CoinToken.addLiquidity(uint256,uint256) (#1666-1679) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapping = false (#1545)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- AmountLiquidityFee += LFee (#1564)
- AmountLiquidityFee += LFee (#1574)
- AmountMarketingFee += MFee (#1568)
- AmountMarketingFee += MFee (#1578)
- AmountTokenRewardsFee += RFee (#1566)
- AmountTokenRewardsFee += RFee (#1576)
- super._transfer(from,deadWallet,DFee) (#1583)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#458)
- _balances[recipient] = _balances[recipient].add(amount) (#459)
- super._transfer(from,address(this),fees.sub(DFee)) (#1584)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#458)
- _balances[recipient] = _balances[recipient].add(amount) (#459)
- super._transfer(from,to,amount) (#1587)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#458)
- _balances[recipient] = _balances[recipient].add(amount) (#459)
Apply the check-effects-interactions pattern.
Additional information: link
CoinToken.swapAndSendToFee(uint256) (#1604-1610) ignores return value by IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Contract ownership is not renounced (belongs to a wallet)
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Reentrancy in DividendPayingToken._withdrawDividendOfUser(address) (#842-858):
External calls:
- success = IERC20(REWARD_TOKEN).transfer(user,_withdrawableDividend) (#847)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (#850)
Apply the check-effects-interactions pattern.
Additional information: link
CoinToken._transfer(address,address,uint256).iterations (#1595) is a local variable never initialized
CoinToken._transfer(address,address,uint256).claims (#1595) is a local variable never initialized
CoinToken._transfer(address,address,uint256).fees (#1557) is a local variable never initialized
CoinToken._transfer(address,address,uint256).lastProcessedIndex (#1595) is a local variable never initialized
CoinToken._transfer(address,address,uint256).DFee (#1561) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
CoinToken.claim() (#1470-1472) ignores return value by dividendTracker.processAccount(address(msg.sender),false) (#1471)
CoinToken._transfer(address,address,uint256) (#1517-1602) ignores return value by dividendTracker.process(gas) (#1595-1600)
CoinToken.addLiquidity(uint256,uint256) (#1666-1679) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Ensure that all the return values of the function calls are used.
Additional information: link
DividendPayingToken.constructor(string,string,address)._name (#816) shadows:
- ERC20._name (#280) (state variable)
DividendPayingToken.constructor(string,string,address)._symbol (#816) shadows:
- ERC20._symbol (#281) (state variable)
DividendPayingToken.dividendOf(address)._owner (#864) shadows:
- Ownable._owner (#16) (state variable)
DividendPayingToken.withdrawableDividendOf(address)._owner (#871) shadows:
- Ownable._owner (#16) (state variable)
DividendPayingToken.withdrawnDividendOf(address)._owner (#878) shadows:
- Ownable._owner (#16) (state variable)
DividendPayingToken.accumulativeDividendOf(address)._owner (#888) shadows:
- Ownable._owner (#16) (state variable)
CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256).totalSupply (#1308) shadows:
- ERC20.totalSupply() (#332-334) (function)
- IERC20.totalSupply() (#50) (function)
Rename the local variables that shadow another component.
Additional information: link
CoinToken.setSwapTokensAtAmount(uint256) (#1492-1494) should emit an event for:
- swapTokensAtAmount = amount (#1493)
CoinToken.setBuyTaxes(uint256,uint256,uint256,uint256) (#1500-1507) should emit an event for:
- buyTokenRewardsFee = rewardsFee (#1502)
- buyLiquidityFee = liquidity (#1503)
- buyMarketingFee = marketingFee (#1504)
- buyDeadFee = deadFee (#1505)
CoinToken.setSelTaxes(uint256,uint256,uint256,uint256) (#1509-1515) should emit an event for:
- sellTokenRewardsFee = rewardsFee (#1511)
- sellLiquidityFee = liquidity (#1512)
- sellMarketingFee = marketingFee (#1513)
- sellDeadFee = deadFee (#1514)
Emit an event for critical parameter changes.
Additional information: link
DividendPayingToken.constructor(string,string,address)._rewardTokenAddress (#816) lacks a zero-check on :
- REWARD_TOKEN = _rewardTokenAddress (#817)
CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256)._uniswapV2Pair (#1319-1320) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (#1323)
CoinToken.updateUniswapV2Router(address)._uniswapV2Pair (#1355-1356) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (#1357)
CoinToken.setMarketingWallet(address).wallet (#1375) lacks a zero-check on :
- _marketingWalletAddress = wallet (#1376)
CoinToken.setDeadWallet(address).addr (#1496) lacks a zero-check on :
- deadWallet = addr (#1497)
Check that the address is not zero.
Additional information: link
DividendPayingToken._withdrawDividendOfUser(address) (#842-858) has external calls inside a loop: success = IERC20(REWARD_TOKEN).transfer(user,_withdrawableDividend) (#847)
Favor pull over push strategy for external calls.
Additional information: link
Variable 'CoinToken._transfer(address,address,uint256).iterations (#1595)' in CoinToken._transfer(address,address,uint256) (#1517-1602) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1596)
Variable 'CoinToken._transfer(address,address,uint256).claims (#1595)' in CoinToken._transfer(address,address,uint256) (#1517-1602) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1596)
Variable 'CoinToken._transfer(address,address,uint256).lastProcessedIndex (#1595)' in CoinToken._transfer(address,address,uint256) (#1517-1602) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1596)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapAndLiquify(AmountLiquidityFee) (#1543)
- _allowances[owner][spender] = amount (#524)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- _allowances[owner][spender] = amount (#524)
Reentrancy in CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256) (#1283-1343):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#1319-1320)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (#1323)
- uniswapV2Router = _uniswapV2Router (#1322)
Reentrancy in CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256) (#1283-1343):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#1319-1320)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#1325)
- dividendTracker.excludeFromDividends(pair) (#1394)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (#1328)
- dividendTracker.excludeFromDividends(address(this)) (#1329)
- dividendTracker.excludeFromDividends(owner()) (#1330)
- dividendTracker.excludeFromDividends(deadWallet) (#1331)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (#1332)
State variables written after the call(s):
- _cast(owner(),totalSupply) (#1340)
- _balances[account] = _balances[account].add(amount) (#478)
- excludeFromFees(owner(),true) (#1335)
- _isExcludedFromFees[account] = excluded (#1362)
- excludeFromFees(_marketingWalletAddress,true) (#1336)
- _isExcludedFromFees[account] = excluded (#1362)
- excludeFromFees(address(this),true) (#1337)
- _isExcludedFromFees[account] = excluded (#1362)
- excludeFromFees(_node,true) (#1338)
- _isExcludedFromFees[account] = excluded (#1362)
- _cast(owner(),totalSupply) (#1340)
- _totalSupply = _totalSupply.add(amount) (#477)
Reentrancy in TokenDividendTracker.processAccount(address,bool) (#1149-1159):
External calls:
- amount = _withdrawDividendOfUser(account) (#1150)
- success = IERC20(REWARD_TOKEN).transfer(user,_withdrawableDividend) (#847)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (#1153)
Reentrancy in CoinToken.swapAndLiquify(uint256) (#1612-1629):
External calls:
- swapTokensForEth(half) (#1620)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- addLiquidity(otherHalf,newBalance) (#1626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#1626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- AmountLiquidityFee = AmountLiquidityFee - tokens (#1627)
- addLiquidity(otherHalf,newBalance) (#1626)
- _allowances[owner][spender] = amount (#524)
Reentrancy in CoinToken.swapAndSendDividends(uint256) (#1681-1690):
External calls:
- swapTokensForCake(tokens) (#1682)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
State variables written after the call(s):
- AmountTokenRewardsFee = AmountTokenRewardsFee - tokens (#1683)
Reentrancy in CoinToken.swapAndSendToFee(uint256) (#1604-1610):
External calls:
- swapTokensForCake(tokens) (#1606)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
State variables written after the call(s):
- AmountMarketingFee = AmountMarketingFee - tokens (#1609)
Reentrancy in CoinToken.swapManual() (#1482-1490):
External calls:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- _allowances[owner][spender] = amount (#524)
Reentrancy in CoinToken.swapManual() (#1482-1490):
External calls:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndSendToFee(AmountMarketingFee) (#1488)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapAndSendToFee(AmountMarketingFee) (#1488)
- _allowances[owner][spender] = amount (#524)
Reentrancy in CoinToken.swapManual() (#1482-1490):
External calls:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- swapAndSendToFee(AmountMarketingFee) (#1488)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
State variables written after the call(s):
- swapping = false (#1489)
Reentrancy in CoinToken.updateUniswapV2Router(address) (#1351-1358):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(uniswapV2Router.factory()).createPair(address(this),uniswapV2Router.WETH()) (#1355-1356)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (#1357)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in CoinToken._setAutomatedMarketMakerPair(address,bool) (#1389-1397):
External calls:
- dividendTracker.excludeFromDividends(pair) (#1394)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (#1396)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#525)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- SwapAndLiquify(half,newBalance,otherHalf) (#1628)
- swapAndLiquify(AmountLiquidityFee) (#1543)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#525)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- SendDividends(tokens,dividends) (#1688)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Transfer(sender,recipient,amount) (#460)
- super._transfer(from,to,amount) (#1587)
- Transfer(sender,recipient,amount) (#460)
- super._transfer(from,address(this),fees.sub(DFee)) (#1584)
- Transfer(sender,recipient,amount) (#460)
- super._transfer(from,deadWallet,DFee) (#1583)
Reentrancy in CoinToken._transfer(address,address,uint256) (#1517-1602):
External calls:
- swapAndSendToFee(AmountMarketingFee) (#1542)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1544)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- dividendTracker.setBalance(address(from),balanceOf(from)) (#1589)
- dividendTracker.setBalance(address(to),balanceOf(to)) (#1590)
- dividendTracker.process(gas) (#1595-1600)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1543)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1596)
Reentrancy in CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256) (#1283-1343):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#1319-1320)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#1325)
- dividendTracker.excludeFromDividends(pair) (#1394)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (#1396)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#1325)
Reentrancy in CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256) (#1283-1343):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#1319-1320)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#1325)
- dividendTracker.excludeFromDividends(pair) (#1394)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (#1328)
- dividendTracker.excludeFromDividends(address(this)) (#1329)
- dividendTracker.excludeFromDividends(owner()) (#1330)
- dividendTracker.excludeFromDividends(deadWallet) (#1331)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (#1332)
Event emitted after the call(s):
- ExcludeFromFees(account,excluded) (#1363)
- excludeFromFees(owner(),true) (#1335)
- ExcludeFromFees(account,excluded) (#1363)
- excludeFromFees(_node,true) (#1338)
- ExcludeFromFees(account,excluded) (#1363)
- excludeFromFees(address(this),true) (#1337)
- ExcludeFromFees(account,excluded) (#1363)
- excludeFromFees(_marketingWalletAddress,true) (#1336)
- Transfer(address(0),account,amount) (#479)
- _cast(owner(),totalSupply) (#1340)
Reentrancy in TokenDividendTracker.processAccount(address,bool) (#1149-1159):
External calls:
- amount = _withdrawDividendOfUser(account) (#1150)
- success = IERC20(REWARD_TOKEN).transfer(user,_withdrawableDividend) (#847)
Event emitted after the call(s):
- Claim(account,amount,automatic) (#1154)
Reentrancy in CoinToken.processDividendTracker(uint256) (#1465-1468):
External calls:
- (iterations,claims,lastProcessedIndex) = dividendTracker.process(gas) (#1466)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,false,gas,tx.origin) (#1467)
Reentrancy in CoinToken.swapAndLiquify(uint256) (#1612-1629):
External calls:
- swapTokensForEth(half) (#1620)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- addLiquidity(otherHalf,newBalance) (#1626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#1626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#525)
- addLiquidity(otherHalf,newBalance) (#1626)
- SwapAndLiquify(half,newBalance,otherHalf) (#1628)
Reentrancy in CoinToken.swapAndSendDividends(uint256) (#1681-1690):
External calls:
- swapTokensForCake(tokens) (#1682)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
Event emitted after the call(s):
- SendDividends(tokens,dividends) (#1688)
Reentrancy in CoinToken.swapManual() (#1482-1490):
External calls:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#525)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- SendDividends(tokens,dividends) (#1688)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
Reentrancy in CoinToken.swapManual() (#1482-1490):
External calls:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1640-1646)
- swapAndSendDividends(AmountTokenRewardsFee) (#1487)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#1685)
- dividendTracker.distributeCAKEDividends(dividends) (#1687)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
- swapAndSendToFee(AmountMarketingFee) (#1488)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#1608)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1657-1663)
External calls sending eth:
- swapAndLiquify(AmountLiquidityFee) (#1486)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,_node,block.timestamp) (#1670-1677)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#525)
- swapAndSendToFee(AmountMarketingFee) (#1488)
Apply the check-effects-interactions pattern.
Additional information: link
TokenDividendTracker.getAccount(address) (#1013-1056) uses timestamp for comparisons
Dangerous comparisons:
- nextClaimTime > block.timestamp (#1053-1055)
TokenDividendTracker.canAutoClaim(uint256) (#1077-1083) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > block.timestamp (#1078)
- block.timestamp.sub(lastClaimTime) >= claimWait (#1082)
Avoid relying on block.timestamp.
Additional information: link
Clones.clone(address) (#210-219) uses assembly
- INLINE ASM (#211-217)
Clones.cloneDeterministic(address,bytes32) (#228-237) uses assembly
- INLINE ASM (#229-235)
Clones.predictDeterministicAddress(address,bytes32,address) (#242-257) uses assembly
- INLINE ASM (#247-256)
Do not use evm assembly.
Additional information: link
Clones.clone(address) (#210-219) is never used and should be removed
Clones.cloneDeterministic(address,bytes32) (#228-237) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32) (#262-268) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32,address) (#242-257) is never used and should be removed
Context._msgData() (#9-11) is never used and should be removed
DividendPayingToken._transfer(address,address,uint256) (#898-904) is never used and should be removed
SafeMath.mod(uint256,uint256) (#126-128) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#130-133) is never used and should be removed
SafeMathInt.abs(int256) (#184-187) is never used and should be removed
SafeMathInt.div(int256,int256) (#155-161) is never used and should be removed
SafeMathInt.mul(int256,int256) (#143-150) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (#2) allows old versions
solc-0.8.12 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function IUniswapV2Router01.WETH() (#539) is not in mixedCase
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#703) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#704) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#721) is not in mixedCase
Parameter DividendPayingToken.dividendOf(address)._owner (#864) is not in mixedCase
Parameter DividendPayingToken.withdrawableDividendOf(address)._owner (#871) is not in mixedCase
Parameter DividendPayingToken.withdrawnDividendOf(address)._owner (#878) is not in mixedCase
Parameter DividendPayingToken.accumulativeDividendOf(address)._owner (#888) is not in mixedCase
Variable DividendPayingToken.REWARD_TOKEN (#791) is not in mixedCase
Constant DividendPayingToken.magnitude (#796) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter TokenDividendTracker.getAccount(address)._account (#1013) is not in mixedCase
Function TokenDividendTracker.MAPGet(address) (#1161-1163) is not in mixedCase
Function TokenDividendTracker.MAPGetIndexOfKey(address) (#1164-1169) is not in mixedCase
Function TokenDividendTracker.MAPGetKeyAtIndex(uint256) (#1170-1172) is not in mixedCase
Function TokenDividendTracker.MAPSize() (#1174-1176) is not in mixedCase
Function TokenDividendTracker.MAPSet(address,uint256) (#1178-1187) is not in mixedCase
Function TokenDividendTracker.MAPRemove(address) (#1189-1206) is not in mixedCase
Function CoinToken.EnemyAddress(address,bool) (#1384-1386) is not in mixedCase
Variable CoinToken.AmountLiquidityFee (#1232) is not in mixedCase
Variable CoinToken.AmountTokenRewardsFee (#1233) is not in mixedCase
Variable CoinToken.AmountMarketingFee (#1234) is not in mixedCase
Variable CoinToken._marketingWalletAddress (#1236) is not in mixedCase
Variable CoinToken._isEnemy (#1240) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#544) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#545)
Variable DividendPayingToken._withdrawDividendOfUser(address)._withdrawableDividend (#843) is too similar to TokenDividendTracker.getAccount(address).withdrawableDividends (#1018)
Variable ERC20._totalSupply (#278) is too similar to CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256).totalSupply_ (#1286)
Prevent variables from having similar names.
Additional information: link
Clones.clone(address) (#210-219) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#213)
Clones.clone(address) (#210-219) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (#215)
Clones.cloneDeterministic(address,bytes32) (#228-237) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#231)
Clones.cloneDeterministic(address,bytes32) (#228-237) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (#233)
Clones.predictDeterministicAddress(address,bytes32,address) (#242-257) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#249)
Clones.predictDeterministicAddress(address,bytes32,address) (#242-257) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf3ff00000000000000000000000000000000) (#251)
TokenDividendTracker.getAccountAtIndex(uint256) (#1058-1075) uses literals with too many digits:
- (0x0000000000000000000000000000000000000000,- 1,- 1,0,0,0,0,0) (#1069)
CoinToken.constructor(string,string,uint256,address[4],uint256[4],uint256[4],uint256) (#1283-1343) uses literals with too many digits:
- gasForProcessing = 300000 (#1312)
CoinToken.updateGasForProcessing(uint256) (#1400-1405) uses literals with too many digits:
- require(bool,string)(newValue >= 200000 && newValue <= 500000,GasForProcessing must be between 200,000 and 500,000) (#1401)
CoinToken.slitherConstructorVariables() (#1210-1692) uses literals with too many digits:
- deadWallet = 0x000000000000000000000000000000000000dEaD (#1239)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (#138) is never used in SafeMathInt (#136-194)
Remove unused state variables.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#33-35)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#37-40)
name() should be declared external:
- ERC20.name() (#300-302)
symbol() should be declared external:
- ERC20.symbol() (#308-310)
decimals() should be declared external:
- ERC20.decimals() (#325-327)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#351-354)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (#359-361)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#370-373)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#388-396)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#410-413)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#429-432)
distributeCAKEDividends(uint256) should be declared external:
- DividendPayingToken.distributeCAKEDividends(uint256) (#821-832)
withdrawDividend() should be declared external:
- DividendPayingToken.withdrawDividend() (#836-838)
- TokenDividendTracker.withdrawDividend() (#976-978)
dividendOf(address) should be declared external:
- DividendPayingToken.dividendOf(address) (#864-866)
withdrawnDividendOf(address) should be declared external:
- DividendPayingToken.withdrawnDividendOf(address) (#878-880)
isExcludedFromDividends(address) should be declared external:
- TokenDividendTracker.isExcludedFromDividends(address) (#1009-1011)
getAccountAtIndex(uint256) should be declared external:
- TokenDividendTracker.getAccountAtIndex(uint256) (#1058-1075)
process(uint256) should be declared external:
- TokenDividendTracker.process(uint256) (#1102-1147)
MAPGet(address) should be declared external:
- TokenDividendTracker.MAPGet(address) (#1161-1163)
updateMinimumTokenBalanceForDividends(uint256) should be declared external:
- CoinToken.updateMinimumTokenBalanceForDividends(uint256) (#1347-1349)
updateUniswapV2Router(address) should be declared external:
- CoinToken.updateUniswapV2Router(address) (#1351-1358)
excludeMultipleAccountsFromFees(address[],bool) should be declared external:
- CoinToken.excludeMultipleAccountsFromFees(address[],bool) (#1367-1373)
setAutomatedMarketMakerPair(address,bool) should be declared external:
- CoinToken.setAutomatedMarketMakerPair(address,bool) (#1379-1382)
updateGasForProcessing(uint256) should be declared external:
- CoinToken.updateGasForProcessing(uint256) (#1400-1405)
isExcludedFromFees(address) should be declared external:
- CoinToken.isExcludedFromFees(address) (#1419-1421)
withdrawableDividendOf(address) should be declared external:
- CoinToken.withdrawableDividendOf(address) (#1423-1425)
dividendTokenBalanceOf(address) should be declared external:
- CoinToken.dividendTokenBalanceOf(address) (#1427-1429)
isExcludedFromDividends(address) should be declared external:
- CoinToken.isExcludedFromDividends(address) (#1435-1437)
swapManual() should be declared external:
- CoinToken.swapManual() (#1482-1490)
setSwapTokensAtAmount(uint256) should be declared external:
- CoinToken.setSwapTokensAtAmount(uint256) (#1492-1494)
setDeadWallet(address) should be declared external:
- CoinToken.setDeadWallet(address) (#1496-1498)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts