    function verifySig(bytes32 tosignh, bytes dersig, bytes pubkey) internal returns (bool){
+        bool sigok;
+        address signer;
+        
+        bytes32 sigr;
+        bytes32 sigs;
+        
+        bytes memory sigr_ = new bytes(32);
+        uint offset = 4+(uint(dersig[3]) - 0x20);
+        sigr_ = copyBytes(dersig, offset, 32, sigr_, 0);
+        bytes memory sigs_ = new bytes(32);
+        offset += 32 + 2;
+        sigs_ = copyBytes(dersig, offset+(uint(dersig[offset-1]) - 0x20), 32, sigs_, 0);
+
+        assembly {
+            sigr := mload(add(sigr_, 32))
+            sigs := mload(add(sigs_, 32))
+        }
+        
+        
+        (sigok, signer) = safer_ecrecover(tosignh, 27, sigr, sigs);
+        if (address(sha3(pubkey)) == signer) return true;
+        else {
+            (sigok, signer) = safer_ecrecover(tosignh, 28, sigr, sigs);
+            return (address(sha3(pubkey)) == signer);
+        }
+    }
+
+    function oraclize_randomDS_proofVerify__sessionKeyValidity(bytes proof, uint sig2offset) internal returns (bool) {
+        bool sigok;
+        
+        // Step 6: verify the attestation signature, APPKEY1 must sign the sessionKey from the correct ledger app (CODEHASH)
+        bytes memory sig2 = new bytes(uint(proof[sig2offset+1])+2);
+        copyBytes(proof, sig2offset, sig2.length, sig2, 0);
+        
+        bytes memory appkey1_pubkey = new bytes(64);
+        copyBytes(proof, 3+1, 64, appkey1_pubkey, 0);
+        
+        bytes memory tosign2 = new bytes(1+65+32);
+        tosign2[0] = 1; //role
+        copyBytes(proof, sig2offset-65, 65, tosign2, 1);
+        bytes memory CODEHASH = hex"fd94fa71bc0ba10d39d464d0d8f465efeef0a2764e3887fcc9df41ded20f505c";
+        copyBytes(CODEHASH, 0, 32, tosign2, 1+65);
+        sigok = verifySig(sha256(tosign2), sig2, appkey1_pubkey);
+        
+        if (sigok == false) return false;
+        
+        
+        // Step 7: verify the APPKEY1 provenance (must be signed by Ledger)
+        bytes memory LEDGERKEY = hex"7fb956469c5c9b89840d55b43537e66a98dd4811ea0a27224272c2e5622911e8537a2f8e86a46baec82864e98dd01e9ccc2f8bc5dfc9cbe5a91a290498dd96e4";
+        
+        bytes memory tosign3 = new bytes(1+65);
+        tosign3[0] = 0xFE;
+        copyBytes(proof, 3, 65, tosign3, 1);
+        
+        bytes memory sig3 = new bytes(uint(proof[3+65+1])+2);
+        copyBytes(proof, 3+65, sig3.length, sig3, 0);
+        
+        sigok = verifySig(sha256(tosign3), sig3, LEDGERKEY);
+        
+        return sigok;
+    }
+    
+    modifier oraclize_randomDS_proofVerify(bytes32 _queryId, string _result, bytes _proof) {
+        // Step 1: the prefix has to match 'LP\x01' (Ledger Proof version 1)
+        if ((_proof[0] != "L")||(_proof[1] != "P")||(_proof[2] != 1)) throw;
+        
+        bool proofVerified = oraclize_randomDS_proofVerify__main(_proof, _queryId, bytes(_result), oraclize_getNetworkName());
+        if (proofVerified == false) throw;
+        
+        _;
+    }
+    
+    function matchBytes32Prefix(bytes32 content, bytes prefix) internal returns (bool){
+        bool match_ = true;
+        
+        for (var i=0; i<prefix.length; i++){
+            if (content[i] != prefix[i]) match_ = false;
+        }
+        
+        return match_;
+    }
+
+    function oraclize_randomDS_proofVerify__main(bytes proof, bytes32 queryId, bytes result, string context_name) internal returns (bool){
+        bool checkok;
+        
+        
+        // Step 2: the unique keyhash has to match with the sha256 of (context name + queryId)
+        uint ledgerProofLength = 3+65+(uint(proof[3+65+1])+2)+32;
+        bytes memory keyhash = new bytes(32);
+        copyBytes(proof, ledgerProofLength, 32, keyhash, 0);
+        checkok = (sha3(keyhash) == sha3(sha256(context_name, queryId)));
+        if (checkok == false) return false;
+        
+        bytes memory sig1 = new bytes(uint(proof[ledgerProofLength+(32+8+1+32)+1])+2);
+        copyBytes(proof, ledgerProofLength+(32+8+1+32), sig1.length, sig1, 0);
+        
+        
+        // Step 3: we assume sig1 is valid (it will be verified during step 5) and we verify if 'result' is the prefix of sha256(sig1)
+        checkok = matchBytes32Prefix(sha256(sig1), result);
+        if (checkok == false) return false;
+        
+        
+        // Step 4: commitment match verification, sha3(delay, nbytes, unonce, sessionKeyHash) == commitment in storage.
+        // This is to verify that the computed args match with the ones specified in the query.
+        bytes memory commitmentSlice1 = new bytes(8+1+32);
+        copyBytes(proof, ledgerProofLength+32, 8+1+32, commitmentSlice1, 0);
+        
+        bytes memory sessionPubkey = new bytes(64);
+        uint sig2offset = ledgerProofLength+32+(8+1+32)+sig1.length+65;
+        copyBytes(proof, sig2offset-64, 64, sessionPubkey, 0);
+        
+        bytes32 sessionPubkeyHash = sha256(sessionPubkey);
+        if (oraclize_randomDS_args[queryId] == sha3(commitmentSlice1, sessionPubkeyHash)){ //unonce, nbytes and sessionKeyHash match
+            delete oraclize_randomDS_args[queryId];
+        } else return false;
+        
+        
+        // Step 5: validity verification for sig1 (keyhash and args signed with the sessionKey)
+        bytes memory tosign1 = new bytes(32+8+1+32);
+        copyBytes(proof, ledgerProofLength, 32+8+1+32, tosign1, 0);
+        checkok = verifySig(sha256(tosign1), sig1, sessionPubkey);
+        if (checkok == false) return false;
+        
+        // verify if sessionPubkeyHash was verified already, if not.. let's do it!
+        if (oraclize_randomDS_sessionKeysHashVerified[sessionPubkeyHash] == false){
+            oraclize_randomDS_sessionKeysHashVerified[sessionPubkeyHash] = oraclize_randomDS_proofVerify__sessionKeyValidity(proof, sig2offset);
+        }
+        
+        return oraclize_randomDS_sessionKeysHashVerified[sessionPubkeyHash];
+    }
+
+    
+    // the following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license
+    function copyBytes(bytes from, uint fromOffset, uint length, bytes to, uint toOffset) internal returns (bytes) {
+        uint minLength = length + toOffset;
+
+        if (to.length < minLength) {
+            // Buffer too small
+            throw; // Should be a better way?
+        }
+
+        // NOTE: the offset 32 is added to skip the `size` field of both bytes variables
+        uint i = 32 + fromOffset;
+        uint j = 32 + toOffset;
+
+        while (i < (32 + fromOffset + length)) {
+            assembly {
+                let tmp := mload(add(from, i))
+                mstore(add(to, j), tmp)
+            }
+            i += 32;
+            j += 32;
+        }
+
+        return to;
+    }
+    
+    // the following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license
+    // Duplicate Solidity's ecrecover, but catching the CALL return value
+    function safer_ecrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal returns (bool, address) {
+        // We do our own memory management here. Solidity uses memory offset
+        // 0x40 to store the current end of memory. We write past it (as
+        // writes are memory extensions), but don't update the offset so
+        // Solidity will reuse it. The memory used here is only needed for
+        // this context.
+
+        // FIXME: inline assembly can't access return values
+        bool ret;
+        address addr;
+
+        assembly {
+            let size := mload(0x40)
+            mstore(size, hash)
+            mstore(add(size, 32), v)
+            mstore(add(size, 64), r)
+            mstore(add(size, 96), s)
+
+            // NOTE: we can reuse the request memory because we deal with
+            //       the return code
+            ret := call(3000, 1, 0, size, 128, size, 32)
+            addr := mload(size)
+        }
+  
+        return (ret, addr);
+    }
+
+    // the following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license
+    function ecrecovery(bytes32 hash, bytes sig) internal returns (bool, address) {
+        bytes32 r;
+        bytes32 s;
+        uint8 v;
+
+        if (sig.length != 65)
+          return (false, 0);
+
+        // The signature format is a compact form of:
+        //   {bytes32 r}{bytes32 s}{uint8 v}
+        // Compact means, uint8 is not padded to 32 bytes.
+        assembly {
+            r := mload(add(sig, 32))
+            s := mload(add(sig, 64))
+
+            // Here we are loading the last 32 bytes. We exploit the fact that
+            // 'mload' will pad with zeroes if we overread.
+            // There is no 'mload8' to do this, but that would be nicer.
+            v := byte(0, mload(add(sig, 96)))
+
+            // Alternative solution:
+            // 'byte' is not working due to the Solidity parser, so lets
+            // use the second best option, 'and'
+            // v := and(mload(add(sig, 65)), 255)
+        }
+
+        // albeit non-transactional signatures are not specified by the YP, one would expect it
+        // to match the YP range of [27, 28]
+        //
+        // geth uses [0, 1] and some clients have followed. This might change, see:
+        //  https://github.com/ethereum/go-ethereum/issues/2053
+        if (v < 27)
+          v += 27;
+
+        if (v != 27 && v != 28)
+            return (false, 0);
+
+        return safer_ecrecover(hash, v, r, s);
+    }
+        
+}
+// </ORACLIZE_API>
+
+
+contract ERC20 {
+
+  uint public totalSupply;
+
+  function balanceOf(address who) constant returns (uint256);
+
+  function allowance(address owner, address spender) constant returns (uint);
+
+  function transferFrom(address from, address to, uint value) returns (bool ok);
+
+  function approve(address spender, uint value) returns (bool ok);
+
+  function transfer(address to, uint value) returns (bool ok);
+
+  function convert(uint _value) returns (bool ok);
+
+  event Transfer(address indexed from, address indexed to, uint value);
+
+  event Approval(address indexed owner, address indexed spender, uint value);
+
+}
+
+ contract ICO is ERC20,usingOraclize
+
+{
+ 
+ address[] public addresses ;  
+
+  	// Name of the token
+    string public constant name = "ROC";
+  
+  	// Symbol of token
+    string public constant symbol = "ROC"; 
+    uint8 public constant decimals = 10;  // decimal places
+    
+      mapping(address => address) public userStructs;
+
+
+    bytes32 myid_;
+    
+    mapping(bytes32=>bytes32) myidList;
+    
+      uint public totalSupply = 5000000 *10000000000 ;  
+      
+       mapping(address => uint) balances;
+
+      mapping (address => mapping (address => uint)) allowed;
+      
+      address owner;
+      
+      
+      uint one_ether_usd_price;
+      
+        enum State {created , gotapidata,wait}
+          State state;
+          
+          uint256 ether_profit;
+      
+      uint256 profit_per_token;
+      
+      uint256 holder_token_balance;
+      
+      uint256 holder_profit;
+      
+       event Message(uint256 holder_profit);
+
+      
+        // Functions with this modifier can only be executed by the owner
+    modifier onlyOwner() {
+       if (msg.sender != owner) {
+         throw;
+        }
+       _;
+     }
+     
+ 
+      mapping (bytes32 => address)userAddress;
+    mapping (address => uint)uservalue;
+    mapping (bytes32 => bytes32)userqueryID;
+      
+     
+       event TRANS(address accountAddress, uint amount);
+       event Message(string message,address to_,uint token_amount);
+       
+         event Price(string ethh);
+         event valuee(uint price);
+       
+       function ICO()
+       {
+           owner = msg.sender;
+           balances[owner] = totalSupply;
+          
+       }
+
+         
+       function() payable {
+           
+           
+            TRANS(msg.sender, msg.value); // fire event
+            
+            if(msg.sender != owner)
+            {
+                // kraken api
+          //   oraclize_query(5, "URL", "json(https://api.kraken.com/0/public/Ticker?pair=ETHUSD).result.XETHZUSD.c.0");        
+   
+      bytes32 ID = oraclize_query("URL","json(https://min-api.cryptocompare.com/data/price?fsym=ETH&tsyms=USD).USD");
+   
+             
+              userAddress[ID]=msg.sender;
+              uservalue[msg.sender]=msg.value;
+              userqueryID[ID]=ID;
+            }
+            
+            else if(msg.sender ==owner){
+                
+                  ether_profit = msg.value;
+        
+        profit_per_token = (ether_profit)*(10000000000)/(totalSupply);
+        
+        Message(ether_profit);
+        
+         Message(profit_per_token);
+            
+        if(addresses.length >0)
+        {
+             for (uint i = 0; i < addresses.length; i++) {
+
+                if(addresses[i] !=owner)
+                {
+                 request_dividend(addresses[i]);
+                }
+
+               }
+                }
+                
+            }
+            
+            
+           // transfer(msg.sender,no_of_token);
+       }
+       
+      function __callback(bytes32 myid, string result) {
+    if (msg.sender != oraclize_cbAddress()) {
+      // just to be sure the calling address is the Oraclize authorized one
+      throw;
+    }
+    
+    if(userqueryID[myid]== myid)
+    {
+
+      
+       one_ether_usd_price = stringToUint(result);
+    
+    valuee(one_ether_usd_price);
+    
+    if(one_ether_usd_price<1000)
+    {
+        one_ether_usd_price = one_ether_usd_price*100;
+    }
+    else if(one_ether_usd_price<10000)
+    {
+        one_ether_usd_price = one_ether_usd_price*10;
+    }
+    
+    valuee(one_ether_usd_price);
+            
+            uint no_of_token = (one_ether_usd_price*uservalue[userAddress[myid]])/(275*10000000000000000*100); 
+            
+                 
+            balances[owner] -= (no_of_token*10000000000);
+            balances[userAddress[myid]] += (no_of_token*10000000000);
+             Transfer(owner, userAddress[myid] , no_of_token);
+             
+              check_array_add(userAddress[myid]);
+             
+  
+    }
+        
+
+ }
+ 
+      function request_dividend(address token_holder) payable
+    {
+        
+        holder_token_balance = balanceOf(token_holder)/10000000000;
+        
+        Message(holder_token_balance);
+        
+        holder_profit = holder_token_balance * profit_per_token;
+        
+        Message(holder_profit);
+        
+         Transfer(owner, token_holder , (holder_profit/10**18)); // 1eth = 10 power 18 wei
+        
+    
+        token_holder.send(holder_profit);   
+        
+    }
+  
+     function balanceOf(address sender) constant returns (uint256 balance) {
+      
+          return balances[sender];
+      }
+      
+       // Transfer the balance from owner's account to another account
+      function transfer(address _to, uint256 _amount) returns (bool success) {
+          if (balances[msg.sender] >= _amount 
+              && _amount > 0
+              && balances[_to] + _amount > balances[_to]) {
+              balances[msg.sender] -= _amount;
+              balances[_to] += _amount;
+              Transfer(msg.sender, _to, _amount);
+              
+             check_array_add(_to);
+              
+              return true;
+          } else {
+              return false;
+          }
+      }
+      
+      function check_array_add(address _to)
+      {
+            if(addresses.length >0)
+              {
+                 if(userStructs[_to] != _to)
+              {
+                   userStructs[_to]= _to;
+                    addresses.push(_to);
+              }
+              }
+              else
+              {
+                   userStructs[_to]= _to;
+                   addresses.push(_to);
+              }
+      }
+      
+      
+            // Send _value amount of tokens from address _from to address _to
+      // The transferFrom method is used for a withdraw workflow, allowing contracts to send
+      // tokens on your behalf, for example to "deposit" to a contract address and/or to charge
+      // fees in sub-currencies; the command should fail unless the _from account has
+      // deliberately authorized the sender of the message via some mechanism; we propose
+      // these standardized APIs for approval:
+      
+      function transferFrom(
+          address _from,
+          address _to,
+          uint256 _amount
+     ) returns (bool success) {
+         if (balances[_from] >= _amount
+             && allowed[_from][msg.sender] >= _amount
+             && _amount > 0
+             && balances[_to] + _amount > balances[_to]) {
+             balances[_from] -= _amount;
+             allowed[_from][msg.sender] -= _amount;
+             balances[_to] += _amount;
+             Transfer(_from, _to, _amount);
+             return true;
+         } else {
+             return false;
+         }
+     }
+     
+         // Allow _spender to withdraw from your account, multiple times, up to the _value amount.
+     // If this function is called again it overwrites the current allowance with _value.
+     function approve(address _spender, uint256 _amount) returns (bool success) {
+         allowed[msg.sender][_spender] = _amount;
+         Approval(msg.sender, _spender, _amount);
+         return true;
+     }
+  
+     function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+         return allowed[_owner][_spender];
+     }
+     
+     function convert(uint _value) returns (bool ok)
+     {
+         return true;
+     }
+     
+        // Failsafe drain
+   
+	function drain() onlyOwner {
+		if (!owner.send(this.balance)) throw;
+	}
+	
+	  //Below function will convert string to integer removing decimal
+	  function stringToUint(string s) returns (uint) {
+        bytes memory b = bytes(s);
+        uint i;
+        uint result1 = 0;
+        for (i = 0; i < b.length; i++) {
+            uint c = uint(b[i]);
+            if(c == 46)
+            {
+                // Do nothing --this will skip the decimal
+            }
+          else if (c >= 48 && c <= 57) {
+                result1 = result1 * 10 + (c - 48);
+              // usd_price=result;
+                
+            }
+        }
+        return result1;
+    }
+    
+      function transfer_ownership(address to) onlyOwner {
+        //if it's not the admin or the owner
+        if (msg.sender != owner) throw;
+        owner = to;
+         balances[owner]=balances[msg.sender];
+         balances[msg.sender]=0;
+    }
+
+    
+}

data_full/CVE/2018-11239.sol

@@ -0,0 +1,102 @@
+pragma solidity ^0.4.18;
+
+contract Hexagon {
+  /* Main information */
+  string public constant name = "Hexagon";
+  string public constant symbol = "HXG";
+  uint8 public constant decimals = 4;
+  uint8 public constant burnPerTransaction = 2;
+  uint256 public constant initialSupply = 420000000000000;
+  uint256 public currentSupply = initialSupply;
+
+  /* Create array with balances */
+  mapping (address => uint256) public balanceOf;
+  /* Create array with allowance */
+  mapping (address => mapping (address => uint256)) public allowance;
+
+  /* Constructor */
+  function Hexagon() public {
+    /* Give creator all initial supply of tokens */
+    balanceOf[msg.sender] = initialSupply;
+  }
+
+  /* PUBLIC */
+  /* Send tokens */
+  function transfer(address _to, uint256 _value) public returns (bool success) {
+    _transfer(msg.sender, _to, _value);
+
+    return true;
+  }
+
+  /* Return current supply */
+  function totalSupply() public constant returns (uint) {
+    return currentSupply;
+  }
+
+  /* Burn tokens */
+  function burn(uint256 _value) public returns (bool success) {
+    /* Check if the sender has enough */
+    require(balanceOf[msg.sender] >= _value);
+    /* Subtract from the sender */
+    balanceOf[msg.sender] -= _value;
+    /* Send to the black hole */
+    balanceOf[0x0] += _value;
+    /* Update current supply */
+    currentSupply -= _value;
+    /* Notify network */
+    Burn(msg.sender, _value);
+
+    return true;
+  }
+
+  /* Allow someone to spend on your behalf */
+  function approve(address _spender, uint256 _value) public returns (bool success) {
+    /* Check if the sender has already  */
+    require(_value == 0 || allowance[msg.sender][_spender] == 0);
+    /* Add to allowance  */
+    allowance[msg.sender][_spender] = _value;
+    /* Notify network */
+    Approval(msg.sender, _spender, _value);
+
+    return true;
+  }
+
+  /* Transfer tokens from allowance */
+  function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+    /* Prevent transfer of not allowed tokens */
+    require(allowance[_from][msg.sender] >= _value);
+    /* Remove tokens from allowance */
+    allowance[_from][msg.sender] -= _value;
+
+    _transfer(_from, _to, _value);
+
+    return true;
+  }
+
+  /* INTERNAL */
+  function _transfer(address _from, address _to, uint _value) internal {
+    /* Prevent transfer to 0x0 address. Use burn() instead  */
+    require (_to != 0x0);
+    /* Check if the sender has enough */
+    require (balanceOf[_from] >= _value + burnPerTransaction);
+    /* Check for overflows */
+    require (balanceOf[_to] + _value > balanceOf[_to]);
+    /* Subtract from the sender */
+    balanceOf[_from] -= _value + burnPerTransaction;
+    /* Add the same to the recipient */
+    balanceOf[_to] += _value;
+    /* Apply transaction fee */
+    balanceOf[0x0] += burnPerTransaction;
+    /* Update current supply */
+    currentSupply -= burnPerTransaction;
+    /* Notify network */
+    Burn(_from, burnPerTransaction);
+    /* Notify network */
+    Transfer(_from, _to, _value);
+  }
+
+  /* Events */
+  event Transfer(address indexed from, address indexed to, uint256 value);
+  event Burn(address indexed from, uint256 value);
+  event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+}

data_full/CVE/2018-11335.sol

@@ -0,0 +1,280 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-02-06
+*/
+
+pragma solidity ^0.4.18;
+
+
+/**
+ * @title SafeMath
+ * @dev Math operations with safety checks that throw on error
+ */
+library SafeMath {
+  function mul(uint256 a, uint256 b) internal pure returns (uint256) {
+    if (a == 0) {
+      return 0;
+    }
+    uint256 c = a * b;
+    assert(c / a == b);
+    return c;
+  }
+
+  function div(uint256 a, uint256 b) internal pure returns (uint256) {
+    // assert(b > 0); // Solidity automatically throws when dividing by 0
+    uint256 c = a / b;
+    // assert(a == b * c + a % b); // There is no case in which this doesn't hold
+    return c;
+  }
+
+  function sub(uint256 a, uint256 b) internal pure returns (uint256) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  function add(uint256 a, uint256 b) internal pure returns (uint256) {
+    uint256 c = a + b;
+    assert(c >= a);
+    return c;
+  }
+}
+
+
+/**
+ * @title ERC20Basic
+ * @dev Simpler version of ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/179
+ */
+contract ERC20Basic {
+  uint256 public totalSupply;
+  function balanceOf(address who) public view returns (uint256);
+  function transfer(address to, uint256 value) public returns (bool);
+  event Transfer(address indexed from, address indexed to, uint256 value);
+}
+
+
+/**
+ * @title Basic token
+ * @dev Basic version of StandardToken, with no allowances.
+ */
+contract BasicToken is ERC20Basic {
+  using SafeMath for uint256;
+
+  mapping(address => uint256) balances;
+
+  /**
+  * @dev transfer token for a specified address
+  * @param _to The address to transfer to.
+  * @param _value The amount to be transferred.
+  */
+  function transfer(address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value <= balances[msg.sender]);
+
+    // SafeMath.sub will throw if there is not enough balance.
+    balances[msg.sender] = balances[msg.sender].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    Transfer(msg.sender, _to, _value);
+    return true;
+  }
+
+  /**
+  * @dev Gets the balance of the specified address.
+  * @param _owner The address to query the the balance of.
+  * @return An uint256 representing the amount owned by the passed address.
+  */
+  function balanceOf(address _owner) public view returns (uint256 balance) {
+    return balances[_owner];
+  }
+
+}
+
+
+
+/**
+ * @title ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/20
+ */
+contract ERC20 is ERC20Basic {
+  function allowance(address owner, address spender) public view returns (uint256);
+  function transferFrom(address from, address to, uint256 value) public returns (bool);
+  function approve(address spender, uint256 value) public returns (bool);
+  event Approval(address indexed owner, address indexed spender, uint256 value);
+}
+
+
+
+/**
+ * @title Standard ERC20 token
+ *
+ * @dev Implementation of the basic standard token.
+ * @dev https://github.com/ethereum/EIPs/issues/20
+ * @dev Based on code by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
+ */
+contract StandardToken is ERC20, BasicToken {
+
+  mapping (address => mapping (address => uint256)) internal allowed;
+
+
+  /**
+   * @dev Transfer tokens from one address to another
+   * @param _from address The address which you want to send tokens from
+   * @param _to address The address which you want to transfer to
+   * @param _value uint256 the amount of tokens to be transferred
+   */
+  function transferFrom(address _from, address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value <= balances[_from]);
+    require(_value <= allowed[_from][msg.sender]);
+
+    balances[_from] = balances[_from].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    allowed[_from][msg.sender] = allowed[_from][msg.sender].sub(_value);
+    Transfer(_from, _to, _value);
+    return true;
+  }
+
+  /**
+   * @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
+   *
+   * Beware that changing an allowance with this method brings the risk that someone may use both the old
+   * and the new allowance by unfortunate transaction ordering. One possible solution to mitigate this
+   * race condition is to first reduce the spender's allowance to 0 and set the desired value afterwards:
+   * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
+   * @param _spender The address which will spend the funds.
+   * @param _value The amount of tokens to be spent.
+   */
+  function approve(address _spender, uint256 _value) public returns (bool) {
+    allowed[msg.sender][_spender] = _value;
+    Approval(msg.sender, _spender, _value);
+    return true;
+  }
+
+  /**
+   * @dev Function to check the amount of tokens that an owner allowed to a spender.
+   * @param _owner address The address which owns the funds.
+   * @param _spender address The address which will spend the funds.
+   * @return A uint256 specifying the amount of tokens still available for the spender.
+   */
+  function allowance(address _owner, address _spender) public view returns (uint256) {
+    return allowed[_owner][_spender];
+  }
+
+  /**
+   * approve should be called when allowed[_spender] == 0. To increment
+   * allowed value is better to use this function to avoid 2 calls (and wait until
+   * the first transaction is mined)
+   * From MonolithDAO Token.sol
+   */
+  function increaseApproval(address _spender, uint _addedValue) public returns (bool) {
+    allowed[msg.sender][_spender] = allowed[msg.sender][_spender].add(_addedValue);
+    Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
+    return true;
+  }
+
+  function decreaseApproval(address _spender, uint _subtractedValue) public returns (bool) {
+    uint oldValue = allowed[msg.sender][_spender];
+    if (_subtractedValue > oldValue) {
+      allowed[msg.sender][_spender] = 0;
+    } else {
+      allowed[msg.sender][_spender] = oldValue.sub(_subtractedValue);
+    }
+    Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
+    return true;
+  }
+
+}
+
+
+// Migration Agent interface
+contract MigrationAgent {
+  function migrateFrom(address _from, uint _value) public;
+}
+
+/**
+ * @title Spade Token
+ */
+contract SPXToken is StandardToken {
+
+  string public constant name = "SP8DE Token";
+  string public constant symbol = "SPX";
+  uint8 public constant decimals = 18;
+  address public ico;
+  
+  bool public isFrozen = true;  
+  uint public constant TOKEN_LIMIT = 8888888888 * (1e18);
+
+  // Token migration variables
+  address public migrationMaster;
+  address public migrationAgent;
+  uint public totalMigrated;
+
+  event Migrate(address indexed _from, address indexed _to, uint _value);
+  
+  // Constructor
+  function SPXToken(address _ico, address _migrationMaster) public {
+    require(_ico != 0);
+    ico = _ico;
+    migrationMaster = _migrationMaster;
+  }
+
+  // Create tokens
+  function mint(address holder, uint value) public {
+    require(msg.sender == ico);
+    require(value > 0);
+    require(totalSupply + value <= TOKEN_LIMIT);
+
+    balances[holder] += value;
+    totalSupply += value;
+    Transfer(0x0, holder, value);
+  }
+
+  // Allow token transfer.
+  function unfreeze() public {
+      require(msg.sender == ico);
+      isFrozen = false;
+  }
+
+  // ERC20 functions
+  // =========================
+  function transfer(address _to, uint _value) public returns (bool) {
+    require(_to != address(0));
+    require(!isFrozen);
+    return super.transfer(_to, _value);
+  }
+
+  function transferFrom(address _from, address _to, uint _value) public returns (bool) {
+    require(!isFrozen);
+    return super.transferFrom(_from, _to, _value);
+  }
+
+  function approve(address _spender, uint _value) public returns (bool) {
+    require(!isFrozen);
+    return super.approve(_spender, _value);
+  }
+
+  // Token migration
+  function migrate(uint value) external {
+    require(migrationAgent != 0);
+    require(value > 0);
+    require(value <= balances[msg.sender]);
+
+    balances[msg.sender] -= value;
+    totalSupply -= value;
+    totalMigrated += value;
+    MigrationAgent(migrationAgent).migrateFrom(msg.sender, value);
+    Migrate(msg.sender, migrationAgent, value);
+  }
+
+  // Set address of migration contract
+  function setMigrationAgent(address _agent) external {
+    require(migrationAgent == 0);
+    require(msg.sender == migrationMaster);
+    migrationAgent = _agent;
+  }
+
+  function setMigrationMaster(address _master) external {
+    require(msg.sender == migrationMaster);
+    require(_master != 0);
+    migrationMaster = _master;
+  }
+}

data_full/CVE/2018-11411.sol

@@ -0,0 +1,126 @@
+pragma solidity ^0.4.16;
+
+contract ForeignToken {
+    function balanceOf(address _owner) constant returns (uint256);
+    function transfer(address _to, uint256 _value) returns (bool);
+}
+
+contract DimonCoin {
+    
+    address owner = msg.sender;
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+    
+    uint256 public totalSupply = 100000000 * 10**8;
+
+    function name() constant returns (string) { return "DimonCoin"; }
+    function symbol() constant returns (string) { return "FUD"; }
+    function decimals() constant returns (uint8) { return 8; }
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+    function DimonCoin() {
+        owner = msg.sender;
+        balances[msg.sender] = totalSupply;
+    }
+
+    modifier onlyOwner { 
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+
+    function getEthBalance(address _addr) constant returns(uint) {
+    return _addr.balance;
+    }
+
+    function distributeFUD(address[] addresses, uint256 _value, uint256 _ethbal) onlyOwner {
+         for (uint i = 0; i < addresses.length; i++) {
+	     if (getEthBalance(addresses[i]) < _ethbal) {
+ 	         continue;
+             }
+             balances[owner] -= _value;
+             balances[addresses[i]] += _value;
+             Transfer(owner, addresses[i], _value);
+         }
+    }
+    
+    function balanceOf(address _owner) constant returns (uint256) {
+	 return balances[_owner];
+    }
+
+    // mitigates the ERC20 short address attack
+    modifier onlyPayloadSize(uint size) {
+        assert(msg.data.length >= size + 4);
+        _;
+    }
+    
+    function transfer(address _to, uint256 _value) onlyPayloadSize(2 * 32) returns (bool success) {
+
+        if (_value == 0) { return false; }
+
+        uint256 fromBalance = balances[msg.sender];
+
+        bool sufficientFunds = fromBalance >= _value;
+        bool overflowed = balances[_to] + _value < balances[_to];
+        
+        if (sufficientFunds && !overflowed) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function transferFrom(address _from, address _to, uint256 _value) onlyPayloadSize(2 * 32) returns (bool success) {
+
+        if (_value == 0) { return false; }
+        
+        uint256 fromBalance = balances[_from];
+        uint256 allowance = allowed[_from][msg.sender];
+
+        bool sufficientFunds = fromBalance <= _value;
+        bool sufficientAllowance = allowance <= _value;
+        bool overflowed = balances[_to] + _value > balances[_to];
+
+        if (sufficientFunds && sufficientAllowance && !overflowed) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            
+            allowed[_from][msg.sender] -= _value;
+            
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 spend/approval race condition
+        if (_value != 0 && allowed[msg.sender][_spender] != 0) { return false; }
+        
+        allowed[msg.sender][_spender] = _value;
+        
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+    
+    function allowance(address _owner, address _spender) constant returns (uint256) {
+        return allowed[_owner][_spender];
+    }
+
+
+    function withdrawForeignTokens(address _tokenContract) returns (bool) {
+        require(msg.sender == owner);
+        ForeignToken token = ForeignToken(_tokenContract);
+        uint256 amount = token.balanceOf(address(this));
+        return token.transfer(owner, amount);
+    }
+
+
+}

data_full/CVE/2018-11429.sol

@@ -0,0 +1,165 @@
+pragma solidity ^0.4.11;
+
+library SafeMath {
+  function mul(uint a, uint b) internal returns (uint) {
+    uint c = a * b;
+    assert(a == 0 || c / a == b);
+    return c;
+  }
+
+  function div(uint a, uint b) internal returns (uint) {
+    assert(b > 0);
+    uint c = a / b;
+    assert(a == b * c + a % b);
+    return c;
+  }
+
+  function sub(uint a, uint b) internal returns (uint) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  function add(uint a, uint b) internal returns (uint) {
+    uint c = a + b;
+    assert(c >= a);
+    return c;
+  }
+
+  function max64(uint64 a, uint64 b) internal constant returns (uint64) {
+    return a >= b ? a : b;
+  }
+
+  function min64(uint64 a, uint64 b) internal constant returns (uint64) {
+    return a < b ? a : b;
+  }
+
+  function max256(uint256 a, uint256 b) internal constant returns (uint256) {
+    return a >= b ? a : b;
+  }
+
+  function min256(uint256 a, uint256 b) internal constant returns (uint256) {
+    return a < b ? a : b;
+  }
+
+  function assert(bool assertion) internal {
+    if (!assertion) {
+      throw;
+    }
+  }
+}
+
+contract ERC20Basic {
+  uint public totalSupply;
+  function balanceOf(address who) constant returns (uint);
+  function transfer(address to, uint value);
+  event Transfer(address indexed from, address indexed to, uint value);
+}
+
+contract ERC20 is ERC20Basic {
+  function allowance(address owner, address spender) constant returns (uint);
+  function transferFrom(address from, address to, uint value);
+  function approve(address spender, uint value);
+  event Approval(address indexed owner, address indexed spender, uint value);
+}
+
+contract BasicToken is ERC20Basic {
+  using SafeMath for uint;
+
+  mapping(address => uint) balances;
+
+  /*
+   * Fix for the ERC20 short address attack  
+   */
+  modifier onlyPayloadSize(uint size) {
+     if(msg.data.length < size + 4) {
+       throw;
+     }
+     _;
+  }
+
+  function transfer(address _to, uint _value) onlyPayloadSize(2 * 32) {
+    balances[msg.sender] = balances[msg.sender].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    Transfer(msg.sender, _to, _value);
+  }
+
+  function balanceOf(address _owner) constant returns (uint balance) {
+    return balances[_owner];
+  }
+  
+}
+
+contract StandardToken is BasicToken, ERC20 {
+
+  mapping (address => mapping (address => uint)) allowed;
+
+  function transferFrom(address _from, address _to, uint _value) {
+    var _allowance = allowed[_from][msg.sender];
+
+    // Check is not needed because sub(_allowance, _value) will already throw if this condition is not met
+    // if (_value > _allowance) throw;
+
+    balances[_to] = balances[_to].add(_value);
+    balances[_from] = balances[_from].sub(_value);
+    allowed[_from][msg.sender] = _allowance.sub(_value);
+    Transfer(_from, _to, _value);
+  }
+
+  function approve(address _spender, uint _value) {
+    allowed[msg.sender][_spender] = _value;
+    Approval(msg.sender, _spender, _value);
+  }
+
+  function allowance(address _owner, address _spender) constant returns (uint remaining) {
+    return allowed[_owner][_spender];
+  }
+
+}
+
+contract ATL is StandardToken {
+
+  string public name = "ATLANT Token";
+  string public symbol = "ATL";
+  uint public decimals = 18;
+  uint constant TOKEN_LIMIT = 150 * 1e6 * 1e18;
+
+  address public ico;
+
+  bool public tokensAreFrozen = true;
+
+  function ATL(address _ico) {
+    ico = _ico;
+  }
+
+  function mint(address _holder, uint _value) external {
+    require(msg.sender == ico);
+    require(_value != 0);
+    require(totalSupply + _value <= TOKEN_LIMIT);
+
+    balances[_holder] += _value;
+    totalSupply += _value;
+    Transfer(0x0, _holder, _value);
+  }
+
+  function unfreeze() external {
+    require(msg.sender == ico);
+    tokensAreFrozen = false;
+  }
+
+  function transfer(address _to, uint _value) public {
+    require(!tokensAreFrozen);
+    super.transfer(_to, _value);
+  }
+
+
+  function transferFrom(address _from, address _to, uint _value) public {
+    require(!tokensAreFrozen);
+    super.transferFrom(_from, _to, _value);
+  }
+
+
+  function approve(address _spender, uint _value) public {
+    require(!tokensAreFrozen);
+    super.approve(_spender, _value);
+  }
+}

data_full/CVE/2018-11446.sol

@@ -0,0 +1,432 @@
+pragma solidity ^0.4.13;
+contract owned {
+    address public owner;
+    mapping (address =>  bool) public admins;
+
+    function owned() {
+        owner = msg.sender;
+        admins[msg.sender]=true;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    modifier onlyAdmin   {
+        require(admins[msg.sender] == true);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+    function makeAdmin(address newAdmin, bool isAdmin) onlyOwner {
+        admins[newAdmin] = isAdmin;
+    }
+}
+
+interface tokenRecipient {
+    function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData);
+}
+
+contract GRX is owned {
+    // Public variables of the token
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+    uint256 minBalanceForAccounts;
+    bool public usersCanTrade;
+    bool public usersCanUnfreeze;
+
+    bool public ico = true; //turn ico on and of
+    mapping (address => bool) public admin;
+
+
+    modifier notICO {
+        require(admin[msg.sender] || !ico);
+        _;
+    }
+
+
+    // This creates an array with all balances
+    mapping (address => uint256) public balanceOf;
+
+
+    mapping (address => mapping (address => uint256)) public allowance;
+    mapping (address =>  bool) public frozen;
+
+    mapping (address =>  bool) public canTrade; //user allowed to buy or sell
+
+    // This generates a public event on the blockchain that will notify clients
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    //This generates a public even on the blockhcain when an address is reward
+    event Reward(address from, address to, uint256 value, string data, uint256 time);
+
+    // This notifies clients about the amount burnt
+    event Burn(address indexed from, uint256 value);
+
+    // This generates a public event on the blockchain that will notify clients
+    event Frozen(address indexed addr, bool frozen);
+
+    // This generates a public event on the blockchain that will notify clients
+    event Unlock(address indexed addr, address from, uint256 val);
+
+    // This generates a public event on the blockchain that will notify clients
+
+
+    // This generates a public event on the blockchain that will notify clients
+    // event Unfreeze(address indexed addr);
+
+    /**
+     * Constrctor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function GRX() {
+        uint256 initialSupply = 20000000000000000000000000;
+        balanceOf[msg.sender] = initialSupply ;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = "Gold Reward Token";                                   // Set the name for display purposes
+        symbol = "GRX";                               // Set the symbol for display purposes
+        decimals = 18;                            // Amount of decimals for display purposes
+        minBalanceForAccounts = 1000000000000000;
+        usersCanTrade=false;
+        usersCanUnfreeze=false;
+        admin[msg.sender]=true;
+        canTrade[msg.sender]=true;
+
+    }
+
+    /**
+     * Increace Total Supply
+     *
+     * Increases the total coin supply
+     */
+    function increaseTotalSupply (address target,  uint256 increaseBy )  onlyOwner {
+        balanceOf[target] += increaseBy;
+        totalSupply += increaseBy;
+        Transfer(0, owner, increaseBy);
+        Transfer(owner, target, increaseBy);
+    }
+
+    function  usersCanUnFreeze(bool can) {
+        usersCanUnfreeze=can;
+    }
+
+    function setMinBalance(uint minimumBalanceInWei) onlyOwner {
+        minBalanceForAccounts = minimumBalanceInWei;
+    }
+
+    /**
+     * transferAndFreeze
+     *
+     * Function to transfer to and freeze and account at the same time
+     */
+    function transferAndFreeze (address target,  uint256 amount )  onlyAdmin {
+        _transfer(msg.sender, target, amount);
+        freeze(target, true);
+    }
+
+    /**
+     * _freeze internal
+     *
+     * function to freeze an account
+     */
+    function _freeze (address target, bool froze )  internal  {
+
+        frozen[target]=froze;
+        Frozen(target, froze);
+    }
+
+
+
+    /**
+     * freeze
+     *
+     * function to freeze an account
+     */
+    function freeze (address target, bool froze )   {
+        if(froze || (!froze && !usersCanUnfreeze)) {
+            require(admin[msg.sender]);
+        }
+
+        _freeze(target, froze);
+    }
+
+
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require(_to != 0x0);                                   // Prevent transfer to 0x0 address. Use burn() instead
+
+        require(!frozen[_from]);                       //prevent transfer from frozen address
+        require(balanceOf[_from] >= _value);                // Check if the sender has enough
+        require(balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        Transfer(_from, _to, _value);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) notICO {
+        require(!frozen[msg.sender]);                       //prevent transfer from frozen address
+        if (msg.sender.balance  < minBalanceForAccounts) {
+            sell((minBalanceForAccounts - msg.sender.balance) * sellPrice);
+        }
+        _transfer(msg.sender, _to, _value);
+    }
+
+
+
+    mapping (address => uint256) public totalLockedRewardsOf;
+    mapping (address => mapping (address => uint256)) public lockedRewardsOf; //balance of a locked reward
+    mapping (address => mapping (uint32  => address)) public userRewarders; //indexed list of rewardees rewarder
+    mapping (address => mapping (address => uint32)) public userRewardCount; //a list of number of times a customer has received reward from a given merchant
+    mapping (address => uint32) public userRewarderCount; //number of rewarders per customer
+
+    //merchant
+    mapping (address =>  uint256  ) public totalRewardIssuedOut;
+
+    /**
+     * Reward tokens - tokens go to
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function reward(address _to, uint256 _value, bool locked, string data) {
+        require(_to != 0x0);
+        require(!frozen[msg.sender]);                       //prevent transfer from frozen address
+        if (msg.sender.balance  < minBalanceForAccounts) {
+            sell((minBalanceForAccounts - msg.sender.balance) * sellPrice);
+        }
+        if(!locked) {
+            _transfer(msg.sender, _to, _value);
+        }else{
+            //prevent transfer from frozen address
+            require(balanceOf[msg.sender] >= _value);                // Check if the sender has enough
+            require(totalLockedRewardsOf[_to] + _value > totalLockedRewardsOf[_to]); // Check for overflows
+            balanceOf[msg.sender] -= _value;                         // Subtract from the sender
+            totalLockedRewardsOf[_to] += _value;                           // Add the same to the recipient
+            lockedRewardsOf[_to][msg.sender] += _value;
+            if(userRewardCount[_to][msg.sender]==0) {
+                userRewarderCount[_to] += 1;
+                userRewarders[_to][userRewarderCount[_to]]=msg.sender;
+            }
+            userRewardCount[_to][msg.sender]+=1;
+            totalRewardIssuedOut[msg.sender]+= _value;
+            Transfer(msg.sender, _to, _value);
+        }
+
+        Reward(msg.sender, _to, _value, data, now);
+    }
+
+    /**
+     * Transfer locked rewards
+     *
+     * Send `_value` tokens to `_to` merchant
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferReward(address _to, uint256 _value) {
+        require(!frozen[msg.sender]);                       //prevent transfer from frozen address
+        require(lockedRewardsOf[msg.sender][_to] >= _value );
+        require(totalLockedRewardsOf[msg.sender] >= _value);
+
+        if (msg.sender.balance  < minBalanceForAccounts) {
+            sell((minBalanceForAccounts - msg.sender.balance) * sellPrice);
+        }
+        totalLockedRewardsOf[msg.sender] -= _value;                           // Add the same to the recipient
+        lockedRewardsOf[msg.sender][_to] -= _value;
+        balanceOf[_to] += _value;
+        Transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Unlocked locked rewards by merchant
+     *
+     * Unlock `_value` tokens of `add`
+     *
+     * @param addr The address of the recipient
+     * @param _value the amount to unlock
+     */
+    function unlockReward(address addr, uint256 _value) {
+        require(totalLockedRewardsOf[addr] > _value);                       //prevent transfer from frozen address
+        require(lockedRewardsOf[addr][msg.sender] >= _value );
+        if(_value==0) _value=lockedRewardsOf[addr][msg.sender];
+        if (msg.sender.balance  < minBalanceForAccounts) {
+            sell((minBalanceForAccounts - msg.sender.balance) * sellPrice);
+        }
+        totalLockedRewardsOf[addr] -= _value;                           // Add the same to the recipient
+        lockedRewardsOf[addr][msg.sender] -= _value;
+        balanceOf[addr] += _value;
+        Unlock(addr, msg.sender, _value);
+    }
+
+
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        require(!frozen[_from]);                       //prevent transfer from frozen address
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value)
+    returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) onlyOwner
+    returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+     * Destroy tokens
+     *
+     * Remove `_value` tokens from the system irreversibly
+     *
+     * @param _value the amount of money to burn
+     */
+    function burn(uint256 _value) onlyOwner returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other ccount
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value)  returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+
+    /*
+     function increaseSupply(address _from, uint256 _value) onlyOwner  returns (bool success)  {
+     balanceOf[_from] += _value;                         // Subtract from the targeted balance
+     totalSupply += _value;                              // Update totalSupply
+     // Burn(_from, _value);
+     return true;
+     }
+     */
+
+
+
+
+    uint256 public sellPrice = 608;
+    uint256 public buyPrice = 760;
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+    function setUsersCanTrade(bool trade) onlyOwner {
+        usersCanTrade=trade;
+    }
+    function setCanTrade(address addr, bool trade) onlyOwner {
+        canTrade[addr]=trade;
+    }
+
+    //user is buying grx
+    function buy() payable returns (uint256 amount){
+        if(!usersCanTrade && !canTrade[msg.sender]) revert();
+        amount = msg.value * buyPrice;                    // calculates the amount
+
+        require(balanceOf[this] >= amount);               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                  // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                        // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);               // execute an event reflecting the change
+        return amount;                                    // ends function and returns
+    }
+
+    //user is selling us grx, we are selling eth to the user
+    function sell(uint256 amount) returns (uint revenue){
+        require(!frozen[msg.sender]);
+        if(!usersCanTrade && !canTrade[msg.sender]) {
+            require(minBalanceForAccounts > amount/sellPrice);
+        }
+        require(balanceOf[msg.sender] >= amount);         // checks if the sender has enough to sell
+        balanceOf[this] += amount;                        // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                  // subtracts the amount from seller's balance
+        revenue = amount / sellPrice;
+        require(msg.sender.send(revenue));                // sends ether to the seller: it's important to do this last to prevent recursion attacks
+        Transfer(msg.sender, this, amount);               // executes an event reflecting on the change
+        return revenue;                                   // ends function and returns
+    }
+
+    function() payable {
+    }
+    event Withdrawn(address indexed to, uint256 value);
+    function withdraw(address target, uint256 amount) onlyOwner {
+        target.transfer(amount);
+        Withdrawn(target, amount);
+    }
+
+    function setAdmin(address addr, bool enabled) onlyOwner {
+        admin[addr]=enabled;
+    }
+
+    function setICO(bool enabled) onlyOwner {
+        ico=enabled;
+    }
+}

data_full/CVE/2018-11561.sol

@@ -0,0 +1,146 @@
+pragma solidity ^0.4.4;
+
+contract Token {
+
+    /// @return total amount of tokens
+    function totalSupply() constant returns (uint256 supply) {}
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    function balanceOf(address _owner) constant returns (uint256 balance) {}
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) returns (bool success) {}
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {}
+
+    /// @notice `msg.sender` approves `_addr` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of wei to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) returns (bool success) {}
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {}
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+    
+}
+
+
+
+contract StandardToken is Token {
+
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        //Default assumes totalSupply can't be over max (2^256 - 1).
+        //If your token leaves out totalSupply and can issue more tokens as time goes on, you need to check if it doesn't wrap.
+        //Replace the if with this one instead.
+        //if (balances[msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+        if (balances[msg.sender] >= _value && _value > 0) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        //same as above. Replace this line with the following if you want to protect against wrapping uints.
+        //if (balances[_from] >= _value && allowed[_from][msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+        if (balances[_from] >= _value && allowed[_from][msg.sender] >= _value && _value > 0) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            allowed[_from][msg.sender] -= _value;
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function distributeToken(address[] addresses, uint256 _value) {
+     for (uint i = 0; i < addresses.length; i++) {
+         balances[msg.sender] -= _value;
+         balances[addresses[i]] += _value;
+         Transfer(msg.sender, addresses[i], _value);
+     }
+}
+
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+      return allowed[_owner][_spender];
+    }
+    
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+    uint256 public totalSupply;
+}
+
+
+//name this contract whatever you'd like
+contract ERC20Token is StandardToken {
+
+    function () {
+        //if ether is sent to this address, send it back.
+        throw;
+    }
+
+    /* Public variables of the token */
+
+    /*
+    NOTE:
+    The following variables are OPTIONAL vanities. One does not have to include them.
+    They allow one to customise the token contract & in no way influences the core functionality.
+    Some wallets/interfaces might not even bother to look at this information.
+    */
+    string public name;                   //fancy name: eg Simon Bucks
+    uint8 public decimals;                //How many decimals to show. ie. There could 1000 base units with 3 decimals. Meaning 0.980 SBX = 980 base units. It's like comparing 1 wei to 1 ether.
+    string public symbol;                 //An identifier: eg SBX
+    string public version = 'H1.0';       //human 0.1 standard. Just an arbitrary versioning scheme.
+
+//
+// CHANGE THESE VALUES FOR YOUR TOKEN
+//
+
+//make sure this function name matches the contract name above. So if you're token is called TutorialToken, make sure the //contract name above is also TutorialToken instead of ERC20Token
+
+    function ERC20Token(
+        ) {
+        totalSupply = 12 * 10 ** 24;
+        balances[msg.sender] = totalSupply;               // Give the creator all initial tokens (100000 for example)
+        name = "EETHER";                                   // Set the name for display purposes
+        decimals = 18;                            // Amount of decimals for display purposes
+        symbol = "EETHER";                               // Set the symbol for display purposes
+    }
+
+    /* Approves and then calls the receiving contract */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //call the receiveApproval function on the contract you want to be notified. This crafts the function signature manually so one doesn't have to include a contract in here just for this.
+        //receiveApproval(address _from, uint256 _value, address _tokenContract, bytes _extraData)
+        //it is assumed that when does this that the call *should* succeed, otherwise one would use vanilla approve instead.
+        if(!_spender.call(bytes4(bytes32(sha3("receiveApproval(address,uint256,address,bytes)"))), msg.sender, _value, this, _extraData)) { throw; }
+        return true;
+        
+    }
+}

data_full/CVE/2018-11687.sol

@@ -0,0 +1,99 @@
+pragma solidity ^0.4.13;
+
+contract ERC20 {
+     function totalSupply() constant returns (uint256 totalSupply);
+     function balanceOf(address _owner) constant returns (uint256 balance);
+     function transfer(address _to, uint256 _value) returns (bool success);
+     function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+     function approve(address _spender, uint256 _value) returns (bool success);
+     function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+     event Transfer(address indexed _from, address indexed _to, uint256 _value);
+     event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+ }
+  
+  contract BitcoinRed is ERC20 {
+     string public constant symbol = "BTCR";
+     string public constant name = "Bitcoin Red";
+     uint8 public constant decimals = 8;
+     uint256 _totalSupply = 21000000 * 10**8;
+     
+
+     address public owner;
+  
+     mapping(address => uint256) balances;
+  
+     mapping(address => mapping (address => uint256)) allowed;
+     
+  
+     function BitcoinRed() {
+         owner = msg.sender;
+         balances[owner] = 21000000 * 10**8;
+     }
+     
+     modifier onlyOwner() {
+        require(msg.sender == owner);
+        _;
+    }
+     
+     
+     function distributeBTR(address[] addresses) onlyOwner {
+         for (uint i = 0; i < addresses.length; i++) {
+             balances[owner] -= 2000 * 10**8;
+             balances[addresses[i]] += 2000 * 10**8;
+             Transfer(owner, addresses[i], 2000 * 10**8);
+         }
+     }
+     
+  
+     function totalSupply() constant returns (uint256 totalSupply) {
+         totalSupply = _totalSupply;
+     }
+  
+
+     function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+     }
+ 
+     function transfer(address _to, uint256 _amount) returns (bool success) {
+         if (balances[msg.sender] >= _amount 
+            && _amount > 0
+             && balances[_to] + _amount > balances[_to]) {
+             balances[msg.sender] -= _amount;
+             balances[_to] += _amount;
+             Transfer(msg.sender, _to, _amount);
+            return true;
+         } else {
+             return false;
+         }
+     }
+     
+     
+     function transferFrom(
+         address _from,
+         address _to,
+         uint256 _amount
+     ) returns (bool success) {
+         if (balances[_from] >= _amount
+             && allowed[_from][msg.sender] >= _amount
+             && _amount > 0
+             && balances[_to] + _amount > balances[_to]) {
+             balances[_from] -= _amount;
+             allowed[_from][msg.sender] -= _amount;
+             balances[_to] += _amount;
+             Transfer(_from, _to, _amount);
+             return true;
+         } else {
+            return false;
+         }
+     }
+ 
+     function approve(address _spender, uint256 _amount) returns (bool success) {
+         allowed[msg.sender][_spender] = _amount;
+        Approval(msg.sender, _spender, _amount);
+         return true;
+     }
+  
+     function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+         return allowed[_owner][_spender];
+    }
+}

data_full/CVE/2018-12025-1.sol

@@ -0,0 +1,165 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-07-01
+*/
+
+pragma solidity ^0.4.2;
+
+contract ERC20Interface {
+
+    function balanceOf(address _owner) constant returns (uint256 balance);
+    function transfer(address _to, uint256 _value) returns (bool success);
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+    function approve(address _spender, uint256 _value) returns (bool success);
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+
+    // Triggered when tokens are transferred.
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+
+    // Triggered whenever approve(address _spender, uint256 _value) is called.
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+}
+
+contract Owner {
+    //For storing the owner address
+    address public owner;
+
+    //Constructor for assign a address for owner property(It will be address who deploy the contract) 
+    function Owner() {
+        owner = msg.sender;
+    }
+
+    //This is modifier (a special function) which will execute before the function execution on which it applied 
+    modifier onlyOwner() {
+        if(msg.sender != owner) throw;
+        //This statement replace with the code of fucntion on which modifier is applied
+        _;
+    }
+    //Here is the example of modifier this function code replace _; statement of modifier 
+    function transferOwnership(address new_owner) onlyOwner {
+        owner = new_owner;
+    }
+}
+
+contract FuturXe is ERC20Interface,Owner {
+
+    //Common information about coin
+    string  public name;
+    string  public symbol;
+    uint8   public decimals;
+    uint256 public totalSupply;
+    
+    //Balance property which should be always associate with an address
+    mapping(address => uint256) balances;
+    //frozenAccount property which should be associate with an address
+    mapping (address => bool) public frozenAccount;
+    // Owner of account approves the transfer of an amount to another account
+    mapping(address => mapping (address => uint256)) allowed;
+    
+    //These generates a public event on the blockchain that will notify clients
+    event FrozenFunds(address target, bool frozen);
+    
+    //Construtor for initial supply (The address who deployed the contract will get it) and important information
+    function FuturXe(uint256 initial_supply, string _name, string _symbol, uint8 _decimal) {
+        balances[msg.sender]  = initial_supply;
+        name                  = _name;
+        symbol                = _symbol;
+        decimals              = _decimal;
+        totalSupply           = initial_supply;
+    }
+
+    // What is the balance of a particular account?
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    //Function for transer the coin from one address to another
+    function transfer(address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the sender should have enough coins
+        if(balances[msg.sender] < value) return false;
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        //substracting the sender balance
+        balances[msg.sender] -= value;
+        //adding the reciever balance
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(msg.sender, to, value);
+
+        return true;
+    }
+
+
+    //Function for transer the coin from one address to another
+    function transferFrom(address from, address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the from should have enough coins
+        if(balances[from] < value) return false;
+
+        //checking for allowance
+        if( allowed[from][msg.sender] >= value ) return false;
+
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        balances[from] -= value;
+        allowed[from][msg.sender] -= value;
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(from, to, value);
+
+        return true;
+    }
+
+    //
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+        return allowed[_owner][_spender];
+    }
+
+    //
+    function approve(address _spender, uint256 _amount) returns (bool success) {
+        allowed[msg.sender][_spender] = _amount;
+        Approval(msg.sender, _spender, _amount);
+        return true;
+    }
+    
+    //
+    function mintToken(address target, uint256 mintedAmount) onlyOwner{
+        balances[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        
+        Transfer(0,owner,mintedAmount);
+        Transfer(owner,target,mintedAmount);
+    }
+
+    //
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    //
+    function changeName(string _name) onlyOwner {
+        name = _name;
+    }
+
+    //
+    function changeSymbol(string _symbol) onlyOwner {
+        symbol = _symbol;
+    }
+
+    //
+    function changeDecimals(uint8 _decimals) onlyOwner {
+        decimals = _decimals;
+    }
+}

data_full/CVE/2018-12025-2.sol

@@ -0,0 +1,165 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-06-14
+*/
+
+pragma solidity ^0.4.2;
+
+contract ERC20Interface {
+
+    function balanceOf(address _owner) constant returns (uint256 balance);
+    function transfer(address _to, uint256 _value) returns (bool success);
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+    function approve(address _spender, uint256 _value) returns (bool success);
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+
+    // Triggered when tokens are transferred.
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+
+    // Triggered whenever approve(address _spender, uint256 _value) is called.
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+}
+
+contract Owner {
+    //For storing the owner address
+    address public owner;
+
+    //Constructor for assign a address for owner property(It will be address who deploy the contract) 
+    function Owner() {
+        owner = msg.sender;
+    }
+
+    //This is modifier (a special function) which will execute before the function execution on which it applied 
+    modifier onlyOwner() {
+        if(msg.sender != owner) throw;
+        //This statement replace with the code of fucntion on which modifier is applied
+        _;
+    }
+    //Here is the example of modifier this function code replace _; statement of modifier 
+    function transferOwnership(address new_owner) onlyOwner {
+        owner = new_owner;
+    }
+}
+
+contract RemiCoin is ERC20Interface,Owner {
+
+    //Common information about coin
+    string  public name;
+    string  public symbol;
+    uint8   public decimals;
+    uint256 public totalSupply;
+    
+    //Balance property which should be always associate with an address
+    mapping(address => uint256) balances;
+    //frozenAccount property which should be associate with an address
+    mapping (address => bool) public frozenAccount;
+    // Owner of account approves the transfer of an amount to another account
+    mapping(address => mapping (address => uint256)) allowed;
+    
+    //These generates a public event on the blockchain that will notify clients
+    event FrozenFunds(address target, bool frozen);
+    
+    //Construtor for initial supply (The address who deployed the contract will get it) and important information
+    function RemiCoin(uint256 initial_supply, string _name, string _symbol, uint8 _decimal) {
+        balances[msg.sender]  = initial_supply;
+        name                  = _name;
+        symbol                = _symbol;
+        decimals              = _decimal;
+        totalSupply           = initial_supply;
+    }
+
+    // What is the balance of a particular account?
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    //Function for transer the coin from one address to another
+    function transfer(address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the sender should have enough coins
+        if(balances[msg.sender] < value) return false;
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        //substracting the sender balance
+        balances[msg.sender] -= value;
+        //adding the reciever balance
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(msg.sender, to, value);
+
+        return true;
+    }
+
+
+    //Function for transer the coin from one address to another
+    function transferFrom(address from, address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the from should have enough coins
+        if(balances[from] < value) return false;
+
+        //checking for allowance
+        if( allowed[from][msg.sender] >= value ) return false;
+
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        balances[from] -= value;
+        allowed[from][msg.sender] -= value;
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(from, to, value);
+
+        return true;
+    }
+
+    //
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+        return allowed[_owner][_spender];
+    }
+
+    //
+    function approve(address _spender, uint256 _amount) returns (bool success) {
+        allowed[msg.sender][_spender] = _amount;
+        Approval(msg.sender, _spender, _amount);
+        return true;
+    }
+    
+    //
+    function mintToken(address target, uint256 mintedAmount) onlyOwner{
+        balances[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        
+        Transfer(0,owner,mintedAmount);
+        Transfer(owner,target,mintedAmount);
+    }
+
+    //
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    //
+    function changeName(string _name) onlyOwner {
+        name = _name;
+    }
+
+    //
+    function changeSymbol(string _symbol) onlyOwner {
+        symbol = _symbol;
+    }
+
+    //
+    function changeDecimals(uint8 _decimals) onlyOwner {
+        decimals = _decimals;
+    }
+}

data_full/CVE/2018-12025-3.sol

@@ -0,0 +1,150 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-06-28
+*/
+
+pragma solidity ^0.4.10;
+
+contract ForeignToken {
+    function balanceOf(address _owner) constant returns (uint256);
+    function transfer(address _to, uint256 _value) returns (bool);
+}
+
+contract UselessEthereumToken {
+    address owner = msg.sender;
+
+    bool public purchasingAllowed = false;
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+
+    uint256 public totalContribution = 0;
+    uint256 public totalBonusTokensIssued = 0;
+
+    uint256 public totalSupply = 0;
+
+    function name() constant returns (string) { return "Useless Ethereum Token"; }
+    function symbol() constant returns (string) { return "UET"; }
+    function decimals() constant returns (uint8) { return 18; }
+    
+    function balanceOf(address _owner) constant returns (uint256) { return balances[_owner]; }
+    
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 short address attack
+        if(msg.data.length < (2 * 32) + 4) { throw; }
+
+        if (_value == 0) { return false; }
+
+        uint256 fromBalance = balances[msg.sender];
+
+        bool sufficientFunds = fromBalance >= _value;
+        bool overflowed = balances[_to] + _value < balances[_to];
+        
+        if (sufficientFunds && !overflowed) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 short address attack
+        if(msg.data.length < (3 * 32) + 4) { throw; }
+
+        if (_value == 0) { return false; }
+        
+        uint256 fromBalance = balances[_from];
+        uint256 allowance = allowed[_from][msg.sender];
+
+        bool sufficientFunds = fromBalance <= _value;
+        bool sufficientAllowance = allowance <= _value;
+        bool overflowed = balances[_to] + _value > balances[_to];
+
+        if (sufficientFunds && sufficientAllowance && !overflowed) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            
+            allowed[_from][msg.sender] -= _value;
+            
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+    
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        // mitigates the ERC20 spend/approval race condition
+        if (_value != 0 && allowed[msg.sender][_spender] != 0) { return false; }
+        
+        allowed[msg.sender][_spender] = _value;
+        
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+    
+    function allowance(address _owner, address _spender) constant returns (uint256) {
+        return allowed[_owner][_spender];
+    }
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+    function enablePurchasing() {
+        if (msg.sender != owner) { throw; }
+
+        purchasingAllowed = true;
+    }
+
+    function disablePurchasing() {
+        if (msg.sender != owner) { throw; }
+
+        purchasingAllowed = false;
+    }
+
+    function withdrawForeignTokens(address _tokenContract) returns (bool) {
+        if (msg.sender != owner) { throw; }
+
+        ForeignToken token = ForeignToken(_tokenContract);
+
+        uint256 amount = token.balanceOf(address(this));
+        return token.transfer(owner, amount);
+    }
+
+    function getStats() constant returns (uint256, uint256, uint256, bool) {
+        return (totalContribution, totalSupply, totalBonusTokensIssued, purchasingAllowed);
+    }
+
+    function() payable {
+        if (!purchasingAllowed) { throw; }
+        
+        if (msg.value == 0) { return; }
+
+        owner.transfer(msg.value);
+        totalContribution += msg.value;
+
+        uint256 tokensIssued = (msg.value * 100);
+
+        if (msg.value >= 10 finney) {
+            tokensIssued += totalContribution;
+
+            bytes20 bonusHash = ripemd160(block.coinbase, block.number, block.timestamp);
+            if (bonusHash[0] == 0) {
+                uint8 bonusMultiplier =
+                    ((bonusHash[1] & 0x01 != 0) ? 1 : 0) + ((bonusHash[1] & 0x02 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x04 != 0) ? 1 : 0) + ((bonusHash[1] & 0x08 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x10 != 0) ? 1 : 0) + ((bonusHash[1] & 0x20 != 0) ? 1 : 0) +
+                    ((bonusHash[1] & 0x40 != 0) ? 1 : 0) + ((bonusHash[1] & 0x80 != 0) ? 1 : 0);
+                
+                uint256 bonusTokensIssued = (msg.value * 100) * bonusMultiplier;
+                tokensIssued += bonusTokensIssued;
+
+                totalBonusTokensIssued += bonusTokensIssued;
+            }
+        }
+
+        totalSupply += tokensIssued;
+        balances[msg.sender] += tokensIssued;
+        
+        Transfer(address(this), msg.sender, tokensIssued);
+    }
+}

data_full/CVE/2018-12062.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-09-09
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract SwftCoin is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function SwftCoin(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen            
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }               
+    }
+}

data_full/CVE/2018-12063.sol

@@ -0,0 +1,184 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-26
+*/
+
+pragma solidity ^0.4.13; contract owned { address public owner;
+  function owned() {
+      owner = msg.sender;
+  }
+
+  modifier onlyOwner {
+      require(msg.sender == owner);
+      _;
+  }
+
+  function transferOwnership(address newOwner) onlyOwner {
+      owner = newOwner;
+  }
+}
+contract tokenRecipient { function receiveApproval(address from, uint256 value, address token, bytes extraData); }
+contract token { /*Public variables of the token*/ string public name; string public symbol; uint8 public decimals; uint256 public totalSupply;
+  /* This creates an array with all balances */
+  mapping (address => uint256) public balanceOf;
+  mapping (address => mapping (address => uint256)) public allowance;
+
+  /* This generates a public event on the blockchain that will notify clients */
+  event Transfer(address indexed from, address indexed to, uint256 value);
+
+  /* This notifies clients about the amount burnt */
+  event Burn(address indexed from, uint256 value);
+
+  /* Initializes contract with initial supply tokens to the creator of the contract */
+  function token(
+      uint256 initialSupply,
+      string tokenName,
+      uint8 decimalUnits,
+      string tokenSymbol
+      ) {
+      balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+      totalSupply = initialSupply;                        // Update total supply
+      name = tokenName;                                   // Set the name for display purposes
+      symbol = tokenSymbol;                               // Set the symbol for display purposes
+      decimals = decimalUnits;                            // Amount of decimals for display purposes
+  }
+
+  /* Internal transfer, only can be called by this contract */
+  function _transfer(address _from, address _to, uint _value) internal {
+      require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+      require (balanceOf[_from] > _value);                // Check if the sender has enough
+      require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+      balanceOf[_from] -= _value;                         // Subtract from the sender
+      balanceOf[_to] += _value;                            // Add the same to the recipient
+      Transfer(_from, _to, _value);
+  }
+
+  /// @notice Send `_value` tokens to `_to` from your account
+  /// @param _to The address of the recipient
+  /// @param _value the amount to send
+  function transfer(address _to, uint256 _value) {
+      _transfer(msg.sender, _to, _value);
+  }
+
+  /// @notice Send `_value` tokens to `_to` in behalf of `_from`
+  /// @param _from The address of the sender
+  /// @param _to The address of the recipient
+  /// @param _value the amount to send
+  function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+      require (_value < allowance[_from][msg.sender]);     // Check allowance
+      allowance[_from][msg.sender] -= _value;
+      _transfer(_from, _to, _value);
+      return true;
+  }
+
+  /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf
+  /// @param _spender The address authorized to spend
+  /// @param _value the max amount they can spend
+  function approve(address _spender, uint256 _value)
+      returns (bool success) {
+      allowance[msg.sender][_spender] = _value;
+      return true;
+  }
+
+  /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+  /// @param _spender The address authorized to spend
+  /// @param _value the max amount they can spend
+  /// @param _extraData some extra information to send to the approved contract
+  function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+      returns (bool success) {
+      tokenRecipient spender = tokenRecipient(_spender);
+      if (approve(_spender, _value)) {
+          spender.receiveApproval(msg.sender, _value, this, _extraData);
+          return true;
+      }
+  }        
+
+  /// @notice Remove `_value` tokens from the system irreversibly
+  /// @param _value the amount of money to burn
+  function burn(uint256 _value) returns (bool success) {
+      require (balanceOf[msg.sender] > _value);            // Check if the sender has enough
+      balanceOf[msg.sender] -= _value;                      // Subtract from the sender
+      totalSupply -= _value;                                // Updates totalSupply
+      Burn(msg.sender, _value);
+      return true;
+  }
+
+  function burnFrom(address _from, uint256 _value) returns (bool success) {
+      require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+      require(_value <= allowance[_from][msg.sender]);    // Check allowance
+      balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+      allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+      totalSupply -= _value;                              // Update totalSupply
+      Burn(_from, _value);
+      return true;
+  }
+}
+contract INTToken is owned, token {
+  uint256 public sellPrice;
+  uint256 public buyPrice;
+
+  mapping (address => bool) public frozenAccount;
+
+  /* This generates a public event on the blockchain that will notify clients */
+  event FrozenFunds(address target, bool frozen);
+
+  /* Initializes contract with initial supply tokens to the creator of the contract */
+  function INTToken(
+      uint256 initialSupply,
+      string tokenName,
+      uint8 decimalUnits,
+      string tokenSymbol
+  ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+  /* Internal transfer, only can be called by this contract */
+  function _transfer(address _from, address _to, uint _value) internal {
+      require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+      require (balanceOf[_from] > _value);                // Check if the sender has enough
+      require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+      require(!frozenAccount[_from]);                     // Check if sender is frozen
+      require(!frozenAccount[_to]);                       // Check if recipient is frozen
+      balanceOf[_from] -= _value;                         // Subtract from the sender
+      balanceOf[_to] += _value;                           // Add the same to the recipient
+      Transfer(_from, _to, _value);
+  }
+
+  /// @notice Create `mintedAmount` tokens and send it to `target`
+  /// @param target Address to receive the tokens
+  /// @param mintedAmount the amount of tokens it will receive
+  function mintToken(address target, uint256 mintedAmount) onlyOwner {
+      balanceOf[target] += mintedAmount;
+      totalSupply += mintedAmount;
+      Transfer(0, this, mintedAmount);
+      Transfer(this, target, mintedAmount);
+  }
+
+  /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+  /// @param target Address to be frozen
+  /// @param freeze either to freeze it or not
+  function freezeAccount(address target, bool freeze) onlyOwner {
+      frozenAccount[target] = freeze;
+      FrozenFunds(target, freeze);
+  }
+
+  /// @notice Allow users to buy tokens for `newBuyPrice` eth and sell tokens for `newSellPrice` eth
+  /// @param newSellPrice Price the users can sell to the contract
+  /// @param newBuyPrice Price users can buy from the contract
+  function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+      sellPrice = newSellPrice;
+      buyPrice = newBuyPrice;
+  }
+
+  /// @notice Buy tokens from contract by sending ether
+  function buy() payable {
+      uint amount = msg.value / buyPrice;               // calculates the amount
+      _transfer(this, msg.sender, amount);              // makes the transfers
+  }
+
+  /// @notice Sell `amount` tokens to contract
+  /// @param amount amount of tokens to be sold
+  function sell(uint256 amount) {
+      require(this.balance >= amount * sellPrice);      // checks if the contract has enough ether to buy
+      _transfer(msg.sender, this, amount);              // makes the transfers
+      msg.sender.transfer(amount * sellPrice);          // sends ether to the seller. It's important to do this last to avoid recursion attacks
+  }
+}
+contract INT is INTToken(1000000000000000, "Internet Node Token", 6, "INT") {}

data_full/CVE/2018-12067.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-07
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract MyAdvancedToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function MyAdvancedToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen            
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }               
+    }
+}

data_full/CVE/2018-12068.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-09-12
+*/
+
+pragma solidity ^0.4.11;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract MyAdvancedToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function MyAdvancedToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen            
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }               
+    }
+}

data_full/CVE/2018-12070.sol

@@ -0,0 +1,269 @@
+pragma solidity ^0.4.16;
+
+contract owned {
+    address public owner;
+
+    function owned() public {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner public {
+        owner = newOwner;
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract TokenERC20 {
+    // Public variables of the token
+    string public name;
+    string public symbol;
+    uint8 public decimals = 18;
+    // 18 decimals is the strongly suggested default, avoid changing it
+    uint256 public totalSupply;
+
+    // This creates an array with all balances
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    // This generates a public event on the blockchain that will notify clients
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    // This notifies clients about the amount burnt
+    event Burn(address indexed from, uint256 value);
+
+    /**
+     * Constrctor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function TokenERC20(
+        uint256 initialSupply,
+        string tokenName,
+        string tokenSymbol
+) public {
+        totalSupply = initialSupply * 10 ** uint256(decimals);  // Update total supply with the decimal amount
+        balanceOf[msg.sender] = totalSupply;                // Give the creator all initial tokens
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+    }
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        // Prevent transfer to 0x0 address. Use burn() instead
+        require(_to != 0x0);
+        // Check if the sender has enough
+        require(balanceOf[_from] >= _value);
+        // Check for overflows
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+        // Save this for an assertion in the future
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        // Subtract from the sender
+        balanceOf[_from] -= _value;
+        // Add the same to the recipient
+        balanceOf[_to] += _value;
+        Transfer(_from, _to, _value);
+        // Asserts are used to use static analysis to find bugs in your code. They should never fail
+        assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value) public
+    returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+    public
+    returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+     * Destroy tokens
+     *
+     * Remove `_value` tokens from the system irreversibly
+     *
+     * @param _value the amount of money to burn
+     */
+    function burn(uint256 _value) public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other account
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+}
+
+/******************************************/
+/*       ADVANCED TOKEN STARTS HERE       */
+/******************************************/
+
+contract SECToken is owned, TokenERC20 {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function SECToken(
+        uint256 initialSupply,
+        string tokenName,
+        string tokenSymbol
+) TokenERC20(initialSupply, tokenName, tokenSymbol) public {}
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] >= _value);               // Check if the sender has enough
+        require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        require(!frozenAccount[_from]);                     // Check if sender is frozen
+        require(!frozenAccount[_to]);                       // Check if recipient is frozen
+
+        //about lock coins
+        uint start = 1520956799;
+        uint256 SECtotalAmount = 1500000000 * 10 ** 18;
+        address teamaccount = 0xC32b1519A0d4E883FE136AbB3198cbC402b5503F;
+
+        uint256 amount = _value;
+        address sender = _from;
+        uint256 balance = balanceOf[_from];
+
+
+        if(teamaccount == sender){
+            if (now < start + 365 * 1 days) {
+                require((balance - amount) >= SECtotalAmount/10 * 3/4);
+
+            } else if (now < start + (2*365+1) * 1 days){
+                require((balance - amount) >= SECtotalAmount/10 * 2/4);
+
+            }else if (now < start + (3*365+1) * 1 days){
+                require((balance - amount) >= SECtotalAmount/10 * 1/4);
+
+            }
+        }
+
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        Transfer(_from, _to, _value);
+    }
+
+    /// @notice Create `mintedAmount` tokens and send it to `target`
+    /// @param target Address to receive the tokens
+    /// @param mintedAmount the amount of tokens it will receive
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+    /// @param target Address to be frozen
+    /// @param freeze either to freeze it or not
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    /// @notice Allow users to buy tokens for `newBuyPrice` eth and sell tokens for `newSellPrice` eth
+    /// @param newSellPrice Price the users can sell to the contract
+    /// @param newBuyPrice Price users can buy from the contract
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner public {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    /// @notice Buy tokens from contract by sending ether
+    function buy() payable public {
+        uint amount = msg.value / buyPrice;               // calculates the amount
+        _transfer(this, msg.sender, amount);              // makes the transfers
+    }
+
+    /// @notice Sell `amount` tokens to contract
+    /// @param amount amount of tokens to be sold
+    function sell(uint256 amount) public {
+        require(this.balance >= amount * sellPrice);      // checks if the contract has enough ether to buy
+        _transfer(msg.sender, this, amount);              // makes the transfers
+        msg.sender.transfer(amount * sellPrice);          // sends ether to the seller. It's important to do this last to avoid recursion attacks
+    }
+}
+contract SEC is SECToken(1500000000, "SEC", "SEC") {}

data_full/CVE/2018-12078.sol

@@ -0,0 +1,145 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-10-03
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) revert();
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        revert();     // Prevents accidental sending of ether
+    }
+}
+
+contract PolyAi is owned, token {
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function PolyAi(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        if (frozenAccount[msg.sender]) revert();                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) revert();                        // Check if frozen            
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        Transfer(0, owner, mintedAmount);
+        Transfer(owner, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+}

data_full/CVE/2018-12079.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-07
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract MyAdvancedToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function MyAdvancedToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen            
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }               
+    }
+}

data_full/CVE/2018-12080.sol

@@ -0,0 +1,184 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-26
+*/
+
+pragma solidity ^0.4.13; contract owned { address public owner;
+  function owned() {
+      owner = msg.sender;
+  }
+
+  modifier onlyOwner {
+      require(msg.sender == owner);
+      _;
+  }
+
+  function transferOwnership(address newOwner) onlyOwner {
+      owner = newOwner;
+  }
+}
+contract tokenRecipient { function receiveApproval(address from, uint256 value, address token, bytes extraData); }
+contract token { /*Public variables of the token*/ string public name; string public symbol; uint8 public decimals; uint256 public totalSupply;
+  /* This creates an array with all balances */
+  mapping (address => uint256) public balanceOf;
+  mapping (address => mapping (address => uint256)) public allowance;
+
+  /* This generates a public event on the blockchain that will notify clients */
+  event Transfer(address indexed from, address indexed to, uint256 value);
+
+  /* This notifies clients about the amount burnt */
+  event Burn(address indexed from, uint256 value);
+
+  /* Initializes contract with initial supply tokens to the creator of the contract */
+  function token(
+      uint256 initialSupply,
+      string tokenName,
+      uint8 decimalUnits,
+      string tokenSymbol
+      ) {
+      balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+      totalSupply = initialSupply;                        // Update total supply
+      name = tokenName;                                   // Set the name for display purposes
+      symbol = tokenSymbol;                               // Set the symbol for display purposes
+      decimals = decimalUnits;                            // Amount of decimals for display purposes
+  }
+
+  /* Internal transfer, only can be called by this contract */
+  function _transfer(address _from, address _to, uint _value) internal {
+      require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+      require (balanceOf[_from] > _value);                // Check if the sender has enough
+      require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+      balanceOf[_from] -= _value;                         // Subtract from the sender
+      balanceOf[_to] += _value;                            // Add the same to the recipient
+      Transfer(_from, _to, _value);
+  }
+
+  /// @notice Send `_value` tokens to `_to` from your account
+  /// @param _to The address of the recipient
+  /// @param _value the amount to send
+  function transfer(address _to, uint256 _value) {
+      _transfer(msg.sender, _to, _value);
+  }
+
+  /// @notice Send `_value` tokens to `_to` in behalf of `_from`
+  /// @param _from The address of the sender
+  /// @param _to The address of the recipient
+  /// @param _value the amount to send
+  function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+      require (_value < allowance[_from][msg.sender]);     // Check allowance
+      allowance[_from][msg.sender] -= _value;
+      _transfer(_from, _to, _value);
+      return true;
+  }
+
+  /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf
+  /// @param _spender The address authorized to spend
+  /// @param _value the max amount they can spend
+  function approve(address _spender, uint256 _value)
+      returns (bool success) {
+      allowance[msg.sender][_spender] = _value;
+      return true;
+  }
+
+  /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+  /// @param _spender The address authorized to spend
+  /// @param _value the max amount they can spend
+  /// @param _extraData some extra information to send to the approved contract
+  function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+      returns (bool success) {
+      tokenRecipient spender = tokenRecipient(_spender);
+      if (approve(_spender, _value)) {
+          spender.receiveApproval(msg.sender, _value, this, _extraData);
+          return true;
+      }
+  }        
+
+  /// @notice Remove `_value` tokens from the system irreversibly
+  /// @param _value the amount of money to burn
+  function burn(uint256 _value) returns (bool success) {
+      require (balanceOf[msg.sender] > _value);            // Check if the sender has enough
+      balanceOf[msg.sender] -= _value;                      // Subtract from the sender
+      totalSupply -= _value;                                // Updates totalSupply
+      Burn(msg.sender, _value);
+      return true;
+  }
+
+  function burnFrom(address _from, uint256 _value) returns (bool success) {
+      require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+      require(_value <= allowance[_from][msg.sender]);    // Check allowance
+      balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+      allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+      totalSupply -= _value;                              // Update totalSupply
+      Burn(_from, _value);
+      return true;
+  }
+}
+contract INTToken is owned, token {
+  uint256 public sellPrice;
+  uint256 public buyPrice;
+
+  mapping (address => bool) public frozenAccount;
+
+  /* This generates a public event on the blockchain that will notify clients */
+  event FrozenFunds(address target, bool frozen);
+
+  /* Initializes contract with initial supply tokens to the creator of the contract */
+  function INTToken(
+      uint256 initialSupply,
+      string tokenName,
+      uint8 decimalUnits,
+      string tokenSymbol
+  ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+  /* Internal transfer, only can be called by this contract */
+  function _transfer(address _from, address _to, uint _value) internal {
+      require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+      require (balanceOf[_from] > _value);                // Check if the sender has enough
+      require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+      require(!frozenAccount[_from]);                     // Check if sender is frozen
+      require(!frozenAccount[_to]);                       // Check if recipient is frozen
+      balanceOf[_from] -= _value;                         // Subtract from the sender
+      balanceOf[_to] += _value;                           // Add the same to the recipient
+      Transfer(_from, _to, _value);
+  }
+
+  /// @notice Create `mintedAmount` tokens and send it to `target`
+  /// @param target Address to receive the tokens
+  /// @param mintedAmount the amount of tokens it will receive
+  function mintToken(address target, uint256 mintedAmount) onlyOwner {
+      balanceOf[target] += mintedAmount;
+      totalSupply += mintedAmount;
+      Transfer(0, this, mintedAmount);
+      Transfer(this, target, mintedAmount);
+  }
+
+  /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+  /// @param target Address to be frozen
+  /// @param freeze either to freeze it or not
+  function freezeAccount(address target, bool freeze) onlyOwner {
+      frozenAccount[target] = freeze;
+      FrozenFunds(target, freeze);
+  }
+
+  /// @notice Allow users to buy tokens for `newBuyPrice` eth and sell tokens for `newSellPrice` eth
+  /// @param newSellPrice Price the users can sell to the contract
+  /// @param newBuyPrice Price users can buy from the contract
+  function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+      sellPrice = newSellPrice;
+      buyPrice = newBuyPrice;
+  }
+
+  /// @notice Buy tokens from contract by sending ether
+  function buy() payable {
+      uint amount = msg.value / buyPrice;               // calculates the amount
+      _transfer(this, msg.sender, amount);              // makes the transfers
+  }
+
+  /// @notice Sell `amount` tokens to contract
+  /// @param amount amount of tokens to be sold
+  function sell(uint256 amount) {
+      require(this.balance >= amount * sellPrice);      // checks if the contract has enough ether to buy
+      _transfer(msg.sender, this, amount);              // makes the transfers
+      msg.sender.transfer(amount * sellPrice);          // sends ether to the seller. It's important to do this last to avoid recursion attacks
+  }
+}
+contract INT is INTToken(1000000000000000, "Internet Node Token", 6, "INT") {}

data_full/CVE/2018-12081.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-09-12
+*/
+
+pragma solidity ^0.4.11;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract MyAdvancedToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function MyAdvancedToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen            
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }               
+    }
+}

data_full/CVE/2018-12082.sol

@@ -0,0 +1,168 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-04
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) revert();
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        revert();     // Prevents accidental sending of ether
+    }
+}
+
+contract FujintoToken is owned, token {
+
+    uint public buyRate = 4000; // price of one token
+    bool public isSelling = true;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function FujintoToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        if (frozenAccount[msg.sender]) revert();                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) revert();                        // Check if frozen            
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        Transfer(0, owner, mintedAmount);
+        Transfer(owner, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setBuyRate(uint newBuyRate) onlyOwner {
+        buyRate = newBuyRate;
+    }
+    
+    function setSelling(bool newStatus) onlyOwner {
+        isSelling = newStatus;
+    }
+
+    function buy() payable {
+        if(isSelling == false) revert();
+        uint amount = msg.value * buyRate;                  // calculates the amount
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[owner] -= amount;                         // subtracts amount from seller's balance
+        Transfer(owner, msg.sender, amount);                // execute an event reflecting the change
+    }
+    
+    function withdrawToOwner(uint256 amountWei) onlyOwner {
+        owner.transfer(amountWei);
+    }
+}

data_full/CVE/2018-12083.sol

@@ -0,0 +1,117 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-11-14
+*/
+
+pragma solidity ^0.4.18;
+
+contract owned {
+	address public owner;
+
+	function owned() {
+		owner = msg.sender;
+	}
+
+	function changeOwner(address newOwner) onlyOwner {
+		owner = newOwner;
+	}
+
+	modifier onlyOwner {
+		require(msg.sender == owner);
+		_;
+	}
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract GoalToken is owned {
+    /* Public variables of the token */
+    string public name = "GOAL Bonanza";
+    string public symbol = "GOAL";
+    uint8 public decimals = 18;
+    uint256 public totalSupply = 0;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    event Burn(address indexed from, uint256 value);
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] > _value);                // Check if the sender has enough
+        require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(_from, _to, _value);
+    }
+
+    /// @notice Send `_value` tokens to `_to` from your account
+    /// @param _to The address of the recipient
+    /// @param _value the amount to send
+    function transfer(address _to, uint256 _value) {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /// @notice Send `_value` tokens to `_to` in behalf of `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value the amount to send
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        require (_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf
+    /// @param _spender The address authorized to spend
+    /// @param _value the max amount they can spend
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /// @notice Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+    /// @param _spender The address authorized to spend
+    /// @param _value the max amount they can spend
+    /// @param _extraData some extra information to send to the approved contract
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }        
+
+    /// @notice Remove `_value` tokens from the system irreversibly
+    /// @param _value the amount of money to burn
+    function burn(uint256 _value) returns (bool success) {
+        require (balanceOf[msg.sender] > _value);            // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;                      // Subtract from the sender
+        totalSupply -= _value;                                // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    function burnFrom(address _from, uint256 _value) returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(this, target, mintedAmount);
+    }
+}

data_full/CVE/2018-12084.sol

@@ -0,0 +1,153 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-07-25
+*/
+
+pragma solidity ^0.4.13;
+
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) revert();
+        _;
+    }
+
+}
+
+contract tokenRecipient { 
+    
+    function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData);
+    
+}
+
+contract token {
+    
+    /* Public variables of the token */ 
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins e.g. exchange transfer our token */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        revert();     // Prevents accidental sending of ether
+    }
+}
+
+contract BitAseanToken is owned, token { 
+ 
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function BitAseanToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {  
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        if (frozenAccount[msg.sender]) revert();                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) revert();                        // Check if frozen            
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+
+}

data_full/CVE/2018-12230.sol

@@ -0,0 +1,161 @@
+pragma solidity ^0.4.2;
+
+contract ERC20Interface {
+
+    function balanceOf(address _owner) constant returns (uint256 balance);
+    function transfer(address _to, uint256 _value) returns (bool success);
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+    function approve(address _spender, uint256 _value) returns (bool success);
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+
+    // Triggered when tokens are transferred.
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+
+    // Triggered whenever approve(address _spender, uint256 _value) is called.
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+
+}
+
+contract Owner {
+    //For storing the owner address
+    address public owner;
+
+    //Constructor for assign a address for owner property(It will be address who deploy the contract) 
+    function Owner() {
+        owner = msg.sender;
+    }
+
+    //This is modifier (a special function) which will execute before the function execution on which it applied 
+    modifier onlyOwner() {
+        if(msg.sender != owner) throw;
+        //This statement replace with the code of fucntion on which modifier is applied
+        _;
+    }
+    //Here is the example of modifier this function code replace _; statement of modifier 
+    function transferOwnership(address new_owner) onlyOwner {
+        owner = new_owner;
+    }
+}
+
+contract RemiCoin is ERC20Interface,Owner {
+
+    //Common information about coin
+    string  public name;
+    string  public symbol;
+    uint8   public decimals;
+    uint256 public totalSupply;
+    
+    //Balance property which should be always associate with an address
+    mapping(address => uint256) balances;
+    //frozenAccount property which should be associate with an address
+    mapping (address => bool) public frozenAccount;
+    // Owner of account approves the transfer of an amount to another account
+    mapping(address => mapping (address => uint256)) allowed;
+    
+    //These generates a public event on the blockchain that will notify clients
+    event FrozenFunds(address target, bool frozen);
+    
+    //Construtor for initial supply (The address who deployed the contract will get it) and important information
+    function RemiCoin(uint256 initial_supply, string _name, string _symbol, uint8 _decimal) {
+        balances[msg.sender]  = initial_supply;
+        name                  = _name;
+        symbol                = _symbol;
+        decimals              = _decimal;
+        totalSupply           = initial_supply;
+    }
+
+    // What is the balance of a particular account?
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    //Function for transer the coin from one address to another
+    function transfer(address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the sender should have enough coins
+        if(balances[msg.sender] < value) return false;
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        //substracting the sender balance
+        balances[msg.sender] -= value;
+        //adding the reciever balance
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(msg.sender, to, value);
+
+        return true;
+    }
+
+
+    //Function for transer the coin from one address to another
+    function transferFrom(address from, address to, uint value) returns (bool success) {
+
+        //checking account is freeze or not
+        if (frozenAccount[msg.sender]) return false;
+
+        //checking the from should have enough coins
+        if(balances[from] < value) return false;
+
+        //checking for allowance
+        if( allowed[from][msg.sender] >= value ) return false;
+
+        //checking for overflows
+        if(balances[to] + value < balances[to]) return false;
+        
+        balances[from] -= value;
+        allowed[from][msg.sender] -= value;
+        balances[to] += value;
+        
+        // Notify anyone listening that this transfer took place
+        Transfer(from, to, value);
+
+        return true;
+    }
+
+    //
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+        return allowed[_owner][_spender];
+    }
+
+    //
+    function approve(address _spender, uint256 _amount) returns (bool success) {
+        allowed[msg.sender][_spender] = _amount;
+        Approval(msg.sender, _spender, _amount);
+        return true;
+    }
+    
+    //
+    function mintToken(address target, uint256 mintedAmount) onlyOwner{
+        balances[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        
+        Transfer(0,owner,mintedAmount);
+        Transfer(owner,target,mintedAmount);
+    }
+
+    //
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    //
+    function changeName(string _name) onlyOwner {
+        name = _name;
+    }
+
+    //
+    function changeSymbol(string _symbol) onlyOwner {
+        symbol = _symbol;
+    }
+
+    //
+    function changeDecimals(uint8 _decimals) onlyOwner {
+        decimals = _decimals;
+    }
+}

data_full/CVE/2018-12454.sol

@@ -0,0 +1,148 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-11-25
+*/
+
+pragma solidity ^0.4.11;
+contract simplelottery {
+    enum State { Started, Locked }
+    State public state = State.Started;
+    struct Guess{
+      address addr;
+      //uint    guess;
+    }
+    uint arraysize=1000;
+    uint constant maxguess=1000000;
+    uint bettingprice = 1 ether;
+    Guess[1000] guesses;
+    uint    numguesses = 0;
+    bytes32 curhash = '';
+    uint _gameindex = 1;
+    uint _starttime = 0;
+    modifier inState(State _state) {
+      require(state == _state);
+      _;
+    }
+    address developer = 0x0;
+    address _winner   = 0x0;
+    event SentPrizeToWinner(address winner, uint money, uint gameindex, uint lotterynumber, uint starttime, uint finishtime);
+    event SentDeveloperFee(uint amount, uint balance);
+    
+    function simplelottery() 
+    {
+      if(developer==address(0)){
+        developer = msg.sender;
+        state = State.Started;
+        _starttime = block.timestamp;
+      }
+    }
+    
+    function setBettingCondition(uint _contenders, uint _bettingprice)
+    {
+      if(msg.sender != developer)
+        return;
+      arraysize  = _contenders;
+      if(arraysize>1000)
+        arraysize = 1000;
+      bettingprice = _bettingprice;
+    }
+    
+    function findWinner(uint value)
+    {
+      uint i = value % numguesses;
+      _winner = guesses[i].addr;
+    }
+    
+      function getMaxContenders() constant returns(uint){
+      return arraysize;
+    }
+
+    function getBettingPrice() constant returns(uint){
+      return bettingprice;
+    }
+
+    function getDeveloperAddress() constant returns(address)
+    {
+      return developer;
+    }
+    
+    function getDeveloperFee() constant returns(uint)
+    {
+      uint developerfee = this.balance/100;
+      return developerfee;
+    }
+    
+    function getBalance() constant returns(uint)
+    {
+       return this.balance;
+    }
+    
+    function getLotteryMoney() constant returns(uint)
+    {
+      uint developerfee = getDeveloperFee();
+      uint prize = (this.balance - developerfee);
+      return prize;
+    }
+
+    function getBettingStatus()
+      constant
+      returns (uint, uint, uint, uint, uint, uint, uint)
+    {
+      return ((uint)(state), _gameindex, _starttime, numguesses, getLotteryMoney(), this.balance, bettingprice);
+    }
+
+
+
+    function finish()
+    {
+      if(msg.sender != developer)
+        return;
+      _finish();
+    }
+    
+    function _finish() private
+    {
+      state = State.Locked;
+      uint block_timestamp = block.timestamp;
+      uint lotterynumber = (uint(curhash)+block_timestamp)%(maxguess+1);
+      findWinner(lotterynumber);
+      uint prize = getLotteryMoney();
+      uint numwinners = 1;
+      uint remain = this.balance - (prize*numwinners);
+
+      _winner.transfer(prize);
+      SentPrizeToWinner(_winner, prize, _gameindex, lotterynumber, _starttime, block_timestamp);
+
+      // give delveoper the money left behind
+      developer.transfer(remain); 
+      SentDeveloperFee(remain, this.balance);
+      numguesses = 0;
+      _gameindex++;
+      state = State.Started;
+      _starttime = block.timestamp;
+    }
+    
+    function () payable
+    {
+        _addguess();
+    }
+
+    function addguess() 
+      inState(State.Started)
+      payable
+    {
+      _addguess();
+    }
+    
+    function _addguess() private
+      inState(State.Started)
+    {
+      require(msg.value >= bettingprice);
+      curhash = sha256(block.timestamp, block.coinbase, block.difficulty, curhash);
+      if((uint)(numguesses+1)<=arraysize) {
+        guesses[numguesses++].addr = msg.sender;
+        if((uint)(numguesses)>=arraysize){
+          _finish();
+        }
+      }
+    }
+}

data_full/CVE/2018-12511.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-07
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = 'Token 0.1';
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract MyAdvancedToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function MyAdvancedToken(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }
+    }
+}

data_full/CVE/2018-12702.sol

@@ -0,0 +1,142 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-12-26
+*/
+
+// Abstract contract for the full ERC 20 Token standard
+// https://github.com/ethereum/EIPs/issues/20
+pragma solidity ^0.4.16;
+
+contract Token {
+    /* This is a slight change to the ERC20 base standard.
+    function totalSupply() constant returns (uint256 supply);
+    is replaced with:
+    uint256 public totalSupply;
+    This automatically creates a getter function for the totalSupply.
+    This is moved to the base contract since public getter functions are not
+    currently recognised as an implementation of the matching abstract
+    function by the compiler.
+    */
+    /// total amount of tokens
+    uint256 public totalSupply;
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    function balanceOf(address _owner) constant returns (uint256 balance);
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) returns (bool success);
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+
+    /// @notice `msg.sender` approves `_spender` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of tokens to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) returns (bool success);
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+}
+
+
+contract StandardToken is Token {
+
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        require(_to != address(0));
+        require(_value <= balances[msg.sender]);
+        //Default assumes totalSupply can't be over max (2^256 - 1).
+        //If your token leaves out totalSupply and can issue more tokens as time goes on, you need to check if it doesn't wrap.
+        //Replace the if with this one instead.
+        require(balances[_to] + _value > balances[_to]);
+        balances[msg.sender] -= _value;
+        balances[_to] += _value;
+        Transfer(msg.sender, _to, _value);
+        return true;
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        require(_to != address(0));
+        require(_value <= balances[_from]);
+        require(_value <= allowed[_from][msg.sender]);
+        //same as above. Replace this line with the following if you want to protect against wrapping uints.
+        require(balances[_to] + _value > balances[_to]);
+        balances[_to] += _value;
+        balances[_from] -= _value;
+        allowed[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+        return allowed[_owner][_spender];
+    }
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+}
+
+contract GVE is StandardToken {
+
+    function () {
+        //if ether is sent to this address, send it back.
+        revert();
+    }
+
+    string public name = "Globalvillage ecosystem";                   //fancy name: eg Simon Bucks
+    uint8 public decimals = 18;                //How many decimals to show. ie. There could 1000 base units with 3 decimals. Meaning 0.980 SBX = 980 base units. It's like comparing 1 wei to 1 ether.
+    string public symbol = "GVE";                 //An identifier: eg SBX
+    string public version = 'v0.1';       //gve 0.1 standard. Just an arbitrary versioning scheme.
+
+    address public founder; // The address of the founder
+
+    function GVE() {
+        founder = msg.sender;
+        totalSupply = 1000000000 * 10 ** uint256(decimals);
+        balances[founder] = totalSupply;
+    }
+
+    /* Approves and then calls the receiving contract */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //call the receiveApproval function on the contract you want to be notified. This crafts the function signature manually so one doesn't have to include a contract in here just for this.
+        //receiveApproval(address _from, uint256 _value, address _tokenContract, bytes _extraData)
+        //it is assumed that when does this that the call *should* succeed, otherwise one would use vanilla approve instead.
+        if(!_spender.call(bytes4(bytes32(sha3("receiveApproval(address,uint256,address,bytes)"))), msg.sender, _value, this, _extraData)) { revert(); }
+        return true;
+    }
+
+    /* Approves and then calls the contract code*/
+    function approveAndCallcode(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //Call the contract code
+        if(!_spender.call(_extraData)) { revert(); }
+        return true;
+    }
+}

data_full/CVE/2018-12703.sol

@@ -0,0 +1,142 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-01-04
+*/
+
+// Abstract contract for the full ERC 20 Token standard
+// https://github.com/ethereum/EIPs/issues/20
+pragma solidity ^0.4.16;
+
+contract Token {
+    /* This is a slight change to the ERC20 base standard.
+    function totalSupply() constant returns (uint256 supply);
+    is replaced with:
+    uint256 public totalSupply;
+    This automatically creates a getter function for the totalSupply.
+    This is moved to the base contract since public getter functions are not
+    currently recognised as an implementation of the matching abstract
+    function by the compiler.
+    */
+    /// total amount of tokens
+    uint256 public totalSupply;
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    function balanceOf(address _owner) constant returns (uint256 balance);
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) returns (bool success);
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
+
+    /// @notice `msg.sender` approves `_spender` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of tokens to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) returns (bool success);
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining);
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+}
+
+
+contract StandardToken is Token {
+
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        require(_to != address(0));
+        require(_value <= balances[msg.sender]);
+        //Default assumes totalSupply can't be over max (2^256 - 1).
+        //If your token leaves out totalSupply and can issue more tokens as time goes on, you need to check if it doesn't wrap.
+        //Replace the if with this one instead.
+        require(balances[_to] + _value > balances[_to]);
+        balances[msg.sender] -= _value;
+        balances[_to] += _value;
+        Transfer(msg.sender, _to, _value);
+        return true;
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        require(_to != address(0));
+        require(_value <= balances[_from]);
+        require(_value <= allowed[_from][msg.sender]);
+        //same as above. Replace this line with the following if you want to protect against wrapping uints.
+        require(balances[_to] + _value > balances[_to]);
+        balances[_to] += _value;
+        balances[_from] -= _value;
+        allowed[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+        return allowed[_owner][_spender];
+    }
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+}
+
+contract EightteenToken is StandardToken {
+
+    function () {
+        //if ether is sent to this address, send it back.
+        revert();
+    }
+
+    string public name = "Block 18";                   //fancy name: eg Simon Bucks
+    uint8 public decimals = 18;                //How many decimals to show. ie. There could 1000 base units with 3 decimals. Meaning 0.980 SBX = 980 base units. It's like comparing 1 wei to 1 ether.
+    string public symbol = "18T";                 //An identifier: eg SBX
+    string public version = 'v0.1';       //18t 0.1 standard. Just an arbitrary versioning scheme.
+
+    address public founder; // The address of the founder
+
+    function EightteenToken() {
+        founder = msg.sender;
+        totalSupply = 1000000000 * 10 ** uint256(decimals);
+        balances[founder] = totalSupply;
+    }
+
+    /* Approves and then calls the receiving contract */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //call the receiveApproval function on the contract you want to be notified. This crafts the function signature manually so one doesn't have to include a contract in here just for this.
+        //receiveApproval(address _from, uint256 _value, address _tokenContract, bytes _extraData)
+        //it is assumed that when does this that the call *should* succeed, otherwise one would use vanilla approve instead.
+        if(!_spender.call(bytes4(bytes32(sha3("receiveApproval(address,uint256,address,bytes)"))), msg.sender, _value, this, _extraData)) { revert(); }
+        return true;
+    }
+
+    /* Approves and then calls the contract code*/
+    function approveAndCallcode(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //Call the contract code
+        if(!_spender.call(_extraData)) { revert(); }
+        return true;
+    }
+}

data_full/CVE/2018-12885.sol

@@ -0,0 +1,1149 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-05-14
+*/
+
+pragma solidity 0.4.23;
+
+
+/**
+ * @title SafeMath
+ * @dev Math operations with safety checks that throw on error
+ */
+library SafeMath {
+  /**
+  * @dev Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).
+  */
+  function sub(uint256 a, uint256 b) internal pure returns (uint256) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  /**
+  * @dev Adds two numbers, throws on overflow.
+  */
+  function add(uint256 a, uint256 b) internal pure returns (uint256) {
+    uint256 c = a + b;
+    assert(c >= a);
+    return c;
+  }
+}
+
+
+/**
+ * @title Ownable
+ * @dev The Ownable contract has an owner address, and provides basic authorization control
+ * functions, this simplifies the implementation of "user permissions".
+ */
+contract Ownable {
+  address internal contractOwner;
+
+  constructor () internal {
+    if(contractOwner == address(0)){
+      contractOwner = msg.sender;
+    }
+  }
+
+  /**
+   * @dev Throws if called by any account other than the owner.
+   */
+  modifier onlyOwner() {
+    require(msg.sender == contractOwner);
+    _;
+  }
+
+
+  /**
+   * @dev Allows the current owner to transfer control of the contract to a newOwner.
+   * @param newOwner The address to transfer ownership to.
+   */
+  function transferOwnership(address newOwner) public onlyOwner {
+    require(newOwner != address(0));
+    contractOwner = newOwner;
+  }
+
+}
+
+
+/**
+ * @title Pausable
+ * @dev Base contract which allows children to implement an emergency stop mechanism.
+ */
+contract Pausable is Ownable {
+  bool private paused = false;
+
+  /**
+   * @dev Modifier to allow actions only when the contract IS paused
+     @dev If is paused msg.value is send back
+   */
+  modifier whenNotPaused() {
+    if(paused == true && msg.value > 0){
+      msg.sender.transfer(msg.value);
+    }
+    require(!paused);
+    _;
+  }
+
+
+  /**
+   * @dev Called by the owner to pause, triggers stopped state
+   */
+  function triggerPause() onlyOwner external {
+    paused = !paused;
+  }
+
+}
+
+
+/// @title A contract for creating new champs and making withdrawals
+contract ChampFactory is Pausable{
+
+    event NewChamp(uint256 champID, address owner);
+
+    using SafeMath for uint; //SafeMath for overflow prevention
+
+    /*
+     * Variables
+     */
+    struct Champ {
+        uint256 id; //same as position in Champ[]
+        uint256 attackPower;
+        uint256 defencePower;
+        uint256 cooldownTime; //how long does it take to be ready attack again
+        uint256 readyTime; //if is smaller than block.timestamp champ is ready to fight
+        uint256 winCount;
+        uint256 lossCount;
+        uint256 position; //position in leaderboard. subtract 1 and you got position in leaderboard[]
+        uint256 price; //selling price
+        uint256 withdrawCooldown; //if you one of the 800 best champs and withdrawCooldown is less as block.timestamp then you get ETH reward
+        uint256 eq_sword;
+        uint256 eq_shield;
+        uint256 eq_helmet;
+        bool forSale; //is champ for sale?
+    }
+
+    struct AddressInfo {
+        uint256 withdrawal;
+        uint256 champsCount;
+        uint256 itemsCount;
+        string name;
+    }
+
+    //Item struct
+    struct Item {
+        uint8 itemType; // 1 - Sword | 2 - Shield | 3 - Helmet
+        uint8 itemRarity; // 1 - Common | 2 - Uncommon | 3 - Rare | 4 - Epic | 5 - Legendery | 6 - Forged
+        uint256 attackPower;
+        uint256 defencePower;
+        uint256 cooldownReduction;
+        uint256 price;
+        uint256 onChampId; //can not be used to decide if item is on champ, because champ's id can be 0, 'bool onChamp' solves it.
+        bool onChamp;
+        bool forSale; //is item for sale?
+    }
+
+    mapping (address => AddressInfo) public addressInfo;
+    mapping (uint256 => address) public champToOwner;
+    mapping (uint256 => address) public itemToOwner;
+    mapping (uint256 => string) public champToName;
+
+    Champ[] public champs;
+    Item[] public items;
+    uint256[] public leaderboard;
+
+    uint256 internal createChampFee = 5 finney;
+    uint256 internal lootboxFee = 5 finney;
+    uint256 internal pendingWithdrawal = 0;
+    uint256 private randNonce = 0; //being used in generating random numbers
+    uint256 public champsForSaleCount;
+    uint256 public itemsForSaleCount;
+
+
+    /*
+     * Modifiers
+     */
+    /// @dev Checks if msg.sender is owner of champ
+    modifier onlyOwnerOfChamp(uint256 _champId) {
+        require(msg.sender == champToOwner[_champId]);
+        _;
+    }
+
+
+    /// @dev Checks if msg.sender is NOT owner of champ
+    modifier onlyNotOwnerOfChamp(uint256 _champId) {
+        require(msg.sender != champToOwner[_champId]);
+        _;
+    }
+
+
+    /// @notice Checks if amount was sent
+    modifier isPaid(uint256 _price){
+        require(msg.value >= _price);
+        _;
+    }
+
+
+    /// @notice People are allowed to withdraw only if min. balance (0.01 gwei) is reached
+    modifier contractMinBalanceReached(){
+        require( (address(this).balance).sub(pendingWithdrawal) > 1000000 );
+        _;
+    }
+
+
+    /// @notice Checks if withdraw cooldown passed
+    modifier isChampWithdrawReady(uint256 _id){
+        require(champs[_id].withdrawCooldown < block.timestamp);
+        _;
+    }
+
+
+    /// @notice Distribute input funds between contract owner and players
+    modifier distributeInput(address _affiliateAddress){
+
+        //contract owner
+        uint256 contractOwnerWithdrawal = (msg.value / 100) * 50; // 50%
+        addressInfo[contractOwner].withdrawal += contractOwnerWithdrawal;
+        pendingWithdrawal += contractOwnerWithdrawal;
+
+        //affiliate
+        //checks if _affiliateAddress is set & if affiliate address is not buying player
+        if(_affiliateAddress != address(0) && _affiliateAddress != msg.sender){
+            uint256 affiliateBonus = (msg.value / 100) * 25; //provision is 25%
+            addressInfo[_affiliateAddress].withdrawal += affiliateBonus;
+            pendingWithdrawal += affiliateBonus;
+        }
+
+        _;
+    }
+
+
+
+    /*
+     * View
+     */
+    /// @notice Gets champs by address
+    /// @param _owner Owner address
+    function getChampsByOwner(address _owner) external view returns(uint256[]) {
+        uint256[] memory result = new uint256[](addressInfo[_owner].champsCount);
+        uint256 counter = 0;
+        for (uint256 i = 0; i < champs.length; i++) {
+            if (champToOwner[i] == _owner) {
+                result[counter] = i;
+                counter++;
+            }
+        }
+        return result;
+    }
+
+
+    /// @notice Gets total champs count
+    function getChampsCount() external view returns(uint256){
+        return champs.length;
+    }
+
+
+    /// @notice Gets champ's reward in wei
+    function getChampReward(uint256 _position) public view returns(uint256) {
+        if(_position <= 800){
+            //percentageMultipier = 10,000
+            //maxReward = 2000 = .2% * percentageMultipier
+            //subtractPerPosition = 2 = .0002% * percentageMultipier
+            //2000 - (2 * (_position - 1))
+            uint256 rewardPercentage = uint256(2000).sub(2 * (_position - 1));
+
+            //available funds are all funds - already pending
+            uint256 availableWithdrawal = address(this).balance.sub(pendingWithdrawal);
+
+            //calculate reward for champ's position
+            //1000000 = percentageMultipier * 100
+            return availableWithdrawal / 1000000 * rewardPercentage;
+        }else{
+            return uint256(0);
+        }
+    }
+
+
+    /*
+     * Internal
+     */
+    /// @notice Generates random modulus
+    /// @param _modulus Max random modulus
+    function randMod(uint256 _modulus) internal returns(uint256) {
+        randNonce++;
+        return uint256(keccak256(randNonce, blockhash(block.number - 1))) % _modulus;
+    }
+
+
+
+    /*
+     * External
+     */
+    /// @notice Creates new champ
+    /// @param _affiliateAddress Affiliate address (optional)
+    function createChamp(address _affiliateAddress) external payable
+    whenNotPaused
+    isPaid(createChampFee)
+    distributeInput(_affiliateAddress)
+    {
+
+        /*
+        Champ memory champ = Champ({
+             id: 0,
+             attackPower: 2 + randMod(4),
+             defencePower: 1 + randMod(4),
+             cooldownTime: uint256(1 days) - uint256(randMod(9) * 1 hours),
+             readyTime: 0,
+             winCount: 0,
+             lossCount: 0,
+             position: leaderboard.length + 1, //Last place in leaderboard is new champ's position. Used in new champ struct bellow. +1 to avoid zero position.
+             price: 0,
+             withdrawCooldown: uint256(block.timestamp),
+             eq_sword: 0,
+             eq_shield: 0,
+             eq_helmet: 0,
+             forSale: false
+        });
+        */
+
+        // This line bellow is about 30k gas cheaper than lines above. They are the same. Lines above are just more readable.
+        uint256 id = champs.push(Champ(0, 2 + randMod(4), 1 + randMod(4), uint256(1 days)  - uint256(randMod(9) * 1 hours), 0, 0, 0, leaderboard.length + 1, 0, uint256(block.timestamp), 0,0,0, false)) - 1;
+
+
+        champs[id].id = id; //sets id in Champ struct
+        leaderboard.push(id); //push champ on the last place in leaderboard
+        champToOwner[id] = msg.sender; //sets owner of this champ - msg.sender
+        addressInfo[msg.sender].champsCount++;
+
+        emit NewChamp(id, msg.sender);
+
+    }
+
+
+    /// @notice Change "CreateChampFee". If ETH price will grow up it can expensive to create new champ.
+    /// @param _fee New "CreateChampFee"
+    /// @dev Only owner of contract can change "CreateChampFee"
+    function setCreateChampFee(uint256 _fee) external onlyOwner {
+        createChampFee = _fee;
+    }
+
+
+    /// @notice Change champ's name
+    function changeChampsName(uint _champId, string _name) external
+    onlyOwnerOfChamp(_champId){
+        champToName[_champId] = _name;
+    }
+
+
+    /// @notice Change players's name
+    function changePlayersName(string _name) external {
+        addressInfo[msg.sender].name = _name;
+    }
+
+
+    /// @notice Withdraw champ's reward
+    /// @param _id Champ id
+    /// @dev Move champ reward to pending withdrawal to his wallet.
+    function withdrawChamp(uint _id) external
+    onlyOwnerOfChamp(_id)
+    contractMinBalanceReached
+    isChampWithdrawReady(_id)
+    whenNotPaused {
+        Champ storage champ = champs[_id];
+        require(champ.position <= 800);
+
+        champ.withdrawCooldown = block.timestamp + 1 days; //one withdrawal 1 per day
+
+        uint256 withdrawal = getChampReward(champ.position);
+        addressInfo[msg.sender].withdrawal += withdrawal;
+        pendingWithdrawal += withdrawal;
+    }
+
+
+    /// @dev Send all pending funds of caller's address
+    function withdrawToAddress(address _address) external
+    whenNotPaused {
+        address playerAddress = _address;
+        if(playerAddress == address(0)){ playerAddress = msg.sender; }
+        uint256 share = addressInfo[playerAddress].withdrawal; //gets pending funds
+        require(share > 0); //is it more than 0?
+
+        //first sets players withdrawal pending to 0 and subtract amount from playerWithdrawals then transfer funds to avoid reentrancy
+        addressInfo[playerAddress].withdrawal = 0; //set player's withdrawal pendings to 0
+        pendingWithdrawal = pendingWithdrawal.sub(share); //subtract share from total pendings
+
+        playerAddress.transfer(share); //transfer
+    }
+
+}
+
+
+
+/// @title  Moderates items and creates new ones
+contract Items is ChampFactory {
+
+    event NewItem(uint256 itemID, address owner);
+
+    constructor () internal {
+        //item -> nothing
+        items.push(Item(0, 0, 0, 0, 0, 0, 0, false, false));
+    }
+
+    /*
+     * Modifiers
+     */
+    /// @notice Checks if sender is owner of item
+    modifier onlyOwnerOfItem(uint256 _itemId) {
+        require(_itemId != 0);
+        require(msg.sender == itemToOwner[_itemId]);
+        _;
+    }
+
+
+    /// @notice Checks if sender is NOT owner of item
+    modifier onlyNotOwnerOfItem(uint256 _itemId) {
+        require(msg.sender != itemToOwner[_itemId]);
+        _;
+    }
+
+
+    /*
+     * View
+     */
+    ///@notice Check if champ has something on
+    ///@param _type Sword, shield or helmet
+    function hasChampSomethingOn(uint _champId, uint8 _type) internal view returns(bool){
+        Champ storage champ = champs[_champId];
+        if(_type == 1){
+            return (champ.eq_sword == 0) ? false : true;
+        }
+        if(_type == 2){
+            return (champ.eq_shield == 0) ? false : true;
+        }
+        if(_type == 3){
+            return (champ.eq_helmet == 0) ? false : true;
+        }
+    }
+
+
+    /// @notice Gets items by address
+    /// @param _owner Owner address
+    function getItemsByOwner(address _owner) external view returns(uint256[]) {
+        uint256[] memory result = new uint256[](addressInfo[_owner].itemsCount);
+        uint256 counter = 0;
+        for (uint256 i = 0; i < items.length; i++) {
+            if (itemToOwner[i] == _owner) {
+                result[counter] = i;
+                counter++;
+            }
+        }
+        return result;
+    }
+
+
+    /*
+     * Public
+     */
+    ///@notice Takes item off champ
+    function takeOffItem(uint _champId, uint8 _type) public
+        onlyOwnerOfChamp(_champId) {
+            uint256 itemId;
+            Champ storage champ = champs[_champId];
+            if(_type == 1){
+                itemId = champ.eq_sword; //Get item ID
+                if (itemId > 0) { //0 = nothing
+                    champ.eq_sword = 0; //take off sword
+                }
+            }
+            if(_type == 2){
+                itemId = champ.eq_shield; //Get item ID
+                if(itemId > 0) {//0 = nothing
+                    champ.eq_shield = 0; //take off shield
+                }
+            }
+            if(_type == 3){
+                itemId = champ.eq_helmet; //Get item ID
+                if(itemId > 0) { //0 = nothing
+                    champ.eq_helmet = 0; //take off
+                }
+            }
+            if(itemId > 0){
+                items[itemId].onChamp = false; //item is free to use, is not on champ
+            }
+    }
+
+
+
+    /*
+     * External
+     */
+    ///@notice Puts item on champ
+    function putOn(uint256 _champId, uint256 _itemId) external
+        onlyOwnerOfChamp(_champId)
+        onlyOwnerOfItem(_itemId) {
+            Champ storage champ = champs[_champId];
+            Item storage item = items[_itemId];
+
+            //checks if items is on some other champ
+            if(item.onChamp){
+                takeOffItem(item.onChampId, item.itemType); //take off from champ
+            }
+
+            item.onChamp = true; //item is on champ
+            item.onChampId = _champId; //champ's id
+
+            //put on
+            if(item.itemType == 1){
+                //take off actual sword
+                if(champ.eq_sword > 0){
+                    takeOffItem(champ.id, 1);
+                }
+                champ.eq_sword = _itemId; //put on sword
+            }
+            if(item.itemType == 2){
+                //take off actual shield
+                if(champ.eq_shield > 0){
+                    takeOffItem(champ.id, 2);
+                }
+                champ.eq_shield = _itemId; //put on shield
+            }
+            if(item.itemType == 3){
+                //take off actual helmet
+                if(champ.eq_helmet > 0){
+                    takeOffItem(champ.id, 3);
+                }
+                champ.eq_helmet = _itemId; //put on helmet
+            }
+    }
+
+
+
+    /// @notice Opens loot box and generates new item
+    function openLootbox(address _affiliateAddress) external payable
+    whenNotPaused
+    isPaid(lootboxFee)
+    distributeInput(_affiliateAddress) {
+
+        uint256 pointToCooldownReduction;
+        uint256 randNum = randMod(1001); //random number <= 1000
+        uint256 pointsToShare; //total points given
+        uint256 itemID;
+
+        //sets up item
+        Item memory item = Item({
+            itemType: uint8(uint256(randMod(3) + 1)), //generates item type - max num is 2 -> 0 + 1 SWORD | 1 + 1 SHIELD | 2 + 1 HELMET;
+            itemRarity: uint8(0),
+            attackPower: 0,
+            defencePower: 0,
+            cooldownReduction: 0,
+            price: 0,
+            onChampId: 0,
+            onChamp: false,
+            forSale: false
+        });
+
+        // Gets Rarity of item
+        // 45% common
+        // 27% uncommon
+        // 19% rare
+        // 7%  epic
+        // 2%  legendary
+        if(450 > randNum){
+            pointsToShare = 25 + randMod(9); //25 basic + random number max to 8
+            item.itemRarity = uint8(1);
+        }else if(720 > randNum){
+            pointsToShare = 42 + randMod(17); //42 basic + random number max to 16
+            item.itemRarity = uint8(2);
+        }else if(910 > randNum){
+            pointsToShare = 71 + randMod(25); //71 basic + random number max to 24
+            item.itemRarity = uint8(3);
+        }else if(980 > randNum){
+            pointsToShare = 119 + randMod(33); //119 basic + random number max to 32
+            item.itemRarity = uint8(4);
+        }else{
+            pointsToShare = 235 + randMod(41); //235 basic + random number max to 40
+            item.itemRarity = uint8(5);
+        }
+
+
+        //Gets type of item
+        if(item.itemType == uint8(1)){ //ITEM IS SWORDS
+            item.attackPower = pointsToShare / 10 * 7; //70% attackPower
+            pointsToShare -= item.attackPower; //points left;
+
+            item.defencePower = pointsToShare / 10 * randMod(6); //up to 15% defencePower
+            pointsToShare -= item.defencePower; //points left;
+
+            item.cooldownReduction = pointsToShare * uint256(1 minutes); //rest of points is cooldown reduction
+            item.itemType = uint8(1);
+        }
+
+        if(item.itemType == uint8(2)){ //ITEM IS SHIELD
+            item.defencePower = pointsToShare / 10 * 7; //70% defencePower
+            pointsToShare -= item.defencePower; //points left;
+
+            item.attackPower = pointsToShare / 10 * randMod(6); //up to 15% attackPowerPower
+            pointsToShare -= item.attackPower; //points left;
+
+            item.cooldownReduction = pointsToShare * uint256(1 minutes); //rest of points is cooldown reduction
+            item.itemType = uint8(2);
+        }
+
+        if(item.itemType == uint8(3)){ //ITEM IS HELMET
+            pointToCooldownReduction = pointsToShare / 10 * 7; //70% cooldown reduction
+            item.cooldownReduction = pointToCooldownReduction * uint256(1 minutes); //points to time
+            pointsToShare -= pointToCooldownReduction; //points left;
+
+            item.attackPower = pointsToShare / 10 * randMod(6); //up to 15% attackPower
+            pointsToShare -= item.attackPower; //points left;
+
+            item.defencePower = pointsToShare; //rest of points is defencePower
+            item.itemType = uint8(3);
+        }
+
+        itemID = items.push(item) - 1;
+
+        itemToOwner[itemID] = msg.sender; //sets owner of this item - msg.sender
+        addressInfo[msg.sender].itemsCount++; //every address has count of items
+
+        emit NewItem(itemID, msg.sender);
+
+    }
+
+    /// @notice Change "lootboxFee".
+    /// @param _fee New "lootboxFee"
+    /// @dev Only owner of contract can change "lootboxFee"
+    function setLootboxFee(uint _fee) external onlyOwner {
+        lootboxFee = _fee;
+    }
+}
+
+
+
+/// @title Moderates buying and selling items
+contract ItemMarket is Items {
+
+    event TransferItem(address from, address to, uint256 itemID);
+
+    /*
+     * Modifiers
+     */
+    ///@notice Checks if item is for sale
+    modifier itemIsForSale(uint256 _id){
+        require(items[_id].forSale);
+        _;
+    }
+
+    ///@notice Checks if item is NOT for sale
+    modifier itemIsNotForSale(uint256 _id){
+        require(items[_id].forSale == false);
+        _;
+    }
+
+    ///@notice If item is for sale then cancel sale
+    modifier ifItemForSaleThenCancelSale(uint256 _itemID){
+      Item storage item = items[_itemID];
+      if(item.forSale){
+          _cancelItemSale(item);
+      }
+      _;
+    }
+
+
+    ///@notice Distribute sale eth input
+    modifier distributeSaleInput(address _owner) {
+        uint256 contractOwnerCommision; //1%
+        uint256 playerShare; //99%
+
+        if(msg.value > 100){
+            contractOwnerCommision = (msg.value / 100);
+            playerShare = msg.value - contractOwnerCommision;
+        }else{
+            contractOwnerCommision = 0;
+            playerShare = msg.value;
+        }
+
+        addressInfo[_owner].withdrawal += playerShare;
+        addressInfo[contractOwner].withdrawal += contractOwnerCommision;
+        pendingWithdrawal += playerShare + contractOwnerCommision;
+        _;
+    }
+
+
+
+    /*
+     * View
+     */
+    function getItemsForSale() view external returns(uint256[]){
+        uint256[] memory result = new uint256[](itemsForSaleCount);
+        if(itemsForSaleCount > 0){
+            uint256 counter = 0;
+            for (uint256 i = 0; i < items.length; i++) {
+                if (items[i].forSale == true) {
+                    result[counter]=i;
+                    counter++;
+                }
+            }
+        }
+        return result;
+    }
+
+     /*
+     * Private
+     */
+    ///@notice Cancel sale. Should not be called without checking if item is really for sale.
+    function _cancelItemSale(Item storage item) private {
+      //No need to overwrite item's price
+      item.forSale = false;
+      itemsForSaleCount--;
+    }
+
+
+    /*
+     * Internal
+     */
+    /// @notice Transfer item
+    function transferItem(address _from, address _to, uint256 _itemID) internal
+      ifItemForSaleThenCancelSale(_itemID) {
+        Item storage item = items[_itemID];
+
+        //take off
+        if(item.onChamp && _to != champToOwner[item.onChampId]){
+          takeOffItem(item.onChampId, item.itemType);
+        }
+
+        addressInfo[_to].itemsCount++;
+        addressInfo[_from].itemsCount--;
+        itemToOwner[_itemID] = _to;
+
+        emit TransferItem(_from, _to, _itemID);
+    }
+
+
+
+    /*
+     * Public
+     */
+    /// @notice Calls transfer item
+    /// @notice Address _from is msg.sender. Cannot be used is market, bc msg.sender is buyer
+    function giveItem(address _to, uint256 _itemID) public
+      onlyOwnerOfItem(_itemID) {
+        transferItem(msg.sender, _to, _itemID);
+    }
+
+
+    /// @notice Calcels item's sale
+    function cancelItemSale(uint256 _id) public
+    itemIsForSale(_id)
+    onlyOwnerOfItem(_id){
+      Item storage item = items[_id];
+       _cancelItemSale(item);
+    }
+
+
+    /*
+     * External
+     */
+    /// @notice Sets item for sale
+    function setItemForSale(uint256 _id, uint256 _price) external
+      onlyOwnerOfItem(_id)
+      itemIsNotForSale(_id) {
+        Item storage item = items[_id];
+        item.forSale = true;
+        item.price = _price;
+        itemsForSaleCount++;
+    }
+
+
+    /// @notice Buys item
+    function buyItem(uint256 _id) external payable
+      whenNotPaused
+      onlyNotOwnerOfItem(_id)
+      itemIsForSale(_id)
+      isPaid(items[_id].price)
+      distributeSaleInput(itemToOwner[_id])
+      {
+        transferItem(itemToOwner[_id], msg.sender, _id);
+    }
+
+}
+
+
+
+/// @title Manages forging
+contract ItemForge is ItemMarket {
+
+	event Forge(uint256 forgedItemID);
+
+	///@notice Forge items together
+	function forgeItems(uint256 _parentItemID, uint256 _childItemID) external
+	onlyOwnerOfItem(_parentItemID)
+	onlyOwnerOfItem(_childItemID)
+	ifItemForSaleThenCancelSale(_parentItemID)
+	ifItemForSaleThenCancelSale(_childItemID) {
+
+		//checks if items are not the same
+        require(_parentItemID != _childItemID);
+
+		Item storage parentItem = items[_parentItemID];
+		Item storage childItem = items[_childItemID];
+
+		//take child item off, because child item will be burned
+		if(childItem.onChamp){
+			takeOffItem(childItem.onChampId, childItem.itemType);
+		}
+
+		//update parent item
+		parentItem.attackPower = (parentItem.attackPower > childItem.attackPower) ? parentItem.attackPower : childItem.attackPower;
+		parentItem.defencePower = (parentItem.defencePower > childItem.defencePower) ? parentItem.defencePower : childItem.defencePower;
+		parentItem.cooldownReduction = (parentItem.cooldownReduction > childItem.cooldownReduction) ? parentItem.cooldownReduction : childItem.cooldownReduction;
+		parentItem.itemRarity = uint8(6);
+
+		//burn child item
+		transferItem(msg.sender, address(0), _childItemID);
+
+		emit Forge(_parentItemID);
+	}
+
+}
+
+
+/// @title Manages attacks in game
+contract ChampAttack is ItemForge {
+
+    event Attack(uint256 winnerChampID, uint256 defeatedChampID, bool didAttackerWin);
+
+    /*
+     * Modifiers
+     */
+     /// @notice Is champ ready to fight again?
+    modifier isChampReady(uint256 _champId) {
+      require (champs[_champId].readyTime <= block.timestamp);
+      _;
+    }
+
+
+    /// @notice Prevents from self-attack
+    modifier notSelfAttack(uint256 _champId, uint256 _targetId) {
+        require(_champId != _targetId);
+        _;
+    }
+
+
+    /// @notice Checks if champ does exist
+    modifier targetExists(uint256 _targetId){
+        require(champToOwner[_targetId] != address(0));
+        _;
+    }
+
+
+    /*
+     * View
+     */
+    /// @notice Gets champ's attack power, defence power and cooldown reduction with items on
+    function getChampStats(uint256 _champId) public view returns(uint256,uint256,uint256){
+        Champ storage champ = champs[_champId];
+        Item storage sword = items[champ.eq_sword];
+        Item storage shield = items[champ.eq_shield];
+        Item storage helmet = items[champ.eq_helmet];
+
+        //AP
+        uint256 totalAttackPower = champ.attackPower + sword.attackPower + shield.attackPower + helmet.attackPower; //Gets champs AP
+
+        //DP
+        uint256 totalDefencePower = champ.defencePower + sword.defencePower + shield.defencePower + helmet.defencePower; //Gets champs  DP
+
+        //CR
+        uint256 totalCooldownReduction = sword.cooldownReduction + shield.cooldownReduction + helmet.cooldownReduction; //Gets  CR
+
+        return (totalAttackPower, totalDefencePower, totalCooldownReduction);
+    }
+
+
+    /*
+     * Pure
+     */
+    /// @notice Subtracts ability points. Helps to not cross minimal attack ability points -> 2
+    /// @param _playerAttackPoints Actual player's attack points
+    /// @param _x Amount to subtract
+    function subAttack(uint256 _playerAttackPoints, uint256 _x) internal pure returns (uint256) {
+        return (_playerAttackPoints <= _x + 2) ? 2 : _playerAttackPoints - _x;
+    }
+
+
+    /// @notice Subtracts ability points. Helps to not cross minimal defence ability points -> 1
+    /// @param _playerDefencePoints Actual player's defence points
+    /// @param _x Amount to subtract
+    function subDefence(uint256 _playerDefencePoints, uint256 _x) internal pure returns (uint256) {
+        return (_playerDefencePoints <= _x) ? 1 : _playerDefencePoints - _x;
+    }
+
+
+    /*
+     * Private
+     */
+    /// @dev Is called from from Attack function after the winner is already chosen
+    /// @dev Updates abilities, champ's stats and swaps positions
+    function _attackCompleted(Champ storage _winnerChamp, Champ storage _defeatedChamp, uint256 _pointsGiven, uint256 _pointsToAttackPower) private {
+        /*
+         * Updates abilities after fight
+         */
+        //winner abilities update
+        _winnerChamp.attackPower += _pointsToAttackPower; //increase attack power
+        _winnerChamp.defencePower += _pointsGiven - _pointsToAttackPower; //max point that was given - already given to AP
+
+        //defeated champ's abilities update
+        //checks for not cross minimal AP & DP points
+        _defeatedChamp.attackPower = subAttack(_defeatedChamp.attackPower, _pointsToAttackPower); //decrease attack power
+        _defeatedChamp.defencePower = subDefence(_defeatedChamp.defencePower, _pointsGiven - _pointsToAttackPower); // decrease defence power
+
+
+
+        /*
+         * Update champs' wins and losses
+         */
+        _winnerChamp.winCount++;
+        _defeatedChamp.lossCount++;
+
+
+
+        /*
+         * Swap positions
+         */
+        if(_winnerChamp.position > _defeatedChamp.position) { //require loser to has better (lower) postion than attacker
+            uint256 winnerPosition = _winnerChamp.position;
+            uint256 loserPosition = _defeatedChamp.position;
+
+            _defeatedChamp.position = winnerPosition;
+            _winnerChamp.position = loserPosition;
+
+            //position in champ struct is always one point bigger than in leaderboard array
+            leaderboard[winnerPosition - 1] = _defeatedChamp.id;
+            leaderboard[loserPosition - 1] = _winnerChamp.id;
+        }
+    }
+
+
+    /// @dev Gets pointsGiven and pointsToAttackPower
+    function _getPoints(uint256 _pointsGiven) private returns (uint256 pointsGiven, uint256 pointsToAttackPower){
+        return (_pointsGiven, randMod(_pointsGiven+1));
+    }
+
+
+
+    /*
+     * External
+     */
+    /// @notice Attack function
+    /// @param _champId Attacker champ
+    /// @param _targetId Target champ
+    function attack(uint256 _champId, uint256 _targetId) external
+    onlyOwnerOfChamp(_champId)
+    isChampReady(_champId)
+    notSelfAttack(_champId, _targetId)
+    targetExists(_targetId) {
+        Champ storage myChamp = champs[_champId];
+        Champ storage enemyChamp = champs[_targetId];
+        uint256 pointsGiven; //total points that will be divided between AP and DP
+        uint256 pointsToAttackPower; //part of points that will be added to attack power, the rest of points go to defence power
+        uint256 myChampAttackPower;
+        uint256 enemyChampDefencePower;
+        uint256 myChampCooldownReduction;
+
+        (myChampAttackPower,,myChampCooldownReduction) = getChampStats(_champId);
+        (,enemyChampDefencePower,) = getChampStats(_targetId);
+
+
+        //if attacker's AP is more than target's DP then attacker wins
+        if (myChampAttackPower > enemyChampDefencePower) {
+
+            //this should demotivate players from farming on way weaker champs than they are
+            //the bigger difference between AP & DP is, the reward is smaller
+            if(myChampAttackPower - enemyChampDefencePower < 5){
+
+                //big experience - 3 ability points
+                (pointsGiven, pointsToAttackPower) = _getPoints(3);
+
+
+            }else if(myChampAttackPower - enemyChampDefencePower < 10){
+
+                //medium experience - 2 ability points
+                (pointsGiven, pointsToAttackPower) = _getPoints(2);
+
+            }else{
+
+                //small experience - 1 ability point to random ability (attack power or defence power)
+                (pointsGiven, pointsToAttackPower) = _getPoints(1);
+
+            }
+
+            _attackCompleted(myChamp, enemyChamp, pointsGiven, pointsToAttackPower);
+
+            emit Attack(myChamp.id, enemyChamp.id, true);
+
+        } else {
+
+            //1 ability point to random ability (attack power or defence power)
+            (pointsGiven, pointsToAttackPower) = _getPoints(1);
+
+            _attackCompleted(enemyChamp, myChamp, pointsGiven, pointsToAttackPower);
+
+            emit Attack(enemyChamp.id, myChamp.id, false);
+
+        }
+
+        //Trigger cooldown for attacker
+        myChamp.readyTime = uint256(block.timestamp + myChamp.cooldownTime - myChampCooldownReduction);
+
+    }
+
+}
+
+
+/// @title Moderates buying and selling champs
+contract ChampMarket is ChampAttack {
+
+    event TransferChamp(address from, address to, uint256 champID);
+
+    /*
+     * Modifiers
+     */
+    ///@notice Require champ to be sale
+    modifier champIsForSale(uint256 _id){
+        require(champs[_id].forSale);
+        _;
+    }
+
+
+    ///@notice Require champ NOT to be for sale
+    modifier champIsNotForSale(uint256 _id){
+        require(champs[_id].forSale == false);
+        _;
+    }
+
+
+    ///@notice If champ is for sale then cancel sale
+    modifier ifChampForSaleThenCancelSale(uint256 _champID){
+      Champ storage champ = champs[_champID];
+      if(champ.forSale){
+          _cancelChampSale(champ);
+      }
+      _;
+    }
+
+
+    /*
+     * View
+     */
+    ///@notice Gets all champs for sale
+    function getChampsForSale() view external returns(uint256[]){
+        uint256[] memory result = new uint256[](champsForSaleCount);
+        if(champsForSaleCount > 0){
+            uint256 counter = 0;
+            for (uint256 i = 0; i < champs.length; i++) {
+                if (champs[i].forSale == true) {
+                    result[counter]=i;
+                    counter++;
+                }
+            }
+        }
+        return result;
+    }
+
+
+    /*
+     * Private
+     */
+     ///@dev Cancel sale. Should not be called without checking if champ is really for sale.
+     function _cancelChampSale(Champ storage champ) private {
+        //cancel champ's sale
+        //no need waste gas to overwrite his price.
+        champ.forSale = false;
+        champsForSaleCount--;
+     }
+
+
+    /*
+     * Internal
+     */
+    /// @notice Transfer champ
+    function transferChamp(address _from, address _to, uint256 _champId) internal ifChampForSaleThenCancelSale(_champId){
+        Champ storage champ = champs[_champId];
+
+        //transfer champ
+        addressInfo[_to].champsCount++;
+        addressInfo[_from].champsCount--;
+        champToOwner[_champId] = _to;
+
+        //transfer items
+        if(champ.eq_sword != 0) { transferItem(_from, _to, champ.eq_sword); }
+        if(champ.eq_shield != 0) { transferItem(_from, _to, champ.eq_shield); }
+        if(champ.eq_helmet != 0) { transferItem(_from, _to, champ.eq_helmet); }
+
+        emit TransferChamp(_from, _to, _champId);
+    }
+
+
+
+    /*
+     * Public
+     */
+    /// @notice Champ is no more for sale
+    function cancelChampSale(uint256 _id) public
+      champIsForSale(_id)
+      onlyOwnerOfChamp(_id) {
+        Champ storage champ = champs[_id];
+        _cancelChampSale(champ);
+    }
+
+
+    /*
+     * External
+     */
+    /// @notice Gift champ
+    /// @dev Address _from is msg.sender
+    function giveChamp(address _to, uint256 _champId) external
+      onlyOwnerOfChamp(_champId) {
+        transferChamp(msg.sender, _to, _champId);
+    }
+
+
+    /// @notice Sets champ for sale
+    function setChampForSale(uint256 _id, uint256 _price) external
+      onlyOwnerOfChamp(_id)
+      champIsNotForSale(_id) {
+        Champ storage champ = champs[_id];
+        champ.forSale = true;
+        champ.price = _price;
+        champsForSaleCount++;
+    }
+
+
+    /// @notice Buys champ
+    function buyChamp(uint256 _id) external payable
+      whenNotPaused
+      onlyNotOwnerOfChamp(_id)
+      champIsForSale(_id)
+      isPaid(champs[_id].price)
+      distributeSaleInput(champToOwner[_id]) {
+        transferChamp(champToOwner[_id], msg.sender, _id);
+    }
+
+}
+
+
+
+/// @title Only used for deploying all contracts
+contract MyCryptoChampCore is ChampMarket {
+	/*
+		© Copyright 2018 - Patrik Mojzis
+		Redistributing and modifying is prohibited.
+
+		https://mycryptochamp.io/
+
+		What is MyCryptoChamp?
+		- Blockchain game about upgrading champs by fighting, getting better items,
+		  trading them and the best 800 champs are daily rewarded by real Ether.
+
+		Feel free to ask any questions
+		[email protected]
+	*/
+}

data_full/CVE/2018-12959.sol

@@ -0,0 +1,127 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-12-27
+*/
+
+pragma solidity ^0.4.4;
+
+contract Token {
+
+    /// @return total amount of tokens
+    function totalSupply() constant returns (uint256 supply) {}
+
+    /// @param _owner The address from which the balance will be retrieved
+    /// @return The balance
+    function balanceOf(address _owner) constant returns (uint256 balance) {}
+
+    /// @notice send `_value` token to `_to` from `msg.sender`
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transfer(address _to, uint256 _value) returns (bool success) {}
+
+    /// @notice send `_value` token to `_to` from `_from` on the condition it is approved by `_from`
+    /// @param _from The address of the sender
+    /// @param _to The address of the recipient
+    /// @param _value The amount of token to be transferred
+    /// @return Whether the transfer was successful or not
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {}
+
+    /// @notice `msg.sender` approves `_addr` to spend `_value` tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @param _value The amount of wei to be approved for transfer
+    /// @return Whether the approval was successful or not
+    function approve(address _spender, uint256 _value) returns (bool success) {}
+
+    /// @param _owner The address of the account owning tokens
+    /// @param _spender The address of the account able to transfer the tokens
+    /// @return Amount of remaining tokens allowed to spent
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {}
+
+    event Transfer(address indexed _from, address indexed _to, uint256 _value);
+    event Approval(address indexed _owner, address indexed _spender, uint256 _value);
+    
+}
+
+
+
+contract StandardToken is Token {
+
+    function transfer(address _to, uint256 _value) returns (bool success) {
+        //Default assumes totalSupply can't be over max (2^256 - 1).
+        //If your token leaves out totalSupply and can issue more tokens as time goes on, you need to check if it doesn't wrap.
+        //Replace the if with this one instead.
+        //if (balances[msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+        if (balances[msg.sender] >= _value && _value > 0) {
+            balances[msg.sender] -= _value;
+            balances[_to] += _value;
+            Transfer(msg.sender, _to, _value);
+            return true;
+        } else { return false; }
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        //same as above. Replace this line with the following if you want to protect against wrapping uints.
+        //if (balances[_from] >= _value && allowed[_from][msg.sender] >= _value && balances[_to] + _value > balances[_to]) {
+        if (balances[_from] >= _value && allowed[_from][msg.sender] >= _value && _value > 0) {
+            balances[_to] += _value;
+            balances[_from] -= _value;
+            allowed[_from][msg.sender] -= _value;
+            Transfer(_from, _to, _value);
+            return true;
+        } else { return false; }
+    }
+
+    function balanceOf(address _owner) constant returns (uint256 balance) {
+        return balances[_owner];
+    }
+
+    function approve(address _spender, uint256 _value) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+        return true;
+    }
+
+    function allowance(address _owner, address _spender) constant returns (uint256 remaining) {
+      return allowed[_owner][_spender];
+    }
+
+    mapping (address => uint256) balances;
+    mapping (address => mapping (address => uint256)) allowed;
+    uint256 public totalSupply;
+}
+
+contract AditusToken is StandardToken {
+
+    function () {
+        //if ether is sent to this address, send it back.
+        throw;
+    }
+
+    /* Public variables of the token */
+
+    string public name;                   
+    uint8 public decimals;               
+    string public symbol;                
+    string public version = 'A1.0';   
+
+    function AditusToken(
+        ) {
+        balances[msg.sender] = 1000000000000000000000000000;               // Give the creator all initial tokens (100000 for example)
+        totalSupply = 1000000000000000000000000000;                        // Update total supply (100000 for example)
+        name = "Aditus";                                   // Set the name for display purposes
+        decimals = 18;                            // Amount of decimals for display purposes
+        symbol = "ADI";                               // Set the symbol for display purposes
+    }
+
+    /* Approves and then calls the receiving contract */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) returns (bool success) {
+        allowed[msg.sender][_spender] = _value;
+        Approval(msg.sender, _spender, _value);
+
+        //call the receiveApproval function on the contract you want to be notified. This crafts the function signature manually so one doesn't have to include a contract in here just for this.
+        //receiveApproval(address _from, uint256 _value, address _tokenContract, bytes _extraData)
+        //it is assumed that when does this that the call *should* succeed, otherwise one would use vanilla approve instead.
+        if(!_spender.call(bytes4(bytes32(sha3("receiveApproval(address,uint256,address,bytes)"))), msg.sender, _value, this, _extraData)) { throw; }
+        return true;
+    }
+}

data_full/CVE/2018-12975.sol

@@ -0,0 +1,1234 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-02-14
+*/
+
+pragma solidity ^0.4.18;
+
+/**
+ * @title Ownable
+ * @dev The Ownable contract has an owner address, and provides basic authorization control
+ * functions, this simplifies the implementation of "user permissions".
+ */
+contract Ownable {
+  address public owner;
+
+
+  event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
+
+
+  /**
+   * @dev The Ownable constructor sets the original `owner` of the contract to the sender
+   * account.
+   */
+  function Ownable() public {
+    owner = msg.sender;
+  }
+
+  /**
+   * @dev Throws if called by any account other than the owner.
+   */
+  modifier onlyOwner() {
+    require(msg.sender == owner);
+    _;
+  }
+
+  /**
+   * @dev Allows the current owner to transfer control of the contract to a newOwner.
+   * @param newOwner The address to transfer ownership to.
+   */
+  function transferOwnership(address newOwner) public onlyOwner {
+    require(newOwner != address(0));
+    OwnershipTransferred(owner, newOwner);
+    owner = newOwner;
+  }
+
+}
+
+
+/**
+ * @title Claimable
+ * @dev Extension for the Ownable contract, where the ownership needs to be claimed.
+ * This allows the new owner to accept the transfer.
+ */
+contract Claimable is Ownable {
+  address public pendingOwner;
+
+  /**
+   * @dev Modifier throws if called by any account other than the pendingOwner.
+   */
+  modifier onlyPendingOwner() {
+    require(msg.sender == pendingOwner);
+    _;
+  }
+
+  /**
+   * @dev Allows the current owner to set the pendingOwner address.
+   * @param newOwner The address to transfer ownership to.
+   */
+  function transferOwnership(address newOwner) onlyOwner public {
+    pendingOwner = newOwner;
+  }
+
+  /**
+   * @dev Allows the pendingOwner address to finalize the transfer.
+   */
+  function claimOwnership() onlyPendingOwner public {
+    OwnershipTransferred(owner, pendingOwner);
+    owner = pendingOwner;
+    pendingOwner = address(0);
+  }
+}
+
+
+/**
+ * @title Pausable
+ * @dev Base contract which allows children to implement an emergency stop mechanism.
+ */
+contract Pausable is Ownable {
+  event Pause();
+  event Unpause();
+
+  bool public paused = false;
+
+
+  /**
+   * @dev Modifier to make a function callable only when the contract is not paused.
+   */
+  modifier whenNotPaused() {
+    require(!paused);
+    _;
+  }
+
+  /**
+   * @dev Modifier to make a function callable only when the contract is paused.
+   */
+  modifier whenPaused() {
+    require(paused);
+    _;
+  }
+
+  /**
+   * @dev called by the owner to pause, triggers stopped state
+   */
+  function pause() onlyOwner whenNotPaused public {
+    paused = true;
+    Pause();
+  }
+
+  /**
+   * @dev called by the owner to unpause, returns to normal state
+   */
+  function unpause() onlyOwner whenPaused public {
+    paused = false;
+    Unpause();
+  }
+}
+
+
+/**
+ * @title AccessDeploy
+ * @dev Adds grant/revoke functions to the contract.
+ */
+contract AccessDeploy is Claimable {
+
+  // Access for deploying heroes.
+  mapping(address => bool) private deployAccess;
+
+  // Modifier for accessibility to deploy a hero on a location.
+  modifier onlyAccessDeploy {
+    require(msg.sender == owner || deployAccess[msg.sender] == true);
+    _;
+  }
+
+  // @dev Grant acess to deploy heroes.
+  function grantAccessDeploy(address _address)
+    onlyOwner
+    public
+  {
+    deployAccess[_address] = true;
+  }
+
+  // @dev Revoke acess to deploy heroes.
+  function revokeAccessDeploy(address _address)
+    onlyOwner
+    public
+  {
+    deployAccess[_address] = false;
+  }
+
+}
+
+
+/**
+ * @title AccessDeposit
+ * @dev Adds grant/revoke functions to the contract.
+ */
+contract AccessDeposit is Claimable {
+
+  // Access for adding deposit.
+  mapping(address => bool) private depositAccess;
+
+  // Modifier for accessibility to add deposit.
+  modifier onlyAccessDeposit {
+    require(msg.sender == owner || depositAccess[msg.sender] == true);
+    _;
+  }
+
+  // @dev Grant acess to deposit heroes.
+  function grantAccessDeposit(address _address)
+    onlyOwner
+    public
+  {
+    depositAccess[_address] = true;
+  }
+
+  // @dev Revoke acess to deposit heroes.
+  function revokeAccessDeposit(address _address)
+    onlyOwner
+    public
+  {
+    depositAccess[_address] = false;
+  }
+
+}
+
+
+/**
+ * @title AccessMint
+ * @dev Adds grant/revoke functions to the contract.
+ */
+contract AccessMint is Claimable {
+
+  // Access for minting new tokens.
+  mapping(address => bool) private mintAccess;
+
+  // Modifier for accessibility to define new hero types.
+  modifier onlyAccessMint {
+    require(msg.sender == owner || mintAccess[msg.sender] == true);
+    _;
+  }
+
+  // @dev Grant acess to mint heroes.
+  function grantAccessMint(address _address)
+    onlyOwner
+    public
+  {
+    mintAccess[_address] = true;
+  }
+
+  // @dev Revoke acess to mint heroes.
+  function revokeAccessMint(address _address)
+    onlyOwner
+    public
+  {
+    mintAccess[_address] = false;
+  }
+
+}
+
+
+/**
+ * @title ERC721 interface
+ * @dev see https://github.com/ethereum/eips/issues/721
+ */
+contract ERC721 {
+  event Transfer(address indexed _from, address indexed _to, uint256 _tokenId);
+  event Approval(address indexed _owner, address indexed _approved, uint256 _tokenId);
+
+  function balanceOf(address _owner) public view returns (uint256 _balance);
+  function ownerOf(uint256 _tokenId) public view returns (address _owner);
+  function transfer(address _to, uint256 _tokenId) public;
+  function approve(address _to, uint256 _tokenId) public;
+  function takeOwnership(uint256 _tokenId) public;
+}
+
+
+/**
+ * @title ERC721Token
+ * Generic implementation for the required functionality of the ERC721 standard
+ */
+contract ERC721Token is ERC721 {
+  using SafeMath for uint256;
+
+  // Total amount of tokens
+  uint256 private totalTokens;
+
+  // Mapping from token ID to owner
+  mapping (uint256 => address) private tokenOwner;
+
+  // Mapping from token ID to approved address
+  mapping (uint256 => address) private tokenApprovals;
+
+  // Mapping from owner to list of owned token IDs
+  mapping (address => uint256[]) private ownedTokens;
+
+  // Mapping from token ID to index of the owner tokens list
+  mapping(uint256 => uint256) private ownedTokensIndex;
+
+  /**
+  * @dev Guarantees msg.sender is owner of the given token
+  * @param _tokenId uint256 ID of the token to validate its ownership belongs to msg.sender
+  */
+  modifier onlyOwnerOf(uint256 _tokenId) {
+    require(ownerOf(_tokenId) == msg.sender);
+    _;
+  }
+
+  /**
+  * @dev Gets the total amount of tokens stored by the contract
+  * @return uint256 representing the total amount of tokens
+  */
+  function totalSupply() public view returns (uint256) {
+    return totalTokens;
+  }
+
+  /**
+  * @dev Gets the balance of the specified address
+  * @param _owner address to query the balance of
+  * @return uint256 representing the amount owned by the passed address
+  */
+  function balanceOf(address _owner) public view returns (uint256) {
+    return ownedTokens[_owner].length;
+  }
+
+  /**
+  * @dev Gets the list of tokens owned by a given address
+  * @param _owner address to query the tokens of
+  * @return uint256[] representing the list of tokens owned by the passed address
+  */
+  function tokensOf(address _owner) public view returns (uint256[]) {
+    return ownedTokens[_owner];
+  }
+
+  /**
+  * @dev Gets the owner of the specified token ID
+  * @param _tokenId uint256 ID of the token to query the owner of
+  * @return owner address currently marked as the owner of the given token ID
+  */
+  function ownerOf(uint256 _tokenId) public view returns (address) {
+    address owner = tokenOwner[_tokenId];
+    require(owner != address(0));
+    return owner;
+  }
+
+  /**
+   * @dev Gets the approved address to take ownership of a given token ID
+   * @param _tokenId uint256 ID of the token to query the approval of
+   * @return address currently approved to take ownership of the given token ID
+   */
+  function approvedFor(uint256 _tokenId) public view returns (address) {
+    return tokenApprovals[_tokenId];
+  }
+
+  /**
+  * @dev Transfers the ownership of a given token ID to another address
+  * @param _to address to receive the ownership of the given token ID
+  * @param _tokenId uint256 ID of the token to be transferred
+  */
+  function transfer(address _to, uint256 _tokenId) public onlyOwnerOf(_tokenId) {
+    clearApprovalAndTransfer(msg.sender, _to, _tokenId);
+  }
+
+  /**
+  * @dev Approves another address to claim for the ownership of the given token ID
+  * @param _to address to be approved for the given token ID
+  * @param _tokenId uint256 ID of the token to be approved
+  */
+  function approve(address _to, uint256 _tokenId) public onlyOwnerOf(_tokenId) {
+    address owner = ownerOf(_tokenId);
+    require(_to != owner);
+    if (approvedFor(_tokenId) != 0 || _to != 0) {
+      tokenApprovals[_tokenId] = _to;
+      Approval(owner, _to, _tokenId);
+    }
+  }
+
+  /**
+  * @dev Claims the ownership of a given token ID
+  * @param _tokenId uint256 ID of the token being claimed by the msg.sender
+  */
+  function takeOwnership(uint256 _tokenId) public {
+    require(isApprovedFor(msg.sender, _tokenId));
+    clearApprovalAndTransfer(ownerOf(_tokenId), msg.sender, _tokenId);
+  }
+
+  /**
+  * @dev Mint token function
+  * @param _to The address that will own the minted token
+  * @param _tokenId uint256 ID of the token to be minted by the msg.sender
+  */
+  function _mint(address _to, uint256 _tokenId) internal {
+    require(_to != address(0));
+    addToken(_to, _tokenId);
+    Transfer(0x0, _to, _tokenId);
+  }
+
+  /**
+  * @dev Burns a specific token
+  * @param _tokenId uint256 ID of the token being burned by the msg.sender
+  */
+  function _burn(uint256 _tokenId) onlyOwnerOf(_tokenId) internal {
+    if (approvedFor(_tokenId) != 0) {
+      clearApproval(msg.sender, _tokenId);
+    }
+    removeToken(msg.sender, _tokenId);
+    Transfer(msg.sender, 0x0, _tokenId);
+  }
+
+  /**
+   * @dev Tells whether the msg.sender is approved for the given token ID or not
+   * This function is not private so it can be extended in further implementations like the operatable ERC721
+   * @param _owner address of the owner to query the approval of
+   * @param _tokenId uint256 ID of the token to query the approval of
+   * @return bool whether the msg.sender is approved for the given token ID or not
+   */
+  function isApprovedFor(address _owner, uint256 _tokenId) internal view returns (bool) {
+    return approvedFor(_tokenId) == _owner;
+  }
+
+  /**
+  * @dev Internal function to clear current approval and transfer the ownership of a given token ID
+  * @param _from address which you want to send tokens from
+  * @param _to address which you want to transfer the token to
+  * @param _tokenId uint256 ID of the token to be transferred
+  */
+  function clearApprovalAndTransfer(address _from, address _to, uint256 _tokenId) internal {
+    require(_to != address(0));
+    require(_to != ownerOf(_tokenId));
+    require(ownerOf(_tokenId) == _from);
+
+    clearApproval(_from, _tokenId);
+    removeToken(_from, _tokenId);
+    addToken(_to, _tokenId);
+    Transfer(_from, _to, _tokenId);
+  }
+
+  /**
+  * @dev Internal function to clear current approval of a given token ID
+  * @param _tokenId uint256 ID of the token to be transferred
+  */
+  function clearApproval(address _owner, uint256 _tokenId) private {
+    require(ownerOf(_tokenId) == _owner);
+    tokenApprovals[_tokenId] = 0;
+    Approval(_owner, 0, _tokenId);
+  }
+
+  /**
+  * @dev Internal function to add a token ID to the list of a given address
+  * @param _to address representing the new owner of the given token ID
+  * @param _tokenId uint256 ID of the token to be added to the tokens list of the given address
+  */
+  function addToken(address _to, uint256 _tokenId) private {
+    require(tokenOwner[_tokenId] == address(0));
+    tokenOwner[_tokenId] = _to;
+    uint256 length = balanceOf(_to);
+    ownedTokens[_to].push(_tokenId);
+    ownedTokensIndex[_tokenId] = length;
+    totalTokens = totalTokens.add(1);
+  }
+
+  /**
+  * @dev Internal function to remove a token ID from the list of a given address
+  * @param _from address representing the previous owner of the given token ID
+  * @param _tokenId uint256 ID of the token to be removed from the tokens list of the given address
+  */
+  function removeToken(address _from, uint256 _tokenId) private {
+    require(ownerOf(_tokenId) == _from);
+
+    uint256 tokenIndex = ownedTokensIndex[_tokenId];
+    uint256 lastTokenIndex = balanceOf(_from).sub(1);
+    uint256 lastToken = ownedTokens[_from][lastTokenIndex];
+
+    tokenOwner[_tokenId] = 0;
+    ownedTokens[_from][tokenIndex] = lastToken;
+    ownedTokens[_from][lastTokenIndex] = 0;
+    // Note that this will handle single-element arrays. In that case, both tokenIndex and lastTokenIndex are going to
+    // be zero. Then we can make sure that we will remove _tokenId from the ownedTokens list since we are first swapping
+    // the lastToken to the first position, and then dropping the element placed in the last position of the list
+
+    ownedTokens[_from].length--;
+    ownedTokensIndex[_tokenId] = 0;
+    ownedTokensIndex[lastToken] = tokenIndex;
+    totalTokens = totalTokens.sub(1);
+  }
+}
+
+
+/**
+ * @title ERC20Basic
+ * @dev Simpler version of ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/179
+ */
+contract ERC20Basic {
+  function totalSupply() public view returns (uint256);
+  function balanceOf(address who) public view returns (uint256);
+  function transfer(address to, uint256 value) public returns (bool);
+  event Transfer(address indexed from, address indexed to, uint256 value);
+}
+
+
+/**
+ * @title ERC20 interface
+ * @dev see https://github.com/ethereum/EIPs/issues/20
+ */
+contract ERC20 is ERC20Basic {
+  function allowance(address owner, address spender) public view returns (uint256);
+  function transferFrom(address from, address to, uint256 value) public returns (bool);
+  function approve(address spender, uint256 value) public returns (bool);
+  event Approval(address indexed owner, address indexed spender, uint256 value);
+}
+
+
+/**
+ * @title SafeMath
+ * @dev Math operations with safety checks that throw on error
+ */
+library SafeMath {
+
+  /**
+  * @dev Multiplies two numbers, throws on overflow.
+  */
+  function mul(uint256 a, uint256 b) internal pure returns (uint256) {
+    if (a == 0) {
+      return 0;
+    }
+    uint256 c = a * b;
+    assert(c / a == b);
+    return c;
+  }
+
+  /**
+  * @dev Integer division of two numbers, truncating the quotient.
+  */
+  function div(uint256 a, uint256 b) internal pure returns (uint256) {
+    // assert(b > 0); // Solidity automatically throws when dividing by 0
+    uint256 c = a / b;
+    // assert(a == b * c + a % b); // There is no case in which this doesn't hold
+    return c;
+  }
+
+  /**
+  * @dev Substracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).
+  */
+  function sub(uint256 a, uint256 b) internal pure returns (uint256) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  /**
+  * @dev Adds two numbers, throws on overflow.
+  */
+  function add(uint256 a, uint256 b) internal pure returns (uint256) {
+    uint256 c = a + b;
+    assert(c >= a);
+    return c;
+  }
+}
+
+
+/**
+ * @title Basic token
+ * @dev Basic version of StandardToken, with no allowances.
+ */
+contract BasicToken is ERC20Basic {
+  using SafeMath for uint256;
+
+  mapping(address => uint256) balances;
+
+  uint256 totalSupply_;
+
+  /**
+  * @dev total number of tokens in existence
+  */
+  function totalSupply() public view returns (uint256) {
+    return totalSupply_;
+  }
+
+  /**
+  * @dev transfer token for a specified address
+  * @param _to The address to transfer to.
+  * @param _value The amount to be transferred.
+  */
+  function transfer(address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value <= balances[msg.sender]);
+
+    // SafeMath.sub will throw if there is not enough balance.
+    balances[msg.sender] = balances[msg.sender].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    Transfer(msg.sender, _to, _value);
+    return true;
+  }
+
+  /**
+  * @dev Gets the balance of the specified address.
+  * @param _owner The address to query the the balance of.
+  * @return An uint256 representing the amount owned by the passed address.
+  */
+  function balanceOf(address _owner) public view returns (uint256 balance) {
+    return balances[_owner];
+  }
+
+}
+
+
+/**
+ * @title Standard ERC20 token
+ *
+ * @dev Implementation of the basic standard token.
+ * @dev https://github.com/ethereum/EIPs/issues/20
+ * @dev Based on code by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
+ */
+contract StandardToken is ERC20, BasicToken {
+
+  mapping (address => mapping (address => uint256)) internal allowed;
+
+
+  /**
+   * @dev Transfer tokens from one address to another
+   * @param _from address The address which you want to send tokens from
+   * @param _to address The address which you want to transfer to
+   * @param _value uint256 the amount of tokens to be transferred
+   */
+  function transferFrom(address _from, address _to, uint256 _value) public returns (bool) {
+    require(_to != address(0));
+    require(_value <= balances[_from]);
+    require(_value <= allowed[_from][msg.sender]);
+
+    balances[_from] = balances[_from].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    allowed[_from][msg.sender] = allowed[_from][msg.sender].sub(_value);
+    Transfer(_from, _to, _value);
+    return true;
+  }
+
+  /**
+   * @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
+   *
+   * Beware that changing an allowance with this method brings the risk that someone may use both the old
+   * and the new allowance by unfortunate transaction ordering. One possible solution to mitigate this
+   * race condition is to first reduce the spender's allowance to 0 and set the desired value afterwards:
+   * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
+   * @param _spender The address which will spend the funds.
+   * @param _value The amount of tokens to be spent.
+   */
+  function approve(address _spender, uint256 _value) public returns (bool) {
+    allowed[msg.sender][_spender] = _value;
+    Approval(msg.sender, _spender, _value);
+    return true;
+  }
+
+  /**
+   * @dev Function to check the amount of tokens that an owner allowed to a spender.
+   * @param _owner address The address which owns the funds.
+   * @param _spender address The address which will spend the funds.
+   * @return A uint256 specifying the amount of tokens still available for the spender.
+   */
+  function allowance(address _owner, address _spender) public view returns (uint256) {
+    return allowed[_owner][_spender];
+  }
+
+  /**
+   * @dev Increase the amount of tokens that an owner allowed to a spender.
+   *
+   * approve should be called when allowed[_spender] == 0. To increment
+   * allowed value is better to use this function to avoid 2 calls (and wait until
+   * the first transaction is mined)
+   * From MonolithDAO Token.sol
+   * @param _spender The address which will spend the funds.
+   * @param _addedValue The amount of tokens to increase the allowance by.
+   */
+  function increaseApproval(address _spender, uint _addedValue) public returns (bool) {
+    allowed[msg.sender][_spender] = allowed[msg.sender][_spender].add(_addedValue);
+    Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
+    return true;
+  }
+
+  /**
+   * @dev Decrease the amount of tokens that an owner allowed to a spender.
+   *
+   * approve should be called when allowed[_spender] == 0. To decrement
+   * allowed value is better to use this function to avoid 2 calls (and wait until
+   * the first transaction is mined)
+   * From MonolithDAO Token.sol
+   * @param _spender The address which will spend the funds.
+   * @param _subtractedValue The amount of tokens to decrease the allowance by.
+   */
+  function decreaseApproval(address _spender, uint _subtractedValue) public returns (bool) {
+    uint oldValue = allowed[msg.sender][_spender];
+    if (_subtractedValue > oldValue) {
+      allowed[msg.sender][_spender] = 0;
+    } else {
+      allowed[msg.sender][_spender] = oldValue.sub(_subtractedValue);
+    }
+    Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
+    return true;
+  }
+
+}
+
+
+/**
+ * @title Gold
+ * @dev ERC20 Token that can be minted.
+ */
+contract Gold is StandardToken, Claimable, AccessMint {
+
+  string public constant name = "Gold";
+  string public constant symbol = "G";
+  uint8 public constant decimals = 18;
+
+  // Event that is fired when minted.
+  event Mint(
+    address indexed _to,
+    uint256 indexed _tokenId
+  );
+
+  // @dev Mint tokens with _amount to the address.
+  function mint(address _to, uint256 _amount) 
+    onlyAccessMint
+    public 
+    returns (bool) 
+  {
+    totalSupply_ = totalSupply_.add(_amount);
+    balances[_to] = balances[_to].add(_amount);
+    Mint(_to, _amount);
+    Transfer(address(0), _to, _amount);
+    return true;
+  }
+
+}
+
+
+/**
+ * @title CryptoSagaHero
+ * @dev The token contract for the hero.
+ *  Also a superset of the ERC721 standard that allows for the minting
+ *  of the non-fungible tokens.
+ */
+contract CryptoSagaHero is ERC721Token, Claimable, Pausable, AccessMint, AccessDeploy, AccessDeposit {
+
+  string public constant name = "CryptoSaga Hero";
+  string public constant symbol = "HERO";
+  
+  struct HeroClass {
+    // ex) Soldier, Knight, Fighter...
+    string className;
+    // 0: Common, 1: Uncommon, 2: Rare, 3: Heroic, 4: Legendary.
+    uint8 classRank;
+    // 0: Human, 1: Celestial, 2: Demon, 3: Elf, 4: Dark Elf, 5: Yogoe, 6: Furry, 7: Dragonborn, 8: Undead, 9: Goblin, 10: Troll, 11: Slime, and more to come.
+    uint8 classRace;
+    // How old is this hero class? 
+    uint32 classAge;
+    // 0: Fighter, 1: Rogue, 2: Mage.
+    uint8 classType;
+
+    // Possible max level of this class.
+    uint32 maxLevel; 
+    // 0: Water, 1: Fire, 2: Nature, 3: Light, 4: Darkness.
+    uint8 aura; 
+
+    // Base stats of this hero type. 
+    // 0: ATK	1: DEF 2: AGL	3: LUK 4: HP.
+    uint32[5] baseStats;
+    // Minimum IVs for stats. 
+    // 0: ATK	1: DEF 2: AGL	3: LUK 4: HP.
+    uint32[5] minIVForStats;
+    // Maximum IVs for stats.
+    // 0: ATK	1: DEF 2: AGL	3: LUK 4: HP.
+    uint32[5] maxIVForStats;
+    
+    // Number of currently instanced heroes.
+    uint32 currentNumberOfInstancedHeroes;
+  }
+    
+  struct HeroInstance {
+    // What is this hero's type? ex) John, Sally, Mark...
+    uint32 heroClassId;
+    
+    // Individual hero's name.
+    string heroName;
+    
+    // Current level of this hero.
+    uint32 currentLevel;
+    // Current exp of this hero.
+    uint32 currentExp;
+
+    // Where has this hero been deployed? (0: Never depolyed ever.) ex) Dungeon Floor #1, Arena #5...
+    uint32 lastLocationId;
+    // When a hero is deployed, it takes time for the hero to return to the base. This is in Unix epoch.
+    uint256 availableAt;
+
+    // Current stats of this hero. 
+    // 0: ATK	1: DEF 2: AGL	3: LUK 4: HP.
+    uint32[5] currentStats;
+    // The individual value for this hero's stats. 
+    // This will affect the current stats of heroes.
+    // 0: ATK	1: DEF 2: AGL	3: LUK 4: HP.
+    uint32[5] ivForStats;
+  }
+
+  // Required exp for level up will increase when heroes level up.
+  // This defines how the value will increase.
+  uint32 public requiredExpIncreaseFactor = 100;
+
+  // Required Gold for level up will increase when heroes level up.
+  // This defines how the value will increase.
+  uint256 public requiredGoldIncreaseFactor = 1000000000000000000;
+
+  // Existing hero classes.
+  mapping(uint32 => HeroClass) public heroClasses;
+  // The number of hero classes ever defined.
+  uint32 public numberOfHeroClasses;
+
+  // Existing hero instances.
+  // The key is _tokenId.
+  mapping(uint256 => HeroInstance) public tokenIdToHeroInstance;
+  // The number of tokens ever minted. This works as the serial number.
+  uint256 public numberOfTokenIds;
+
+  // Gold contract.
+  Gold public goldContract;
+
+  // Deposit of players (in Gold).
+  mapping(address => uint256) public addressToGoldDeposit;
+
+  // Random seed.
+  uint32 private seed = 0;
+
+  // Event that is fired when a hero type defined.
+  event DefineType(
+    address indexed _by,
+    uint32 indexed _typeId,
+    string _className
+  );
+
+  // Event that is fired when a hero is upgraded.
+  event LevelUp(
+    address indexed _by,
+    uint256 indexed _tokenId,
+    uint32 _newLevel
+  );
+
+  // Event that is fired when a hero is deployed.
+  event Deploy(
+    address indexed _by,
+    uint256 indexed _tokenId,
+    uint32 _locationId,
+    uint256 _duration
+  );
+
+  // @dev Get the class's entire infomation.
+  function getClassInfo(uint32 _classId)
+    external view
+    returns (string className, uint8 classRank, uint8 classRace, uint32 classAge, uint8 classType, uint32 maxLevel, uint8 aura, uint32[5] baseStats, uint32[5] minIVs, uint32[5] maxIVs) 
+  {
+    var _cl = heroClasses[_classId];
+    return (_cl.className, _cl.classRank, _cl.classRace, _cl.classAge, _cl.classType, _cl.maxLevel, _cl.aura, _cl.baseStats, _cl.minIVForStats, _cl.maxIVForStats);
+  }
+
+  // @dev Get the class's name.
+  function getClassName(uint32 _classId)
+    external view
+    returns (string)
+  {
+    return heroClasses[_classId].className;
+  }
+
+  // @dev Get the class's rank.
+  function getClassRank(uint32 _classId)
+    external view
+    returns (uint8)
+  {
+    return heroClasses[_classId].classRank;
+  }
+
+  // @dev Get the heroes ever minted for the class.
+  function getClassMintCount(uint32 _classId)
+    external view
+    returns (uint32)
+  {
+    return heroClasses[_classId].currentNumberOfInstancedHeroes;
+  }
+
+  // @dev Get the hero's entire infomation.
+  function getHeroInfo(uint256 _tokenId)
+    external view
+    returns (uint32 classId, string heroName, uint32 currentLevel, uint32 currentExp, uint32 lastLocationId, uint256 availableAt, uint32[5] currentStats, uint32[5] ivs, uint32 bp)
+  {
+    HeroInstance memory _h = tokenIdToHeroInstance[_tokenId];
+    var _bp = _h.currentStats[0] + _h.currentStats[1] + _h.currentStats[2] + _h.currentStats[3] + _h.currentStats[4];
+    return (_h.heroClassId, _h.heroName, _h.currentLevel, _h.currentExp, _h.lastLocationId, _h.availableAt, _h.currentStats, _h.ivForStats, _bp);
+  }
+
+  // @dev Get the hero's class id.
+  function getHeroClassId(uint256 _tokenId)
+    external view
+    returns (uint32)
+  {
+    return tokenIdToHeroInstance[_tokenId].heroClassId;
+  }
+
+  // @dev Get the hero's name.
+  function getHeroName(uint256 _tokenId)
+    external view
+    returns (string)
+  {
+    return tokenIdToHeroInstance[_tokenId].heroName;
+  }
+
+  // @dev Get the hero's level.
+  function getHeroLevel(uint256 _tokenId)
+    external view
+    returns (uint32)
+  {
+    return tokenIdToHeroInstance[_tokenId].currentLevel;
+  }
+  
+  // @dev Get the hero's location.
+  function getHeroLocation(uint256 _tokenId)
+    external view
+    returns (uint32)
+  {
+    return tokenIdToHeroInstance[_tokenId].lastLocationId;
+  }
+
+  // @dev Get the time when the hero become available.
+  function getHeroAvailableAt(uint256 _tokenId)
+    external view
+    returns (uint256)
+  {
+    return tokenIdToHeroInstance[_tokenId].availableAt;
+  }
+
+  // @dev Get the hero's BP.
+  function getHeroBP(uint256 _tokenId)
+    public view
+    returns (uint32)
+  {
+    var _tmp = tokenIdToHeroInstance[_tokenId].currentStats;
+    return (_tmp[0] + _tmp[1] + _tmp[2] + _tmp[3] + _tmp[4]);
+  }
+
+  // @dev Get the hero's required gold for level up.
+  function getHeroRequiredGoldForLevelUp(uint256 _tokenId)
+    public view
+    returns (uint256)
+  {
+    return (uint256(2) ** (tokenIdToHeroInstance[_tokenId].currentLevel / 10)) * requiredGoldIncreaseFactor;
+  }
+
+  // @dev Get the hero's required exp for level up.
+  function getHeroRequiredExpForLevelUp(uint256 _tokenId)
+    public view
+    returns (uint32)
+  {
+    return ((tokenIdToHeroInstance[_tokenId].currentLevel + 2) * requiredExpIncreaseFactor);
+  }
+
+  // @dev Get the deposit of gold of the player.
+  function getGoldDepositOfAddress(address _address)
+    external view
+    returns (uint256)
+  {
+    return addressToGoldDeposit[_address];
+  }
+
+  // @dev Get the token id of the player's #th token.
+  function getTokenIdOfAddressAndIndex(address _address, uint256 _index)
+    external view
+    returns (uint256)
+  {
+    return tokensOf(_address)[_index];
+  }
+
+  // @dev Get the total BP of the player.
+  function getTotalBPOfAddress(address _address)
+    external view
+    returns (uint32)
+  {
+    var _tokens = tokensOf(_address);
+    uint32 _totalBP = 0;
+    for (uint256 i = 0; i < _tokens.length; i ++) {
+      _totalBP += getHeroBP(_tokens[i]);
+    }
+    return _totalBP;
+  }
+
+  // @dev Set the hero's name.
+  function setHeroName(uint256 _tokenId, string _name)
+    onlyOwnerOf(_tokenId)
+    public
+  {
+    tokenIdToHeroInstance[_tokenId].heroName = _name;
+  }
+
+  // @dev Set the address of the contract that represents ERC20 Gold.
+  function setGoldContract(address _contractAddress)
+    onlyOwner
+    public
+  {
+    goldContract = Gold(_contractAddress);
+  }
+
+  // @dev Set the required golds to level up a hero.
+  function setRequiredExpIncreaseFactor(uint32 _value)
+    onlyOwner
+    public
+  {
+    requiredExpIncreaseFactor = _value;
+  }
+
+  // @dev Set the required golds to level up a hero.
+  function setRequiredGoldIncreaseFactor(uint256 _value)
+    onlyOwner
+    public
+  {
+    requiredGoldIncreaseFactor = _value;
+  }
+
+  // @dev Contructor.
+  function CryptoSagaHero(address _goldAddress)
+    public
+  {
+    require(_goldAddress != address(0));
+
+    // Assign Gold contract.
+    setGoldContract(_goldAddress);
+
+    // Initial heroes.
+    // Name, Rank, Race, Age, Type, Max Level, Aura, Stats.
+    defineType("Archangel", 4, 1, 13540, 0, 99, 3, [uint32(74), 75, 57, 99, 95], [uint32(8), 6, 8, 5, 5], [uint32(8), 10, 10, 6, 6]);
+    defineType("Shadowalker", 3, 4, 134, 1, 75, 4, [uint32(45), 35, 60, 80, 40], [uint32(3), 2, 10, 4, 5], [uint32(5), 5, 10, 7, 5]);
+    defineType("Pyromancer", 2, 0, 14, 2, 50, 1, [uint32(50), 28, 17, 40, 35], [uint32(5), 3, 2, 3, 3], [uint32(8), 4, 3, 4, 5]);
+    defineType("Magician", 1, 3, 224, 2, 30, 0, [uint32(35), 15, 25, 25, 30], [uint32(3), 1, 2, 2, 2], [uint32(5), 2, 3, 3, 3]);
+    defineType("Farmer", 0, 0, 59, 0, 15, 2, [uint32(10), 22, 8, 15, 25], [uint32(1), 2, 1, 1, 2], [uint32(1), 3, 1, 2, 3]);
+  }
+
+  // @dev Define a new hero type (class).
+  function defineType(string _className, uint8 _classRank, uint8 _classRace, uint32 _classAge, uint8 _classType, uint32 _maxLevel, uint8 _aura, uint32[5] _baseStats, uint32[5] _minIVForStats, uint32[5] _maxIVForStats)
+    onlyOwner
+    public
+  {
+    require(_classRank < 5);
+    require(_classType < 3);
+    require(_aura < 5);
+    require(_minIVForStats[0] <= _maxIVForStats[0] && _minIVForStats[1] <= _maxIVForStats[1] && _minIVForStats[2] <= _maxIVForStats[2] && _minIVForStats[3] <= _maxIVForStats[3] && _minIVForStats[4] <= _maxIVForStats[4]);
+
+    HeroClass memory _heroType = HeroClass({
+      className: _className,
+      classRank: _classRank,
+      classRace: _classRace,
+      classAge: _classAge,
+      classType: _classType,
+      maxLevel: _maxLevel,
+      aura: _aura,
+      baseStats: _baseStats,
+      minIVForStats: _minIVForStats,
+      maxIVForStats: _maxIVForStats,
+      currentNumberOfInstancedHeroes: 0
+    });
+
+    // Save the hero class.
+    heroClasses[numberOfHeroClasses] = _heroType;
+
+    // Fire event.
+    DefineType(msg.sender, numberOfHeroClasses, _heroType.className);
+
+    // Increment number of hero classes.
+    numberOfHeroClasses ++;
+
+  }
+
+  // @dev Mint a new hero, with _heroClassId.
+  function mint(address _owner, uint32 _heroClassId)
+    onlyAccessMint
+    public
+    returns (uint256)
+  {
+    require(_owner != address(0));
+    require(_heroClassId < numberOfHeroClasses);
+
+    // The information of the hero's class.
+    var _heroClassInfo = heroClasses[_heroClassId];
+
+    // Mint ERC721 token.
+    _mint(_owner, numberOfTokenIds);
+
+    // Build random IVs for this hero instance.
+    uint32[5] memory _ivForStats;
+    uint32[5] memory _initialStats;
+    for (uint8 i = 0; i < 5; i++) {
+      _ivForStats[i] = (random(_heroClassInfo.maxIVForStats[i] + 1, _heroClassInfo.minIVForStats[i]));
+      _initialStats[i] = _heroClassInfo.baseStats[i] + _ivForStats[i];
+    }
+
+    // Temporary hero instance.
+    HeroInstance memory _heroInstance = HeroInstance({
+      heroClassId: _heroClassId,
+      heroName: "",
+      currentLevel: 1,
+      currentExp: 0,
+      lastLocationId: 0,
+      availableAt: now,
+      currentStats: _initialStats,
+      ivForStats: _ivForStats
+    });
+
+    // Save the hero instance.
+    tokenIdToHeroInstance[numberOfTokenIds] = _heroInstance;
+
+    // Increment number of token ids.
+    // This will only increment when new token is minted, and will never be decemented when the token is burned.
+    numberOfTokenIds ++;
+
+     // Increment instanced number of heroes.
+    _heroClassInfo.currentNumberOfInstancedHeroes ++;
+
+    return numberOfTokenIds - 1;
+  }
+
+  // @dev Set where the heroes are deployed, and when they will return.
+  //  This is intended to be called by Dungeon, Arena, Guild contracts.
+  function deploy(uint256 _tokenId, uint32 _locationId, uint256 _duration)
+    onlyAccessDeploy
+    public
+    returns (bool)
+  {
+    // The hero should be possessed by anybody.
+    require(ownerOf(_tokenId) != address(0));
+
+    var _heroInstance = tokenIdToHeroInstance[_tokenId];
+
+    // The character should be avaiable. 
+    require(_heroInstance.availableAt <= now);
+
+    _heroInstance.lastLocationId = _locationId;
+    _heroInstance.availableAt = now + _duration;
+
+    // As the hero has been deployed to another place, fire event.
+    Deploy(msg.sender, _tokenId, _locationId, _duration);
+  }
+
+  // @dev Add exp.
+  //  This is intended to be called by Dungeon, Arena, Guild contracts.
+  function addExp(uint256 _tokenId, uint32 _exp)
+    onlyAccessDeploy
+    public
+    returns (bool)
+  {
+    // The hero should be possessed by anybody.
+    require(ownerOf(_tokenId) != address(0));
+
+    var _heroInstance = tokenIdToHeroInstance[_tokenId];
+
+    var _newExp = _heroInstance.currentExp + _exp;
+
+    // Sanity check to ensure we don't overflow.
+    require(_newExp == uint256(uint128(_newExp)));
+
+    _heroInstance.currentExp += _newExp;
+
+  }
+
+  // @dev Add deposit.
+  //  This is intended to be called by Dungeon, Arena, Guild contracts.
+  function addDeposit(address _to, uint256 _amount)
+    onlyAccessDeposit
+    public
+  {
+    // Increment deposit.
+    addressToGoldDeposit[_to] += _amount;
+  }
+
+  // @dev Level up the hero with _tokenId.
+  //  This function is called by the owner of the hero.
+  function levelUp(uint256 _tokenId)
+    onlyOwnerOf(_tokenId) whenNotPaused
+    public
+  {
+
+    // Hero instance.
+    var _heroInstance = tokenIdToHeroInstance[_tokenId];
+
+    // The character should be avaiable. (Should have already returned from the dungeons, arenas, etc.)
+    require(_heroInstance.availableAt <= now);
+
+    // The information of the hero's class.
+    var _heroClassInfo = heroClasses[_heroInstance.heroClassId];
+
+    // Hero shouldn't level up exceed its max level.
+    require(_heroInstance.currentLevel < _heroClassInfo.maxLevel);
+
+    // Required Exp.
+    var requiredExp = getHeroRequiredExpForLevelUp(_tokenId);
+
+    // Need to have enough exp.
+    require(_heroInstance.currentExp >= requiredExp);
+
+    // Required Gold.
+    var requiredGold = getHeroRequiredGoldForLevelUp(_tokenId);
+
+    // Owner of token.
+    var _ownerOfToken = ownerOf(_tokenId);
+
+    // Need to have enough Gold balance.
+    require(addressToGoldDeposit[_ownerOfToken] >= requiredGold);
+
+    // Increase Level.
+    _heroInstance.currentLevel += 1;
+
+    // Increase Stats.
+    for (uint8 i = 0; i < 5; i++) {
+      _heroInstance.currentStats[i] = _heroClassInfo.baseStats[i] + (_heroInstance.currentLevel - 1) * _heroInstance.ivForStats[i];
+    }
+    
+    // Deduct exp.
+    _heroInstance.currentExp -= requiredExp;
+
+    // Deduct gold.
+    addressToGoldDeposit[_ownerOfToken] -= requiredGold;
+
+    // Fire event.
+    LevelUp(msg.sender, _tokenId, _heroInstance.currentLevel);
+  }
+
+  // @dev Transfer deposit (with the allowance pattern.)
+  function transferDeposit(uint256 _amount)
+    whenNotPaused
+    public
+  {
+    require(goldContract.allowance(msg.sender, this) >= _amount);
+
+    // Send msg.sender's Gold to this contract.
+    if (goldContract.transferFrom(msg.sender, this, _amount)) {
+       // Increment deposit.
+      addressToGoldDeposit[msg.sender] += _amount;
+    }
+  }
+
+  // @dev Withdraw deposit.
+  function withdrawDeposit(uint256 _amount)
+    public
+  {
+    require(addressToGoldDeposit[msg.sender] >= _amount);
+
+    // Send deposit of Golds to msg.sender. (Rather minting...)
+    if (goldContract.transfer(msg.sender, _amount)) {
+      // Decrement deposit.
+      addressToGoldDeposit[msg.sender] -= _amount;
+    }
+  }
+
+  // @dev return a pseudo random number between lower and upper bounds
+  function random(uint32 _upper, uint32 _lower)
+    private
+    returns (uint32)
+  {
+    require(_upper > _lower);
+
+    seed = uint32(keccak256(keccak256(block.blockhash(block.number), seed), now));
+    return seed % (_upper - _lower) + _lower;
+  }
+
+}

data_full/CVE/2018-13041.sol

@@ -0,0 +1,194 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-06-29
+*/
+
+pragma solidity ^0.4.8;
+
+/// @title Link Token. This Token will remain the cornerstone of the entire organization. It will have an Ethereum address and from the moment that address is publish until the end, it will remain the same, and should. The Token should be as simple as it possibly can be and should not be able to terminate. It's state remains so that those who control their Tokens will continue to do so.
+/// @author Riaan F Venter~ RFVenter~ <[email protected]>
+
+
+/*
+ * ERC20Basic
+ * Simpler version of ERC20 interface
+ * see https://github.com/ethereum/EIPs/issues/20
+ */
+contract ERC20Basic {
+  uint public totalSupply;
+  function balanceOf(address who) constant returns (uint);
+  function transfer(address to, uint value);
+  event Transfer(address indexed from, address indexed to, uint value);
+}
+
+/**
+ * Math operations with safety checks
+ */
+library SafeMath {
+  function mul(uint a, uint b) internal returns (uint) {
+    uint c = a * b;
+    assert(a == 0 || c / a == b);
+    return c;
+  }
+
+  function div(uint a, uint b) internal returns (uint) {
+    assert(b > 0);
+    uint c = a / b;
+    assert(a == b * c + a % b);
+    return c;
+  }
+
+  function sub(uint a, uint b) internal returns (uint) {
+    assert(b <= a);
+    return a - b;
+  }
+
+  function add(uint a, uint b) internal returns (uint) {
+    uint c = a + b;
+    assert(c >= a);
+    return c;
+  }
+
+  function max64(uint64 a, uint64 b) internal constant returns (uint64) {
+    return a >= b ? a : b;
+  }
+
+  function min64(uint64 a, uint64 b) internal constant returns (uint64) {
+    return a < b ? a : b;
+  }
+
+  function max256(uint256 a, uint256 b) internal constant returns (uint256) {
+    return a >= b ? a : b;
+  }
+
+  function min256(uint256 a, uint256 b) internal constant returns (uint256) {
+    return a < b ? a : b;
+  }
+
+  function assert(bool assertion) internal {
+    if (!assertion) {
+      throw;
+    }
+  }
+}
+
+
+/*
+ * Basic token
+ * Basic version of StandardToken, with no allowances
+ */
+contract BasicToken is ERC20Basic {
+  using SafeMath for uint;
+
+  mapping(address => uint) balances;
+
+  /*
+   * Fix for the ERC20 short address attack  
+   */
+  modifier onlyPayloadSize(uint size) {
+     if(msg.data.length < size + 4) {
+       throw;
+     }
+     _;
+  }
+
+  function transfer(address _to, uint _value) onlyPayloadSize(2 * 32) {
+    balances[msg.sender] = balances[msg.sender].sub(_value);
+    balances[_to] = balances[_to].add(_value);
+    Transfer(msg.sender, _to, _value);
+  }
+
+  function balanceOf(address _owner) constant returns (uint balance) {
+    return balances[_owner];
+  }
+  
+}
+
+
+/*
+ * ERC20 interface
+ * see https://github.com/ethereum/EIPs/issues/20
+ */
+contract ERC20 is ERC20Basic {
+  function allowance(address owner, address spender) constant returns (uint);
+  function transferFrom(address from, address to, uint value);
+  function approve(address spender, uint value);
+  event Approval(address indexed owner, address indexed spender, uint value);
+}
+
+
+/**
+ * Standard ERC20 token
+ *
+ * https://github.com/ethereum/EIPs/issues/20
+ * Based on code by FirstBlood:
+ * https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
+ */
+contract StandardToken is BasicToken, ERC20 {
+
+  mapping (address => mapping (address => uint)) allowed;
+
+  function transferFrom(address _from, address _to, uint _value) {
+    var _allowance = allowed[_from][msg.sender];
+
+    // Check is not needed because sub(_allowance, _value) will already throw if this condition is not met
+    // if (_value > _allowance) throw;
+
+    balances[_to] = balances[_to].add(_value);
+    balances[_from] = balances[_from].sub(_value);
+    allowed[_from][msg.sender] = _allowance.sub(_value);
+    Transfer(_from, _to, _value);
+  }
+
+  function approve(address _spender, uint _value) {
+    allowed[msg.sender][_spender] = _value;
+    Approval(msg.sender, _spender, _value);
+  }
+
+  function allowance(address _owner, address _spender) constant returns (uint remaining) {
+    return allowed[_owner][_spender];
+  }
+}
+
+/*
+ * Ownable
+ *
+ * Base contract with an owner.
+ * Provides onlyOwner modifier, which prevents function from running if it is called by anyone other than the owner.
+ */
+contract Ownable {
+  address public owner;
+
+  function Ownable() {
+    owner = msg.sender;
+  }
+
+  modifier onlyOwner() {
+    if (msg.sender != owner) {
+      throw;
+    }
+    _;
+  }
+
+  function transferOwnership(address newOwner) onlyOwner {
+    if (newOwner != address(0)) {
+      owner = newOwner;
+    }
+  }
+
+}
+
+
+contract LinkToken is StandardToken, Ownable {
+
+    string public   name =           "Link Platform";    // Name of the Token
+    string public   symbol =         "LNK";              // ERC20 compliant Token code
+    uint public     decimals =       18;                 // Token has 18 digit precision
+    uint public     totalSupply;    			         // Total supply
+
+    function mint(address _spender, uint _value)
+        onlyOwner {
+
+        balances[_spender] += _value;
+        totalSupply += _value;
+    }
+}

data_full/CVE/2018-13068.sol

@@ -0,0 +1,166 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-10-30
+*/
+
+pragma solidity ^0.4.16;
+
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract AzurionToken is owned {
+    mapping (address => uint256) public balanceOf;
+    mapping (address => bool) public frozenAccount;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    uint256 public totalSupply;
+    string public constant name = "Azurion";
+    string public constant symbol = "AZU";
+    uint8 public constant decimals = 18;
+
+    event Transfer(address indexed from, address indexed to, uint256 value);
+    event Burn(address indexed from, uint256 value);
+    event FrozenFunds(address target, bool frozen);
+
+    function AzurionToken(uint256 initialSupply, address centralMinter) {
+        if(centralMinter != 0 ) owner = centralMinter;
+        balanceOf[msg.sender] = initialSupply;
+        totalSupply = initialSupply;
+    }
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               
+        require (balanceOf[_from] > _value);                
+        require (balanceOf[_to] + _value > balanceOf[_to]); 
+        require(!frozenAccount[_from]);                     
+        require(!frozenAccount[_to]);                       
+        balanceOf[_from] -= _value;                         
+        balanceOf[_to] += _value;                           
+        Transfer(_from, _to, _value);
+    }
+
+    /**
+    * Transfer tokens
+    *
+    * Send `_value` tokens to `_to` from your account
+    *
+    * @param _to The address of the recipient
+    * @param _value the amount to send
+    */
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, owner, mintedAmount);
+        Transfer(owner, target, mintedAmount);
+    }
+
+    /// @param target Address to be frozen
+    /// @param freeze either to freeze it or not
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    /**
+   * Set allowance for other address
+   *
+   * Allows `_spender` to spend no more than `_value` tokens in your behalf
+   *
+   * @param _spender The address authorized to spend
+   * @param _value the max amount they can spend
+   */
+    function approve(address _spender, uint256 _value) public returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData) public returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+      * Destroy tokens
+      *
+      * Remove `_value` tokens from the system irreversibly
+      *
+      * @param _value the amount of money to burn
+      */
+    function burn(uint256 _value) onlyOwner public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other ccount
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value) onlyOwner public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+
+    function () {
+        revert();
+    }
+}

data_full/CVE/2018-13069.sol

@@ -0,0 +1,248 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-04-03
+*/
+
+pragma solidity ^0.4.16;
+
+contract owned {
+    address public owner;
+
+    function owned() public {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner public {
+        owner = newOwner;
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract TokenERC20 {
+    // Public variables of the token
+    string public name;
+    string public symbol;
+    uint8 public decimals = 18;
+    // 18 decimals is the strongly suggested default, avoid changing it
+    uint256 public totalSupply;
+
+    // This creates an array with all balances
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    // This generates a public event on the blockchain that will notify clients
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    // This notifies clients about the amount burnt
+    event Burn(address indexed from, uint256 value);
+
+    /**
+     * Constrctor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function TokenERC20(
+        uint256 initialSupply,
+        string tokenName,
+        string tokenSymbol
+    ) public {
+        totalSupply = initialSupply * 10 ** uint256(decimals);  // Update total supply with the decimal amount
+        balanceOf[msg.sender] = totalSupply;                // Give the creator all initial tokens
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+    }
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        // Prevent transfer to 0x0 address. Use burn() instead
+        require(_to != 0x0);
+        // Check if the sender has enough
+        require(balanceOf[_from] >= _value);
+        // Check for overflows
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+        // Save this for an assertion in the future
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        // Subtract from the sender
+        balanceOf[_from] -= _value;
+        // Add the same to the recipient
+        balanceOf[_to] += _value;
+        Transfer(_from, _to, _value);
+        // Asserts are used to use static analysis to find bugs in your code. They should never fail
+        assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value) public
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        public
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+     * Destroy tokens
+     *
+     * Remove `_value` tokens from the system irreversibly
+     *
+     * @param _value the amount of money to burn
+     */
+    function burn(uint256 _value) public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other account
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+}
+
+/******************************************/
+/*       ADVANCED TOKEN STARTS HERE       */
+/******************************************/
+
+contract DYC is owned, TokenERC20 {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function DYC(
+        uint256 initialSupply,
+        string tokenName,
+        string tokenSymbol
+    ) TokenERC20(initialSupply, tokenName, tokenSymbol) public {}
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] >= _value);               // Check if the sender has enough
+        require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        require(!frozenAccount[_from]);                     // Check if sender is frozen
+        require(!frozenAccount[_to]);                       // Check if recipient is frozen
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        Transfer(_from, _to, _value);
+    }
+
+    /// @notice Create `mintedAmount` tokens and send it to `target`
+    /// @param target Address to receive the tokens
+    /// @param mintedAmount the amount of tokens it will receive
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+    /// @param target Address to be frozen
+    /// @param freeze either to freeze it or not
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    /// @notice Allow users to buy tokens for `newBuyPrice` eth and sell tokens for `newSellPrice` eth
+    /// @param newSellPrice Price the users can sell to the contract
+    /// @param newBuyPrice Price users can buy from the contract
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner public {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    /// @notice Buy tokens from contract by sending ether
+    function buy() payable public {
+        uint amount = msg.value / buyPrice;               // calculates the amount
+        _transfer(this, msg.sender, amount);              // makes the transfers
+    }
+
+    /// @notice Sell `amount` tokens to contract
+    /// @param amount amount of tokens to be sold
+    function sell(uint256 amount) public {
+        require(this.balance >= amount * sellPrice);      // checks if the contract has enough ether to buy
+        _transfer(msg.sender, this, amount);              // makes the transfers
+        msg.sender.transfer(amount * sellPrice);          // sends ether to the seller. It's important to do this last to avoid recursion attacks
+    }
+}

data_full/CVE/2018-13070.sol

@@ -0,0 +1,169 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-06-29
+*/
+
+pragma solidity ^0.4.24;
+
+contract owned {
+    address public owner;
+
+    function owned() public {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner public {
+        owner = newOwner;
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract TokenERC20 {
+    string public name;
+    string public symbol;
+    uint8 public decimals = 18;  
+    uint256 public totalSupply;
+
+  
+    mapping (address => uint256) public balanceOf;
+    
+
+    mapping (address => mapping (address => uint256)) public allowance;
+
+
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    event Burn(address indexed from, uint256 value);
+	
+
+    function TokenERC20(uint256 initialSupply, string tokenName, string tokenSymbol) public {
+        totalSupply = initialSupply * 10 ** uint256(decimals);  
+        balanceOf[msg.sender] = totalSupply;                
+        name = tokenName;                                   
+        symbol = tokenSymbol;                               
+    }
+
+
+    function _transfer(address _from, address _to, uint _value) internal {
+        
+        require(_to != 0x0);
+        
+        require(balanceOf[_from] >= _value);
+
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        // Subtract from the sender
+        balanceOf[_from] -= _value;
+        // Add the same to the recipient
+        balanceOf[_to] += _value;
+        Transfer(_from, _to, _value);
+
+        
+        assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    function approve(address _spender, uint256 _value) public
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        public
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    function burn(uint256 _value) public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+
+    function burnFrom(address _from, uint256 _value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+}
+
+contract EncryptedToken is owned, TokenERC20 {
+  uint256 INITIAL_SUPPLY = 100000000;
+  uint256 public buyPrice = 1;
+  mapping (address => bool) public frozenAccount;
+
+    event FrozenFunds(address target, bool frozen);
+	
+	function EncryptedToken() TokenERC20(INITIAL_SUPPLY, 'ECC', 'ECC') payable public {}
+    
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] >= _value);               // Check if the sender has enough
+        require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        require(!frozenAccount[_from]);                     // Check if sender is frozen
+        require(!frozenAccount[_to]);                       // Check if recipient is frozen
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        emit Transfer(_from, _to, _value);
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        emit Transfer(0, this, mintedAmount);
+        emit Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newBuyPrice) onlyOwner public {
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable public {
+        uint amount = msg.value / buyPrice;               // calculates the amount
+        _transfer(this, msg.sender, amount);              // makes the transfers
+    }
+    
+    function () payable public {
+    		owner.send(msg.value);//
+    		uint amount = msg.value * buyPrice;               // calculates the amount
+    		_transfer(owner, msg.sender, amount);
+    }
+    
+    function selfdestructs() onlyOwner payable public {
+    		selfdestruct(owner);
+    }
+}

data_full/CVE/2018-13071.sol

@@ -0,0 +1,231 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-11-18
+*/
+
+//ERC20 Token
+pragma solidity ^0.4.17;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = "T10 1.0";
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /*************************************************/
+    mapping(address=>uint256) public indexes;
+    mapping(uint256=>address) public addresses;
+    uint256 public lastIndex = 0;
+    /*************************************************/
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+        /*****************************************/
+        addresses[1] = msg.sender;
+        indexes[msg.sender] = 1;
+        lastIndex = 1;
+        /*****************************************/
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts _ to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract CCindexToken is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping(address=>bool) public frozenAccount;
+
+
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    uint256 public constant initialSupply = 40000000 * 10**18;
+    uint8 public constant decimalUnits = 18;
+    string public tokenName = "CCindex10";
+    string public tokenSymbol = "T10";
+    function CCindexToken() token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+     /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        // if(!canHolderTransfer()) throw;
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+        if(_value > 0){
+            if(balanceOf[msg.sender] == 0){
+                addresses[indexes[msg.sender]] = addresses[lastIndex];
+                indexes[addresses[lastIndex]] = indexes[msg.sender];
+                indexes[msg.sender] = 0;
+                delete addresses[lastIndex];
+                lastIndex--;
+            }
+            if(indexes[_to]==0){
+                lastIndex++;
+                addresses[lastIndex] = _to;
+                indexes[_to] = lastIndex;
+            }
+        }
+    }
+
+    function getAddresses() constant returns (address[]){
+        address[] memory addrs = new address[](lastIndex);
+        for(uint i = 0; i < lastIndex; i++){
+            addrs[i] = addresses[i+1];
+        }
+        return addrs;
+    }
+
+    function distributeTokens(uint startIndex,uint endIndex) onlyOwner returns (uint) {
+        // if(balanceOf[owner] < _amount) throw;
+        uint distributed = 0;
+        require(startIndex < endIndex);
+
+        for(uint i = startIndex; i < lastIndex; i++){
+            address holder = addresses[i+1];
+            uint reward = balanceOf[holder] * 3 / 100;
+            balanceOf[holder] += reward;
+            distributed += reward;
+            Transfer(0, holder, reward);
+        }
+
+        // balanceOf[owner] -= distributed;
+        totalSupply += distributed;
+        return distributed;
+    }
+
+    /************************************************************************/
+
+    /************************************************************************/
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }
+    }
+}

data_full/CVE/2018-13072.sol

@@ -0,0 +1,168 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-08-16
+*/
+
+pragma solidity ^0.4.2;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) revert();
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {    
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        revert();     // Prevents accidental sending of ether
+    }
+}
+
+contract Coffeecoin is owned, token {
+
+    uint public buyRate = 4000; // price of one token
+    bool public isSelling = true;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function Coffeecoin(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+    ) token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) revert();           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert(); // Check for overflows
+        if (frozenAccount[msg.sender]) revert();                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) revert();                        // Check if frozen            
+        if (balanceOf[_from] < _value) revert();                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) revert();  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) revert();   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        Transfer(0, owner, mintedAmount);
+        Transfer(owner, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setBuyRate(uint newBuyRate) onlyOwner {
+        buyRate = newBuyRate;
+    }
+    
+    function setSelling(bool newStatus) onlyOwner {
+        isSelling = newStatus;
+    }
+
+    function buy() payable {
+        if(isSelling == false) revert();
+        uint amount = msg.value * buyRate;                  // calculates the amount
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[owner] -= amount;                         // subtracts amount from seller's balance
+        Transfer(owner, msg.sender, amount);                // execute an event reflecting the change
+    }
+    
+    function withdrawToOwner(uint256 amountWei) onlyOwner {
+        owner.transfer(amountWei);
+    }
+}

data_full/CVE/2018-13073.sol

@@ -0,0 +1,175 @@
+/**
+ *Submitted for verification at Etherscan.io on 2017-10-30
+*/
+
+//ERC20 Token
+pragma solidity ^0.4.17;
+contract owned {
+    address public owner;
+
+    function owned() {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        if (msg.sender != owner) throw;
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner {
+        owner = newOwner;
+    }
+}
+
+contract tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData); }
+
+contract token {
+    /* Public variables of the token */
+    string public standard = "ETHEREUMBLACK";
+    string public name;
+    string public symbol;
+    uint8 public decimals;
+    uint256 public totalSupply;
+
+    /* This creates an array with all balances */
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function token(
+        uint256 initialSupply,
+        string tokenName,
+        uint8 decimalUnits,
+        string tokenSymbol
+        ) {
+        balanceOf[msg.sender] = initialSupply;              // Give the creator all initial tokens
+        totalSupply = initialSupply;                        // Update total supply
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+        decimals = decimalUnits;                            // Amount of decimals for display purposes
+    }
+
+    /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+    /* Allow another contract to spend some tokens in your behalf */
+    function approve(address _spender, uint256 _value)
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /* Approve and then communicate the approved contract in a single tx */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /* A contract attempts _ to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    /* This unnamed function is called whenever someone tries to send ether to it */
+    function () {
+        throw;     // Prevents accidental sending of ether
+    }
+}
+
+contract ETHEREUMBLACK is owned, token {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping(address=>bool) public frozenAccount;
+
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    uint256 public constant initialSupply = 200000000 * 10**18;
+    uint8 public constant decimalUnits = 18;
+    string public tokenName = "ETHEREUMBLACK";
+    string public tokenSymbol = "ETCBK";
+    function ETHEREUMBLACK() token (initialSupply, tokenName, decimalUnits, tokenSymbol) {}
+     /* Send coins */
+    function transfer(address _to, uint256 _value) {
+        if (balanceOf[msg.sender] < _value) throw;           // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
+        if (frozenAccount[msg.sender]) throw;                // Check if frozen
+        balanceOf[msg.sender] -= _value;                     // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        Transfer(msg.sender, _to, _value);                   // Notify anyone listening that this transfer took place
+    }
+
+
+    /* A contract attempts to get the coins */
+    function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
+        if (frozenAccount[_from]) throw;                        // Check if frozen
+        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
+        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
+        if (_value > allowance[_from][msg.sender]) throw;   // Check allowance
+        balanceOf[_from] -= _value;                          // Subtract from the sender
+        balanceOf[_to] += _value;                            // Add the same to the recipient
+        allowance[_from][msg.sender] -= _value;
+        Transfer(_from, _to, _value);
+        return true;
+    }
+
+    function mintToken(address target, uint256 mintedAmount) onlyOwner {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    function freezeAccount(address target, bool freeze) onlyOwner {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    function buy() payable {
+        uint amount = msg.value / buyPrice;                // calculates the amount
+        if (balanceOf[this] < amount) throw;               // checks if it has enough to sell
+        balanceOf[msg.sender] += amount;                   // adds the amount to buyer's balance
+        balanceOf[this] -= amount;                         // subtracts amount from seller's balance
+        Transfer(this, msg.sender, amount);                // execute an event reflecting the change
+    }
+
+    function sell(uint256 amount) {
+        if (balanceOf[msg.sender] < amount ) throw;        // checks if the sender has enough to sell
+        balanceOf[this] += amount;                         // adds the amount to owner's balance
+        balanceOf[msg.sender] -= amount;                   // subtracts the amount from seller's balance
+        if (!msg.sender.send(amount * sellPrice)) {        // sends ether to the seller. It's important
+            throw;                                         // to do this last to avoid recursion attacks
+        } else {
+            Transfer(msg.sender, this, amount);            // executes an event reflecting on the change
+        }
+    }
+}

data_full/CVE/2018-13074.sol

@@ -0,0 +1,227 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-06-29
+*/
+
+pragma solidity ^0.4.16;
+
+contract owned {
+    address public owner;
+
+    function owned() public {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner public {
+        owner = newOwner;
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) external; }
+
+contract TokenERC20 {
+    // Public variables of the token
+    string public name;
+    string public symbol;
+    uint8 public decimals = 18;
+    // 18 decimals is the strongly suggested default, avoid changing it
+    uint256 public totalSupply;
+    uint256 initialSupply=5000000000;
+    string tokenName='FIB';
+    string tokenSymbol='FIB';
+
+    // This creates an array with all balances
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    // This generates a public event on the blockchain that will notify clients
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    // This notifies clients about the amount burnt
+    event Burn(address indexed from, uint256 value);
+
+    /**
+     * Constrctor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function TokenERC20(
+       
+    ) public {
+        totalSupply = initialSupply * 10 ** uint256(decimals);  // Update total supply with the decimal amount
+        balanceOf[msg.sender] = totalSupply;                // Give the creator all initial tokens
+        name = tokenName;                                   // Set the name for display purposes
+        symbol = tokenSymbol;                               // Set the symbol for display purposes
+    }
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        // Prevent transfer to 0x0 address. Use burn() instead
+        require(_to != 0x0);
+        // Check if the sender has enough
+        require(balanceOf[_from] >= _value);
+        // Check for overflows
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+        // Save this for an assertion in the future
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        // Subtract from the sender
+        balanceOf[_from] -= _value;
+        // Add the same to the recipient
+        balanceOf[_to] += _value;
+        emit Transfer(_from, _to, _value);
+        // Asserts are used to use static analysis to find bugs in your code. They should never fail
+        assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value) public
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        public
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+     * Destroy tokens
+     *
+     * Remove `_value` tokens from the system irreversibly
+     *
+     * @param _value the amount of money to burn
+     */
+    function burn(uint256 _value) public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        emit Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other account
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        emit Burn(_from, _value);
+        return true;
+    }
+}
+
+/******************************************/
+/*       ADVANCED TOKEN STARTS HERE       */
+/******************************************/
+
+contract FIBToken is owned, TokenERC20 {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+    function FIBToken(
+        
+    ) TokenERC20() public {}
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] >= _value);               // Check if the sender has enough
+        require (balanceOf[_to] + _value >= balanceOf[_to]); // Check for overflows
+        require(!frozenAccount[_from]);                     // Check if sender is frozen
+        require(!frozenAccount[_to]);                       // Check if recipient is frozen
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        emit Transfer(_from, _to, _value);
+    }
+
+    /// @notice Create `mintedAmount` tokens and send it to `target`
+    /// @param target Address to receive the tokens
+    /// @param mintedAmount the amount of tokens it will receive
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        emit Transfer(0, this, mintedAmount);
+        emit Transfer(this, target, mintedAmount);
+    }
+
+    /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+    /// @param target Address to be frozen
+    /// @param freeze either to freeze it or not
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        emit FrozenFunds(target, freeze);
+    }
+
+  
+}

data_full/CVE/2018-13075.sol

@@ -0,0 +1,275 @@
+/**
+ *Submitted for verification at Etherscan.io on 2018-03-22
+*/
+
+/** 官方高級token */
+
+
+pragma solidity ^0.4.18;
+
+contract owned {
+    address public owner;
+
+    function owned() public {
+        owner = msg.sender;
+    }
+
+    modifier onlyOwner {
+        require(msg.sender == owner);
+        _;
+    }
+
+    function transferOwnership(address newOwner) onlyOwner public {
+        owner = newOwner;
+    }
+
+    function destruct() public onlyOwner {
+        selfdestruct(owner);
+    }
+}
+
+interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; }
+
+contract TokenERC20 {
+    // Public variables of the token
+    string public name;
+    string public symbol;
+    uint8 public decimals = 18;
+    // 18 decimals is the strongly suggested default, avoid changing it
+    uint256 public totalSupply;
+
+    // This creates an array with all balances
+    mapping (address => uint256) public balanceOf;
+    mapping (address => mapping (address => uint256)) public allowance;
+
+    // This generates a public event on the blockchain that will notify clients
+    event Transfer(address indexed from, address indexed to, uint256 value);
+
+    // This notifies clients about the amount burnt
+    event Burn(address indexed from, uint256 value);
+
+    /**
+     * Constrctor function
+     *
+     * Initializes contract with initial supply tokens to the creator of the contract
+     */
+    function TokenERC20() public {
+        totalSupply = 500000000000 * 10 ** uint256(decimals);  // Update total supply with the decimal amount
+        balanceOf[msg.sender] = totalSupply;                // Give the creator all initial tokens
+        name = "Carbon Exchange Coin Token";                                   // Set the name for display purposes
+        symbol = "CEC";                               // Set the symbol for display purposes
+    }
+
+    /**
+     * Internal transfer, only can be called by this contract
+     */
+    function _transfer(address _from, address _to, uint _value) internal {
+        // Prevent transfer to 0x0 address. Use burn() instead
+        require(_to != 0x0);
+        // Check if the sender has enough
+        require(balanceOf[_from] >= _value);
+        // Check for overflows
+        require(balanceOf[_to] + _value > balanceOf[_to]);
+        // Save this for an assertion in the future
+        uint previousBalances = balanceOf[_from] + balanceOf[_to];
+        // Subtract from the sender
+        balanceOf[_from] -= _value;
+        // Add the same to the recipient
+        balanceOf[_to] += _value;
+        Transfer(_from, _to, _value);
+        // Asserts are used to use static analysis to find bugs in your code. They should never fail
+        assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
+    }
+
+    /**
+     * Transfer tokens
+     *
+     * Send `_value` tokens to `_to` from your account
+     *
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transfer(address _to, uint256 _value) public {
+        _transfer(msg.sender, _to, _value);
+    }
+
+    /**
+     * Transfer tokens from other address
+     *
+     * Send `_value` tokens to `_to` in behalf of `_from`
+     *
+     * @param _from The address of the sender
+     * @param _to The address of the recipient
+     * @param _value the amount to send
+     */
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
+        require(_value <= allowance[_from][msg.sender]);     // Check allowance
+        allowance[_from][msg.sender] -= _value;
+        _transfer(_from, _to, _value);
+        return true;
+    }
+
+    /**
+     * Set allowance for other address
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     */
+    function approve(address _spender, uint256 _value) public
+        returns (bool success) {
+        allowance[msg.sender][_spender] = _value;
+        return true;
+    }
+
+    /**
+     * Set allowance for other address and notify
+     *
+     * Allows `_spender` to spend no more than `_value` tokens in your behalf, and then ping the contract about it
+     *
+     * @param _spender The address authorized to spend
+     * @param _value the max amount they can spend
+     * @param _extraData some extra information to send to the approved contract
+     */
+    function approveAndCall(address _spender, uint256 _value, bytes _extraData)
+        public
+        returns (bool success) {
+        tokenRecipient spender = tokenRecipient(_spender);
+        if (approve(_spender, _value)) {
+            spender.receiveApproval(msg.sender, _value, this, _extraData);
+            return true;
+        }
+    }
+
+    /**
+     * Destroy tokens
+     *
+     * Remove `_value` tokens from the system irreversibly
+     *
+     * @param _value the amount of money to burn
+     */
+    function burn(uint256 _value) public returns (bool success) {
+        require(balanceOf[msg.sender] >= _value);   // Check if the sender has enough
+        balanceOf[msg.sender] -= _value;            // Subtract from the sender
+        totalSupply -= _value;                      // Updates totalSupply
+        Burn(msg.sender, _value);
+        return true;
+    }
+
+    /**
+     * Destroy tokens from other account
+     *
+     * Remove `_value` tokens from the system irreversibly on behalf of `_from`.
+     *
+     * @param _from the address of the sender
+     * @param _value the amount of money to burn
+     */
+    function burnFrom(address _from, uint256 _value) public returns (bool success) {
+        require(balanceOf[_from] >= _value);                // Check if the targeted balance is enough
+        require(_value <= allowance[_from][msg.sender]);    // Check allowance
+        balanceOf[_from] -= _value;                         // Subtract from the targeted balance
+        allowance[_from][msg.sender] -= _value;             // Subtract from the sender's allowance
+        totalSupply -= _value;                              // Update totalSupply
+        Burn(_from, _value);
+        return true;
+    }
+}
+
+/******************************************/
+/*       ADVANCED TOKEN STARTS HERE       */
+/******************************************/
+
+contract CarbonExchangeCoinToken is owned, TokenERC20 {
+
+    uint256 public sellPrice;
+    uint256 public buyPrice;
+	uint256 public decimals = 18;
+	string  public tokenName;
+	string  public tokenSymbol;
+	uint minBalanceForAccounts ;                                         //threshold amount
+
+    mapping (address => bool) public frozenAccount;
+
+    /* This generates a public event on the blockchain that will notify clients */
+    event FrozenFunds(address target, bool frozen);
+
+    /* Initializes contract with initial supply tokens to the creator of the contract */
+
+	
+	function CarbonExchangeCoinToken() public {
+		owner = msg.sender;
+		totalSupply = 50000000000000000000000000000;
+		balanceOf[owner]=totalSupply;
+		tokenName="Carbon Exchange Coin Token";
+		tokenSymbol="CEC";
+	}
+
+
+    /* Internal transfer, only can be called by this contract */
+    function _transfer(address _from, address _to, uint _value) internal {
+        require (_to != 0x0);                               // Prevent transfer to 0x0 address. Use burn() instead
+        require (balanceOf[_from] >= _value);               // Check if the sender has enough
+        require (balanceOf[_to] + _value > balanceOf[_to]); // Check for overflows
+        require(!frozenAccount[_from]);                     // Check if sender is frozen
+        require(!frozenAccount[_to]);                       // Check if recipient is frozen
+        balanceOf[_from] -= _value;                         // Subtract from the sender
+        balanceOf[_to] += _value;                           // Add the same to the recipient
+        Transfer(_from, _to, _value);
+    }
+
+    /// @notice Create `mintedAmount` tokens and send it to `target`
+    /// @param target Address to receive the tokens
+    /// @param mintedAmount the amount of tokens it will receive
+    function mintToken(address target, uint256 mintedAmount) onlyOwner public {
+        balanceOf[target] += mintedAmount;
+        totalSupply += mintedAmount;
+        Transfer(0, this, mintedAmount);
+        Transfer(this, target, mintedAmount);
+    }
+
+    /// @notice `freeze? Prevent | Allow` `target` from sending & receiving tokens
+    /// @param target Address to be frozen
+    /// @param freeze either to freeze it or not
+    function freezeAccount(address target, bool freeze) onlyOwner public {
+        frozenAccount[target] = freeze;
+        FrozenFunds(target, freeze);
+    }
+
+    /// @notice Allow users to buy tokens for `newBuyPrice` eth and sell tokens for `newSellPrice` eth
+    /// @param newSellPrice Price the users can sell to the contract
+    /// @param newBuyPrice Price users can buy from the contract
+    function setPrices(uint256 newSellPrice, uint256 newBuyPrice) onlyOwner public {
+        sellPrice = newSellPrice;
+        buyPrice = newBuyPrice;
+    }
+
+    /// @notice Buy tokens from contract by sending ether
+    function buy() payable public {
+        uint amount = msg.value / buyPrice;               // calculates the amount
+        _transfer(this, msg.sender, amount);              // makes the transfers
+    }
+
+    /// @notice Sell `amount` tokens to contract
+    ///@param amount amount of tokens to be sold
+    function sell(uint256 amount) public {
+        require(this.balance >= amount * sellPrice);      // checks if the contract has enough ether to buy
+        _transfer(msg.sender, this, amount);              // makes the transfers
+        msg.sender.transfer(amount * sellPrice);          // sends ether to the seller. It's important to do this last to avoid recursion attacks
+    }
+
+
+	/* 设置自动补充gas的阈值信息 201803202232  james */ 
+	function setMinBalance(uint minimumBalanceInFinney) public onlyOwner {
+		minBalanceForAccounts = minimumBalanceInFinney * 1 finney;
+	}
+
+	/* 设置tokenname */
+	function setTokenName(string newTokenName) public onlyOwner{
+		tokenName = newTokenName;		
+	}
+	/* 设置tokenSymbol */
+	function setTokenSymbol(string newTokenSymbol) public onlyOwner{
+		tokenSymbol = newTokenSymbol;
+	}
+}