Aimedis - an eHealth platform based on blockchain technology, which has been developed since 2017 and released in the current version 2020 for web, iOS and Android. Aimedis combines eHealth applications such as health records, video chat with doctors, appointments, prescriptions, second opinions, wearables, emergency records and much more along with medical social media platform, eLearning, eTeaching and education, a unique medical and scientific-pharmaceutical NFT marketplace, while displaying all relevant operations in a private blockchain, visible and transparent for patients and healthcare professionals.
Aimedis builds the world’s first medical metaverse and opens the world’s first virtual hospital chain in the metaverse while offering space to other hospitals, companies, universities and people.
The Aimedis token, which is tailored to the platform, is much more than just utility and payment tokens, it also offers staking, governance, DeFi (the first medical DeFi token) and the next hot trend in the field of cryptocurrencies, social token functionalities. The Aimedis NFTs are a revolutionary tool for medical data along with functionalities inside the Aimedis metaverse.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Aimedis._transfer(address,address,uint256) (#901-959) uses a dangerous strict equality:
- to != uniswapV2Pair && block.number == tradingActiveBlock (#922)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
Contract locking ether found:
Contract Aimedis (#775-962) has payable functions:
- Aimedis.receive() (#834-836)
But does not have a function to withdraw the ether
Remove the payable attribute or add a withdraw function.
Additional information: link
Contract ownership is not renounced (belongs to a wallet)
Aimedis._transfer(address,address,uint256) (#901-959) uses tx.origin for authorization: require(bool,string)(_holderLastTransferTimestamp[tx.origin] < block.number,_transfer:: Transfer Delay enabled. Only one purchase per block allowed.) (#930)
Do not use tx.origin for authorization.
Additional information: link
Ownable.constructor().msgSender (#529) lacks a zero-check on :
- _owner = msgSender (#530)
LERC20.setLosslessAdmin(address).newAdmin (#250) lacks a zero-check on :
- admin = newAdmin (#252)
LERC20.transferRecoveryAdminOwnership(address,bytes32).candidate (#255) lacks a zero-check on :
- recoveryAdminCanditate = candidate (#256)
Check that the address is not zero.
Additional information: link
Reentrancy in LERC20.approve(address,uint256) (#319-323):
External calls:
- lssAprove(spender,amount) (#319)
- lossless.beforeApprove(_msgSender(),spender,amount) (#184)
- lossless.afterApprove(_msgSender(),spender,amount) (#186)
State variables written after the call(s):
- _approve(_msgSender(),spender,amount) (#321)
- _allowances[owner][spender] = amount (#372)
Reentrancy in Aimedis.constructor(uint256,string,string,address,address,uint256,address) (#818-832):
External calls:
- uniswapV2Pair = IUniswapV2Factory(uniswapV2Router.factory()).createPair(address(this),uniswapV2Router.WETH()) (#822)
State variables written after the call(s):
- _setAutomatedMarketMakerPair(address(uniswapV2Pair),true) (#823)
- _isExcludedMaxTransactionAmount[updAds] = isExcluded (#876)
- _excludeFromMaxTransaction(msg.sender,true) (#829)
- _isExcludedMaxTransactionAmount[updAds] = isExcluded (#876)
- _excludeFromMaxTransaction(address(this),true) (#830)
- _isExcludedMaxTransactionAmount[updAds] = isExcluded (#876)
- _excludeFromMaxTransaction(address(0xdead),true) (#831)
- _isExcludedMaxTransactionAmount[updAds] = isExcluded (#876)
- _setAutomatedMarketMakerPair(address(uniswapV2Pair),true) (#823)
- automatedMarketMakerPairs[pair] = value (#894)
- maxBuyAmount = totalSupply_ * 5 / 1000 (#826)
- maxSellAmount = totalSupply_ * 5 / 1000 (#827)
Reentrancy in LERC20.decreaseAllowance(address,uint256) (#340-346):
External calls:
- lssDecreaseAllowance(spender,subtractedValue) (#340)
- lossless.beforeDecreaseAllowance(_msgSender(),spender,subtractedValue) (#224)
- lossless.afterDecreaseAllowance(_msgSender(),spender,subtractedValue) (#226)
State variables written after the call(s):
- _approve(_msgSender(),spender,currentAllowance - subtractedValue) (#343)
- _allowances[owner][spender] = amount (#372)
Reentrancy in LERC20.increaseAllowance(address,uint256) (#335-338):
External calls:
- lssIncreaseAllowance(spender,addedValue) (#335)
- lossless.beforeIncreaseAllowance(_msgSender(),spender,addedValue) (#214)
- lossless.afterIncreaseAllowance(_msgSender(),spender,addedValue) (#216)
State variables written after the call(s):
- _approve(_msgSender(),spender,_allowances[_msgSender()][spender] + addedValue) (#336)
- _allowances[owner][spender] = amount (#372)
Reentrancy in LERC20.transfer(address,uint256) (#310-313):
External calls:
- lssTransfer(recipient,amount) (#310)
- lossless.beforeTransfer(_msgSender(),recipient,amount) (#194)
- lossless.afterTransfer(_msgSender(),recipient,amount) (#196)
State variables written after the call(s):
- _transfer(_msgSender(),recipient,amount) (#311)
- _balances[sender] = senderBalance - amount (#354)
- _balances[recipient] += amount (#355)
Reentrancy in LERC20.transferFrom(address,address,uint256) (#325-333):
External calls:
- lssTransferFrom(sender,recipient,amount) (#325)
- lossless.beforeTransferFrom(_msgSender(),sender,recipient,amount) (#204)
- lossless.afterTransferFrom(_msgSender(),sender,recipient,amount) (#206)
State variables written after the call(s):
- _approve(sender,_msgSender(),currentAllowance - amount) (#330)
- _allowances[owner][spender] = amount (#372)
- _transfer(sender,recipient,amount) (#326)
- _balances[sender] = senderBalance - amount (#354)
- _balances[recipient] += amount (#355)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in LERC20.approve(address,uint256) (#319-323):
External calls:
- lssAprove(spender,amount) (#319)
- lossless.beforeApprove(_msgSender(),spender,amount) (#184)
- lossless.afterApprove(_msgSender(),spender,amount) (#186)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#373)
- _approve(_msgSender(),spender,amount) (#321)
Reentrancy in Aimedis.constructor(uint256,string,string,address,address,uint256,address) (#818-832):
External calls:
- uniswapV2Pair = IUniswapV2Factory(uniswapV2Router.factory()).createPair(address(this),uniswapV2Router.WETH()) (#822)
Event emitted after the call(s):
- MaxTransactionExclusion(updAds,isExcluded) (#877)
- _excludeFromMaxTransaction(address(0xdead),true) (#831)
- MaxTransactionExclusion(updAds,isExcluded) (#877)
- _setAutomatedMarketMakerPair(address(uniswapV2Pair),true) (#823)
- MaxTransactionExclusion(updAds,isExcluded) (#877)
- _excludeFromMaxTransaction(address(this),true) (#830)
- MaxTransactionExclusion(updAds,isExcluded) (#877)
- _excludeFromMaxTransaction(msg.sender,true) (#829)
- SetAutomatedMarketMakerPair(pair,value) (#898)
- _setAutomatedMarketMakerPair(address(uniswapV2Pair),true) (#823)
Reentrancy in LERC20.decreaseAllowance(address,uint256) (#340-346):
External calls:
- lssDecreaseAllowance(spender,subtractedValue) (#340)
- lossless.beforeDecreaseAllowance(_msgSender(),spender,subtractedValue) (#224)
- lossless.afterDecreaseAllowance(_msgSender(),spender,subtractedValue) (#226)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#373)
- _approve(_msgSender(),spender,currentAllowance - subtractedValue) (#343)
Reentrancy in LERC20.increaseAllowance(address,uint256) (#335-338):
External calls:
- lssIncreaseAllowance(spender,addedValue) (#335)
- lossless.beforeIncreaseAllowance(_msgSender(),spender,addedValue) (#214)
- lossless.afterIncreaseAllowance(_msgSender(),spender,addedValue) (#216)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#373)
- _approve(_msgSender(),spender,_allowances[_msgSender()][spender] + addedValue) (#336)
Reentrancy in LERC20.transfer(address,uint256) (#310-313):
External calls:
- lssTransfer(recipient,amount) (#310)
- lossless.beforeTransfer(_msgSender(),recipient,amount) (#194)
- lossless.afterTransfer(_msgSender(),recipient,amount) (#196)
Event emitted after the call(s):
- Transfer(sender,recipient,amount) (#357)
- _transfer(_msgSender(),recipient,amount) (#311)
Reentrancy in LERC20.transferFrom(address,address,uint256) (#325-333):
External calls:
- lssTransferFrom(sender,recipient,amount) (#325)
- lossless.beforeTransferFrom(_msgSender(),sender,recipient,amount) (#204)
- lossless.afterTransferFrom(_msgSender(),sender,recipient,amount) (#206)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#373)
- _approve(sender,_msgSender(),currentAllowance - amount) (#330)
- Transfer(sender,recipient,amount) (#357)
- _transfer(sender,recipient,amount) (#326)
Apply the check-effects-interactions pattern.
Additional information: link
LERC20.executeLosslessTurnOff() (#274-280) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(losslessTurnOffTimestamp <= block.timestamp,LERC20: Time lock in progress) (#276)
Aimedis._transfer(address,address,uint256) (#901-959) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp <= earlyBuyPenaltyEnd && boughtEarly[from] (#948)
Avoid relying on block.timestamp.
Additional information: link
Context._msgData() (#10-13) is never used and should be removed
SafeMath.add(uint256,uint256) (#388-393) is never used and should be removed
SafeMath.div(uint256,uint256) (#462-464) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#478-484) is never used and should be removed
SafeMath.mod(uint256,uint256) (#498-500) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#514-517) is never used and should be removed
SafeMath.mul(uint256,uint256) (#436-448) is never used and should be removed
SafeMath.sub(uint256,uint256) (#405-407) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (#419-424) is never used and should be removed
SafeMathInt.abs(int256) (#620-623) is never used and should be removed
SafeMathInt.add(int256,int256) (#611-615) is never used and should be removed
SafeMathInt.div(int256,int256) (#591-597) is never used and should be removed
SafeMathInt.mul(int256,int256) (#579-586) is never used and should be removed
SafeMathInt.sub(int256,int256) (#602-606) is never used and should be removed
SafeMathInt.toUint256Safe(int256) (#626-629) is never used and should be removed
SafeMathUint.toInt256Safe(uint256) (#633-637) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version0.8.9 (#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.9 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function IUniswapV2Router01.WETH() (#642) is not in mixedCase
Variable Aimedis._isExcludedMaxTransactionAmount (#798) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#11)" inContext (#5-14)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Variable LERC20._totalSupply (#149) is too similar to LERC20.constructor(uint256,string,string,address,address,uint256,address).totalSupply_ (#170)
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#647) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#648)
Variable LERC20._totalSupply (#149) is too similar to Aimedis.constructor(uint256,string,string,address,address,uint256,address).totalSupply_ (#818)
Prevent variables from having similar names.
Additional information: link
SafeMathInt.MAX_INT256 (#574) is never used in SafeMathInt (#572-630)
Remove unused state variables.
Additional information: link
setLosslessAdmin(address) should be declared external:
- LERC20.setLosslessAdmin(address) (#250-253)
transferRecoveryAdminOwnership(address,bytes32) should be declared external:
- LERC20.transferRecoveryAdminOwnership(address,bytes32) (#255-259)
proposeLosslessTurnOff() should be declared external:
- LERC20.proposeLosslessTurnOff() (#268-272)
executeLosslessTurnOff() should be declared external:
- LERC20.executeLosslessTurnOff() (#274-280)
executeLosslessTurnOn() should be declared external:
- LERC20.executeLosslessTurnOn() (#282-286)
name() should be declared external:
- LERC20.name() (#290-292)
symbol() should be declared external:
- LERC20.symbol() (#294-296)
decimals() should be declared external:
- LERC20.decimals() (#298-300)
transfer(address,uint256) should be declared external:
- LERC20.transfer(address,uint256) (#310-313)
allowance(address,address) should be declared external:
- LERC20.allowance(address,address) (#315-317)
approve(address,uint256) should be declared external:
- LERC20.approve(address,uint256) (#319-323)
transferFrom(address,address,uint256) should be declared external:
- LERC20.transferFrom(address,address,uint256) (#325-333)
increaseAllowance(address,uint256) should be declared external:
- LERC20.increaseAllowance(address,uint256) (#335-338)
decreaseAllowance(address,uint256) should be declared external:
- LERC20.decreaseAllowance(address,uint256) (#340-346)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find token contract audit
Unable to find audit link on the website
Unable to find whitepaper link on the website
Token has a considerable age, but social accounts / website are missing or have few users
Young tokens have high risks of price dump / death
Telegram account has relatively few subscribers