ALM [Alium] Token

Unable to verify that contract auditor is trusted: Certik, Quantstamp, Hacken, Solidity, Paladinsec, Openzeppelin, Verichains

AliumToken._writeCheckpoint(address,uint32,uint256,uint256) (#1100-1118) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (#1110)
Don't use strict equality to determine if an account has enough Ether or tokens.

Additional information: link

BEP20.constructor(string,string).name (#615) shadows:
- BEP20.name() (#631-633) (function)
- IBEP20.name() (#131) (function)
BEP20.constructor(string,string).symbol (#615) shadows:
- BEP20.symbol() (#645-647) (function)
- IBEP20.symbol() (#126) (function)
BEP20.allowance(address,address).owner (#679) shadows:
- Ownable.owner() (#66-68) (function)
BEP20._approve(address,address,uint256).owner (#838) shadows:
- Ownable.owner() (#66-68) (function)
Rename the local variables that shadow another component.

Additional information: link

AliumToken.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (#938-979) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,ALM::delegateBySig: signature expired) (#977)
Avoid relying on block.timestamp.

Additional information: link

Address.isContract(address) (#422-433) uses assembly
- INLINE ASM (#429-431)
Address._functionCallWithValue(address,bytes,uint256,string) (#530-556) uses assembly
- INLINE ASM (#548-551)
AliumToken._getChainId() (#1125-1129) uses assembly
- INLINE ASM (#1127)
Do not use evm assembly.

Additional information: link

Different versions of Solidity is used:
- Version used: ['=0.6.12', '>=0.4.0', '^0.6.2']
- >=0.4.0 (#5)
- >=0.4.0 (#34)
- >=0.4.0 (#110)
- >=0.4.0 (#209)
- ^0.6.2 (#399)
- >=0.4.0 (#561)
- =0.6.12 (#867)
Use one Solidity version.

Additional information: link

Address._functionCallWithValue(address,bytes,uint256,string) (#530-556) is never used and should be removed
Address.functionCall(address,bytes) (#477-479) is never used and should be removed
Address.functionCall(address,bytes,string) (#487-493) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#506-512) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#520-528) is never used and should be removed
Address.isContract(address) (#422-433) is never used and should be removed
Address.sendValue(address,uint256) (#451-457) is never used and should be removed
BEP20._burnFrom(address,uint256) (#855-862) is never used and should be removed
Context._msgData() (#26-29) is never used and should be removed
SafeMath.div(uint256,uint256) (#313-315) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#329-339) is never used and should be removed
SafeMath.min(uint256,uint256) (#378-380) is never used and should be removed
SafeMath.mod(uint256,uint256) (#353-355) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#369-376) is never used and should be removed
SafeMath.mul(uint256,uint256) (#287-299) is never used and should be removed
SafeMath.sqrt(uint256) (#383-394) is never used and should be removed
Remove unused functions.

Additional information: link

Pragma version>=0.4.0 (#5) allows old versions
Pragma version>=0.4.0 (#34) allows old versions
Pragma version>=0.4.0 (#110) allows old versions
Pragma version>=0.4.0 (#209) allows old versions
Pragma version^0.6.2 (#399) allows old versions
Pragma version>=0.4.0 (#561) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.

Additional information: link

Low level call in Address.sendValue(address,uint256) (#451-457):
- (success) = recipient.call{value: amount}() (#455)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#530-556):
- (success,returndata) = target.call{value: weiValue}(data) (#539)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Parameter AliumToken.burn(uint256)._amount (#1057) is not in mixedCase
Parameter AliumToken.mint(address,uint256)._to (#1063) is not in mixedCase
Parameter AliumToken.mint(address,uint256)._amount (#1063) is not in mixedCase
Variable AliumToken._delegates (#880) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Redundant expression "this (#27)" inContext (#17-30)
Remove redundant statements if they congest code but offer no value.

Additional information: link

renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#85-88)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#94-96)
decimals() should be declared external:
- BEP20.decimals() (#638-640)
symbol() should be declared external:
- BEP20.symbol() (#645-647)
totalSupply() should be declared external:
- BEP20.totalSupply() (#652-654)
allowance(address,address) should be declared external:
- BEP20.allowance(address,address) (#679-681)
approve(address,uint256) should be declared external:
- BEP20.approve(address,uint256) (#690-693)
increaseAllowance(address,uint256) should be declared external:
- BEP20.increaseAllowance(address,uint256) (#733-736)
decreaseAllowance(address,uint256) should be declared external:
- BEP20.decreaseAllowance(address,uint256) (#752-759)
burn(uint256) should be declared external:
- AliumToken.burn(uint256) (#1057-1060)
mint(address,uint256) should be declared external:
- AliumToken.mint(address,uint256) (#1063-1066)
Use the external attribute for functions never called from the contract.

Additional information: link