Coinvest Audit Bounty

Coinvest recently launched version 2.0 of their token, which is based on the ERC 865 standard.

865 allows an external third party to execute transactions on your behalf using digital signatures. You digitally sign a message such as please transfer 10 ABC to 0x... and submit it to an executor who then spends wei to execute the delegated transfer. In return for their efforts you pay a certain percentage of tokens, which is what makes this approach very interesting - you can have wallets that don't hold any ethereum.

How it works is pretty straightforward:

     * @dev Called by delegate with a signed hash of the transaction data to allow a user
     * @dev to transfer tokens without paying gas in Ether (they pay in COIN instead).
     * @param _signature Signed hash of data for this transfer.
     * @param _to The address to transfer COIN to.
     * @param _value The amount of COIN to transfer.
     * @param _gasPrice Price (IN COIN) that will be paid per unit of gas by user to "delegate".
     * @param _nonce Nonce of the user's new transaction.
    function transferPreSigned(
        bytes _signature,
        address _to, 
        uint256 _value, 
        uint256 _gasPrice, 
        uint256 _nonce) 
    returns (bool) 
        // Log starting gas left of transaction for later gas price calculations.
        uint256 gas = gasleft();
        // Recover signer address from signature; ensure address is valid.
        address from = recoverPreSigned(_signature, transferSig, _to, _value, "", _gasPrice, _nonce);
        require(from != address(0));
        // Require the hash has not been used, declare it used, increment nonce.
        invalidSignatures[from][_signature] = true;
        // Internal transfer.
        require(_transfer(from, _to, _value));

        // If the delegate is charging, pay them for gas in COIN.
        if (_gasPrice > 0) {
            // 35000 because of base fee of 21000 and ~14000 for the fee transfer.
            gas = 35000 + gas.sub(gasleft());
            require(_transfer(from, msg.sender, _gasPrice.mul(gas)));
        emit SignatureRedeemed(_signature, from);
        return true;

Check out their bounty here:


Here are the "bug bounty" rewards:


Pretty worthy payouts for anyone who can find an issue with the code. I imagine the code can't take too long to gloss over. Do any of you devs have experience in similar bounties?