Dappsy is a cryptocurrency social network that aims to bring all crypto communities together.
The only platform you’ll ever need to interact with, invest in, and track your favorite projects.
Reentrancy in Token._transfer(address,address,uint256) (#1080-1141):
External calls:
- swapAndLiquify(contractTokenBalance) (#1115)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- pcsV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1209-1215)
- buyBackTokens(balance.div(100)) (#1124)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#1115)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- buyBackTokens(balance.div(100)) (#1124)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
State variables written after the call(s):
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _burnFee = _previousBurnFee (#1063)
- _burnFee = 0 (#1055)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _buybackFee = _previousBuybackFee (#1065)
- _buybackFee = 0 (#1057)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _liquidityFee = _previousLiquidityFee (#1062)
- _liquidityFee = 0 (#1054)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _rOwned[address(this)] = _rOwned[address(this)].add(rLiquidity) (#1027)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1271)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1280)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1291)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1272)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1301)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1282)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1292)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1303)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _rTotal = _rTotal.sub(rFee) (#982)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _tOwned[address(this)] = _tOwned[address(this)].add(tLiquidity) (#1029)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#1290)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#1300)
- _tOwned[recipient] = _tOwned[recipient].add(tTransferAmount) (#1281)
- _tOwned[recipient] = _tOwned[recipient].add(tTransferAmount) (#1302)
- _tokenTransfer(from,to,amount,takeFee) (#1140)
- _walletFee = _previousWalletFee (#1064)
- _walletFee = 0 (#1056)
- buyBackTokens(balance.div(100)) (#1124)
- inSwapAndLiquify = true (#771)
- inSwapAndLiquify = false (#773)
Apply the check-effects-interactions pattern.
Additional information: link
Token.recoverBEP20(address,uint256) (#1325-1329) ignores return value by IERC20(tokenAddress).transfer(owner(),tokenAmount) (#1328)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Unable to verify that contract auditor is trusted: Certik, Quantstamp, Hacken, Solidity, Paladinsec, Openzeppelin, Verichains
Token.setAllFeePercent(uint8,uint8,uint8,uint8,uint8) (#932-943) contains a tautology or contradiction:
- require(bool,string)(liquidityFee >= 0 && liquidityFee <= maxLiqFee,LF err) (#934)
Fix the incorrect comparison by changing the value type or the comparison.
Additional information: link
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Token.router (#722) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
Token.swapAndLiquify(uint256) (#1143-1192) performs a multiplication on the result of a division:
-spentAmount = contractTokenBalance.div(totFee).mul(_buybackFee) (#1162)
Consider ordering multiplication before division.
Additional information: link
Token.addLiquidity(uint256,uint256) (#1233-1246) ignores return value by pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
Ensure that all the return values of the function calls are used.
Additional information: link
Token._approve(address,address,uint256).owner (#1072) shadows:
- Ownable.owner() (#481-483) (function)
Rename the local variables that shadow another component.
Additional information: link
Token.setMaxWalletPercent(uint256) (#960-965) should emit an event for:
- _maxWalletAmount = _tTotal.mul(maxWalletPercent).div(10 ** 2) (#962-964)
Emit an event for critical parameter changes.
Additional information: link
Token.constructor(address,string,string,uint8,uint256,uint8,uint8,address)._feeWallet (#779) lacks a zero-check on :
- feeWallet = _feeWallet (#790)
Check that the address is not zero.
Additional information: link
Reentrancy in Token.transferFrom(address,address,uint256) (#851-855):
External calls:
- _transfer(sender,recipient,amount) (#852)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
- pcsV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1209-1215)
External calls sending eth:
- _transfer(sender,recipient,amount) (#852)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#853)
- _allowances[owner][spender] = amount (#1076)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in Token.transferFrom(address,address,uint256) (#851-855):
External calls:
- _transfer(sender,recipient,amount) (#852)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
- pcsV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1209-1215)
External calls sending eth:
- _transfer(sender,recipient,amount) (#852)
- pcsV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,dead,block.timestamp) (#1238-1245)
- pcsV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,dead,block.timestamp.add(300)) (#1225-1230)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#1077)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#853)
Apply the check-effects-interactions pattern.
Additional information: link
Ownable.unlock() (#528-533) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp > _lockTime,Contract is locked until 7 days) (#530)
Avoid relying on block.timestamp.
Additional information: link
Address._functionCallWithValue(address,bytes,uint256,string) (#359-380) uses assembly
- INLINE ASM (#372-375)
Do not use evm assembly.
Additional information: link
SafeMath.mod(uint256,uint256,string) (#227-230) is never used and should be removed
Remove unused functions.
Additional information: link
Token._previousBuybackFee (#749) is set pre-construction with a non-constant function or state variable:
- _buybackFee
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
solc-0.8.6 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#359-380):
- (success,returndata) = target.call{value: weiValue}(data) (#363)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Variable Token._maxWalletAmount (#759) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#239)" inContext (#233-242)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Variable Token._getRValues(uint256,uint256,uint256,uint256).rTransferAmount (#1003) is too similar to Token._getValues(uint256).tTransferAmount (#987)
Prevent variables from having similar names.
Additional information: link
Token.slitherConstructorVariables() (#698-1330) uses literals with too many digits:
- dead = 0x000000000000000000000000000000000000dEaD (#703)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
recoverBEP20(address,uint256) should be declared external:
- Token.recoverBEP20(address,uint256) (#1325-1329)
Use the external attribute for functions never called from the contract.
Additional information: link
BscScan page for the token does not contain additional info: website, socials, description, etc.
Additional information: link
Unable to find code repository for the project
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Token has relatively low CoinMarketCap rank
Twitter account link seems to be invalid
Unable to find Discord account