Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
FUTIGER.addLiquidity(uint256,uint256) (#734-747) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in FUTIGER._transfer(address,address,uint256) (#643-681):
External calls:
- swapAndLiquify(contractTokenBalance) (#665)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#665)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#668)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#676)
- finalAmount = takeFee(sender,recipient,amount) (#670-671)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#761)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
FUTIGER._decimals (#383) should be constant
FUTIGER._name (#381) should be constant
FUTIGER._symbol (#382) should be constant
Ownable._lockTime (#140) should be constant
Ownable.asdasd (#139) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
FUTIGER.addLiquidity(uint256,uint256) (#734-747) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
Ensure that all the return values of the function calls are used.
Additional information: link
FUTIGER.allowance(address,address).owner (#498) shadows:
- Ownable.owner() (#150-152) (function)
FUTIGER._approve(address,address,uint256).owner (#521) shadows:
- Ownable.owner() (#150-152) (function)
Rename the local variables that shadow another component.
Additional information: link
FUTIGER.setBuyTaxes(uint256,uint256,uint256) (#541-547) should emit an event for:
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#546)
FUTIGER.setSelTaxes(uint256,uint256,uint256) (#549-555) should emit an event for:
- _totalTaxIfSelling = _sellLiquidityFee.add(_sellMarketingFee).add(_sellTeamFee) (#554)
FUTIGER.setDistributionSettings(uint256,uint256,uint256) (#557-563) should emit an event for:
- _liquidityShare = newLiquidityShare (#558)
- _teamShare = newTeamShare (#560)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#562)
FUTIGER.setMaxTxAmount(uint256) (#565-567) should emit an event for:
- _maxTxAmount = maxTxAmount (#566)
FUTIGER.setWalletLimit(uint256) (#577-579) should emit an event for:
- _walletMax = newLimit (#578)
FUTIGER.setNumTokensBeforeSwap(uint256) (#581-583) should emit an event for:
- minimumTokensBeforeSwap = newLimit (#582)
Emit an event for critical parameter changes.
Additional information: link
FUTIGER.setMarketingWalletAddress(address).newAddress (#585) lacks a zero-check on :
- marketingWalletAddress = address(newAddress) (#586)
FUTIGER.setTeamWalletAddress(address).newAddress (#589) lacks a zero-check on :
- teamWalletAddress = address(newAddress) (#590)
Check that the address is not zero.
Additional information: link
Reentrancy in FUTIGER.changeRouterVersion(address) (#610-627):
External calls:
- newPairAddress = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#618-619)
State variables written after the call(s):
- isMarketPair[address(uniswapPair)] = true (#626)
- isWalletLimitExempt[address(uniswapPair)] = true (#625)
- uniswapPair = newPairAddress (#622)
- uniswapV2Router = _uniswapV2Router (#623)
Reentrancy in FUTIGER.constructor() (#448-476):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#452-453)
State variables written after the call(s):
- _allowances[address(this)][address(uniswapV2Router)] = _totalSupply (#456)
- _balances[_msgSender()] = _totalSupply (#474)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#463)
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#461)
- _totalTaxIfSelling = _sellLiquidityFee.add(_sellMarketingFee).add(_sellTeamFee) (#462)
- isExcludedFromFee[owner()] = true (#458)
- isExcludedFromFee[address(this)] = true (#459)
- isMarketPair[address(uniswapPair)] = true (#472)
- isTxLimitExempt[owner()] = true (#469)
- isTxLimitExempt[address(this)] = true (#470)
- isWalletLimitExempt[owner()] = true (#465)
- isWalletLimitExempt[address(uniswapPair)] = true (#466)
- isWalletLimitExempt[address(this)] = true (#467)
- uniswapV2Router = _uniswapV2Router (#455)
Reentrancy in FUTIGER.swapAndLiquify(uint256) (#690-712):
External calls:
- swapTokensForEth(tokensForSwap) (#695)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#705)
- recipient.transfer(amount) (#607)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#708)
- recipient.transfer(amount) (#607)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- _allowances[owner][spender] = amount (#525)
Reentrancy in FUTIGER.transferFrom(address,address,uint256) (#637-641):
External calls:
- _transfer(sender,recipient,amount) (#638)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
External calls sending eth:
- _transfer(sender,recipient,amount) (#638)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#639)
- _allowances[owner][spender] = amount (#525)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in FUTIGER._transfer(address,address,uint256) (#643-681):
External calls:
- swapAndLiquify(contractTokenBalance) (#665)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#665)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#762)
- finalAmount = takeFee(sender,recipient,amount) (#670-671)
- Transfer(sender,recipient,finalAmount) (#678)
Reentrancy in FUTIGER.constructor() (#448-476):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#452-453)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_totalSupply) (#475)
Reentrancy in FUTIGER.swapAndLiquify(uint256) (#690-712):
External calls:
- swapTokensForEth(tokensForSwap) (#695)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#705)
- recipient.transfer(amount) (#607)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#708)
- recipient.transfer(amount) (#607)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#526)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
Reentrancy in FUTIGER.swapTokensForEth(uint256) (#714-732):
External calls:
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
Event emitted after the call(s):
- SwapTokensForETH(tokenAmount,path) (#731)
Reentrancy in FUTIGER.transferFrom(address,address,uint256) (#637-641):
External calls:
- _transfer(sender,recipient,amount) (#638)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#723-729)
External calls sending eth:
- _transfer(sender,recipient,amount) (#638)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#526)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#639)
Apply the check-effects-interactions pattern.
Additional information: link
Address.isContract(address) (#83-90) uses assembly
- INLINE ASM (#88)
Address._functionCallWithValue(address,bytes,uint256,string) (#117-134) uses assembly
- INLINE ASM (#126-129)
Do not use evm assembly.
Additional information: link
Address._functionCallWithValue(address,bytes,uint256,string) (#117-134) is never used and should be removed
Address.functionCall(address,bytes) (#100-102) is never used and should be removed
Address.functionCall(address,bytes,string) (#104-106) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#108-110) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#112-115) is never used and should be removed
Address.isContract(address) (#83-90) is never used and should be removed
Address.sendValue(address,uint256) (#92-98) is never used and should be removed
Context._msgData() (#10-13) is never used and should be removed
SafeMath.mod(uint256,uint256) (#71-73) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#75-78) is never used and should be removed
Remove unused functions.
Additional information: link
FUTIGER._totalSupply (#412) is set pre-construction with a non-constant function or state variable:
- 40000000 * 10 ** _decimals
FUTIGER._maxTxAmount (#413) is set pre-construction with a non-constant function or state variable:
- 40000000 * 10 ** _decimals
FUTIGER._walletMax (#414) is set pre-construction with a non-constant function or state variable:
- 40000000 * 10 ** _decimals
FUTIGER.minimumTokensBeforeSwap (#415) is set pre-construction with a non-constant function or state variable:
- 100 * 10 ** _decimals
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#92-98):
- (success) = recipient.call{value: amount}() (#96)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#117-134):
- (success,returndata) = target.call{value: weiValue}(data) (#120)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#207) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#208) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#224) is not in mixedCase
Function IUniswapV2Router01.WETH() (#243) is not in mixedCase
Parameter FUTIGER.setSwapAndLiquifyEnabled(bool)._enabled (#593) is not in mixedCase
Variable FUTIGER._balances (#388) is not in mixedCase
Variable FUTIGER._buyLiquidityFee (#396) is not in mixedCase
Variable FUTIGER._buyMarketingFee (#397) is not in mixedCase
Variable FUTIGER._buyTeamFee (#398) is not in mixedCase
Variable FUTIGER._sellLiquidityFee (#400) is not in mixedCase
Variable FUTIGER._sellMarketingFee (#401) is not in mixedCase
Variable FUTIGER._sellTeamFee (#402) is not in mixedCase
Variable FUTIGER._liquidityShare (#404) is not in mixedCase
Variable FUTIGER._marketingShare (#405) is not in mixedCase
Variable FUTIGER._teamShare (#406) is not in mixedCase
Variable FUTIGER._totalTaxIfBuying (#408) is not in mixedCase
Variable FUTIGER._totalTaxIfSelling (#409) is not in mixedCase
Variable FUTIGER._totalDistributionShares (#410) is not in mixedCase
Variable FUTIGER._maxTxAmount (#413) is not in mixedCase
Variable FUTIGER._walletMax (#414) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#11)" inContext (#4-14)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Reentrancy in FUTIGER._transfer(address,address,uint256) (#643-681):
External calls:
- swapAndLiquify(contractTokenBalance) (#665)
- recipient.transfer(amount) (#607)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#665)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#668)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#676)
- finalAmount = takeFee(sender,recipient,amount) (#670-671)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#761)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#762)
- finalAmount = takeFee(sender,recipient,amount) (#670-671)
- Transfer(sender,recipient,finalAmount) (#678)
Reentrancy in FUTIGER.swapAndLiquify(uint256) (#690-712):
External calls:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#705)
- recipient.transfer(amount) (#607)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#708)
- recipient.transfer(amount) (#607)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#705)
- recipient.transfer(amount) (#607)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#708)
- recipient.transfer(amount) (#607)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
- _allowances[owner][spender] = amount (#525)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#526)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#711)
Reentrancy in FUTIGER.transferFrom(address,address,uint256) (#637-641):
External calls:
- _transfer(sender,recipient,amount) (#638)
- recipient.transfer(amount) (#607)
External calls sending eth:
- _transfer(sender,recipient,amount) (#638)
- recipient.transfer(amount) (#607)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#739-746)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#639)
- _allowances[owner][spender] = amount (#525)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#526)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#639)
Apply the check-effects-interactions pattern.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#248) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#249)
Prevent variables from having similar names.
Additional information: link
Ownable.waiveOwnership() (#159-162) uses literals with too many digits:
- OwnershipTransferred(_owner,address(0x000000000000000000000000000000000000dEaD)) (#160)
Ownable.waiveOwnership() (#159-162) uses literals with too many digits:
- _owner = address(0x000000000000000000000000000000000000dEaD) (#161)
FUTIGER.slitherConstructorVariables() (#376-769) uses literals with too many digits:
- deadAddress = 0x000000000000000000000000000000000000dEaD (#386)
FUTIGER.slitherConstructorVariables() (#376-769) uses literals with too many digits:
- _totalSupply = 40000000 * 10 ** _decimals (#412)
FUTIGER.slitherConstructorVariables() (#376-769) uses literals with too many digits:
- _maxTxAmount = 40000000 * 10 ** _decimals (#413)
FUTIGER.slitherConstructorVariables() (#376-769) uses literals with too many digits:
- _walletMax = 40000000 * 10 ** _decimals (#414)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
Ownable.asdasd (#139) is never used in FUTIGER (#376-769)
Ownable._lockTime (#140) is never used in FUTIGER (#376-769)
Remove unused state variables.
Additional information: link
waiveOwnership() should be declared external:
- Ownable.waiveOwnership() (#159-162)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#164-168)
getTime() should be declared external:
- Ownable.getTime() (#170-172)
name() should be declared external:
- FUTIGER.name() (#478-480)
symbol() should be declared external:
- FUTIGER.symbol() (#482-484)
decimals() should be declared external:
- FUTIGER.decimals() (#486-488)
totalSupply() should be declared external:
- FUTIGER.totalSupply() (#490-492)
allowance(address,address) should be declared external:
- FUTIGER.allowance(address,address) (#498-500)
increaseAllowance(address,uint256) should be declared external:
- FUTIGER.increaseAllowance(address,uint256) (#502-505)
decreaseAllowance(address,uint256) should be declared external:
- FUTIGER.decreaseAllowance(address,uint256) (#507-510)
minimumTokensBeforeSwapAmount() should be declared external:
- FUTIGER.minimumTokensBeforeSwapAmount() (#512-514)
approve(address,uint256) should be declared external:
- FUTIGER.approve(address,uint256) (#516-519)
setMarketPairStatus(address,bool) should be declared external:
- FUTIGER.setMarketPairStatus(address,bool) (#529-531)
setIsExcludedFromFee(address,bool) should be declared external:
- FUTIGER.setIsExcludedFromFee(address,bool) (#537-539)
setSwapAndLiquifyEnabled(bool) should be declared external:
- FUTIGER.setSwapAndLiquifyEnabled(bool) (#593-596)
setSwapAndLiquifyByLimitOnly(bool) should be declared external:
- FUTIGER.setSwapAndLiquifyByLimitOnly(bool) (#598-600)
getCirculatingSupply() should be declared external:
- FUTIGER.getCirculatingSupply() (#602-604)
changeRouterVersion(address) should be declared external:
- FUTIGER.changeRouterVersion(address) (#610-627)
transfer(address,uint256) should be declared external:
- FUTIGER.transfer(address,uint256) (#632-635)
transferFrom(address,address,uint256) should be declared external:
- FUTIGER.transferFrom(address,address,uint256) (#637-641)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token is marked as risky (blacklisted creator, fake name, dead project, etc.)
Additional information: link
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts