Astronos is a #DeFi ecosystem that rewards holders in #BUSD to give a real time hedge against market volatility.
Space.safeDexTokenTransfer(address,uint256) (#1276-1283) ignores return value by dexToken.transfer(_to,dexTokenBal) (#1279)
Space.safeDexTokenTransfer(address,uint256) (#1276-1283) ignores return value by dexToken.transfer(_to,_amount) (#1281)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Astronos._writeCheckpoint(address,uint32,uint256,uint256) (#1167-1185) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (#1177)
Space._writeCheckpoint(address,uint32,uint256,uint256) (#1484-1502) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (#1494)
MasterChief.updatePool(uint256) (#1695-1711) uses a dangerous strict equality:
- lpSupply == 0 (#1701)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
MasterChief.pendingDexToken(uint256,address) (#1671-1683) performs a multiplication on the result of a division:
-dexTokenReward = multiplier.mul(dexTokenPerBlock).mul(pool.allocPoint).div(totalAllocPoint) (#1679)
-accDexTokenPerShare = accDexTokenPerShare.add(dexTokenReward.mul(1e12).div(lpSupply)) (#1680)
MasterChief.updatePool(uint256) (#1695-1711) performs a multiplication on the result of a division:
-dexTokenReward = multiplier.mul(dexTokenPerBlock).mul(pool.allocPoint).div(totalAllocPoint) (#1706)
-pool.accDexTokenPerShare = pool.accDexTokenPerShare.add(dexTokenReward.mul(1e12).div(lpSupply)) (#1709)
Consider ordering multiplication before division.
Additional information: link
Address.isContract(address) (#312-323) uses assembly
- INLINE ASM (#319-321)
Address._functionCallWithValue(address,bytes,uint256,string) (#420-446) uses assembly
- INLINE ASM (#438-441)
Astronos.getChainId() (#1192-1196) uses assembly
- INLINE ASM (#1194)
Space.getChainId() (#1509-1513) uses assembly
- INLINE ASM (#1511)
Do not use evm assembly.
Additional information: link
BEP20._mint(address,uint256) (#885-891) has costly operations inside a loop:
- _totalSupply = _totalSupply.add(amount) (#888)
Use a local variable to hold the loop computation result.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#341-347):
- (success) = recipient.call{value: amount}() (#345)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#420-446):
- (success,returndata) = target.call{value: weiValue}(data) (#429)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Reentrancy in MasterChief.add(uint256,IBEP20,bool) (#1622-1635):
External calls:
- massUpdatePools() (#1624)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
State variables written after the call(s):
- poolInfo.push(PoolInfo(_lpToken,_allocPoint,lastRewardBlock,0)) (#1628-1633)
- updateStakingPool() (#1634)
- poolInfo[0].allocPoint = points (#1659)
- totalAllocPoint = totalAllocPoint.add(_allocPoint) (#1627)
- updateStakingPool() (#1634)
- totalAllocPoint = totalAllocPoint.sub(poolInfo[0].allocPoint).add(points) (#1658)
Reentrancy in MasterChief.deposit(uint256,uint256) (#1714-1733):
External calls:
- updatePool(_pid) (#1720)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1724)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#1728)
State variables written after the call(s):
- user.amount = user.amount.add(_amount) (#1729)
- user.rewardDebt = user.amount.mul(pool.accDexTokenPerShare).div(1e12) (#1731)
Reentrancy in MasterChief.emergencyWithdraw(uint256) (#1798-1805):
External calls:
- pool.lpToken.safeTransfer(address(msg.sender),user.amount) (#1801)
State variables written after the call(s):
- user.amount = 0 (#1803)
- user.rewardDebt = 0 (#1804)
Reentrancy in MasterChief.enterStaking(uint256) (#1757-1775):
External calls:
- updatePool(0) (#1760)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1764)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#1768)
State variables written after the call(s):
- user.amount = user.amount.add(_amount) (#1769)
- user.rewardDebt = user.amount.mul(pool.accDexTokenPerShare).div(1e12) (#1771)
Reentrancy in MasterChief.leaveStaking(uint256) (#1778-1795):
External calls:
- updatePool(0) (#1782)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1785)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
State variables written after the call(s):
- user.amount = user.amount.sub(_amount) (#1788)
Reentrancy in MasterChief.leaveStaking(uint256) (#1778-1795):
External calls:
- updatePool(0) (#1782)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1785)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransfer(address(msg.sender),_amount) (#1789)
State variables written after the call(s):
- user.rewardDebt = user.amount.mul(pool.accDexTokenPerShare).div(1e12) (#1791)
Reentrancy in MasterChief.set(uint256,uint256,bool) (#1638-1648):
External calls:
- massUpdatePools() (#1640)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
State variables written after the call(s):
- poolInfo[_pid].allocPoint = _allocPoint (#1644)
- updateStakingPool() (#1646)
- poolInfo[0].allocPoint = points (#1659)
- totalAllocPoint = totalAllocPoint.sub(poolInfo[_pid].allocPoint).add(_allocPoint) (#1642)
- updateStakingPool() (#1646)
- totalAllocPoint = totalAllocPoint.sub(poolInfo[0].allocPoint).add(points) (#1658)
Reentrancy in MasterChief.updatePool(uint256) (#1695-1711):
External calls:
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
State variables written after the call(s):
- pool.accDexTokenPerShare = pool.accDexTokenPerShare.add(dexTokenReward.mul(1e12).div(lpSupply)) (#1709)
- pool.lastRewardBlock = block.number (#1710)
Reentrancy in MasterChief.withdraw(uint256,uint256) (#1736-1754):
External calls:
- updatePool(_pid) (#1743)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1746)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
State variables written after the call(s):
- user.amount = user.amount.sub(_amount) (#1749)
Reentrancy in MasterChief.withdraw(uint256,uint256) (#1736-1754):
External calls:
- updatePool(_pid) (#1743)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1746)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransfer(address(msg.sender),_amount) (#1750)
State variables written after the call(s):
- user.rewardDebt = user.amount.mul(pool.accDexTokenPerShare).div(1e12) (#1752)
Apply the check-effects-interactions pattern.
Additional information: link
BEP20.constructor(string,string).name (#690) shadows:
- BEP20.name() (#706-708) (function)
- IBEP20.name() (#214) (function)
BEP20.constructor(string,string).symbol (#690) shadows:
- BEP20.symbol() (#720-722) (function)
- IBEP20.symbol() (#209) (function)
BEP20.allowance(address,address).owner (#754) shadows:
- Ownable.owner() (#600-602) (function)
BEP20._approve(address,address,uint256).owner (#926) shadows:
- Ownable.owner() (#600-602) (function)
Astronos.constructor(string,string).name (#956) shadows:
- BEP20.name() (#706-708) (function)
- IBEP20.name() (#214) (function)
Astronos.constructor(string,string).symbol (#957) shadows:
- BEP20.symbol() (#720-722) (function)
- IBEP20.symbol() (#209) (function)
Rename the local variables that shadow another component.
Additional information: link
MasterChief.updateDexTokenPerBlock(uint256) (#1604-1606) should emit an event for:
- dexTokenPerBlock = _dexTokenPerBlock (#1605)
MasterChief.updateMultiplier(uint256) (#1608-1610) should emit an event for:
- BONUS_MULTIPLIER = multiplierNumber (#1609)
MasterChief.add(uint256,IBEP20,bool) (#1622-1635) should emit an event for:
- totalAllocPoint = totalAllocPoint.add(_allocPoint) (#1627)
MasterChief.set(uint256,uint256,bool) (#1638-1648) should emit an event for:
- totalAllocPoint = totalAllocPoint.sub(poolInfo[_pid].allocPoint).add(_allocPoint) (#1642)
Emit an event for critical parameter changes.
Additional information: link
Reentrancy in MasterChief.deposit(uint256,uint256) (#1714-1733):
External calls:
- updatePool(_pid) (#1720)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1724)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#1728)
Event emitted after the call(s):
- Deposit(msg.sender,_pid,_amount) (#1732)
Reentrancy in MasterChief.emergencyWithdraw(uint256) (#1798-1805):
External calls:
- pool.lpToken.safeTransfer(address(msg.sender),user.amount) (#1801)
Event emitted after the call(s):
- EmergencyWithdraw(msg.sender,_pid,user.amount) (#1802)
Reentrancy in MasterChief.enterStaking(uint256) (#1757-1775):
External calls:
- updatePool(0) (#1760)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1764)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#1768)
- rewardToken.mint(msg.sender,_amount) (#1773)
Event emitted after the call(s):
- Deposit(msg.sender,0,_amount) (#1774)
Reentrancy in MasterChief.leaveStaking(uint256) (#1778-1795):
External calls:
- updatePool(0) (#1782)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1785)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransfer(address(msg.sender),_amount) (#1789)
- rewardToken.burn(msg.sender,_amount) (#1793)
Event emitted after the call(s):
- Withdraw(msg.sender,0,_amount) (#1794)
Reentrancy in MasterChief.withdraw(uint256,uint256) (#1736-1754):
External calls:
- updatePool(_pid) (#1743)
- dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
- dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
- safeDexTokenTransfer(msg.sender,pending) (#1746)
- rewardToken.safeDexTokenTransfer(_to,_amount) (#1809)
- pool.lpToken.safeTransfer(address(msg.sender),_amount) (#1750)
Event emitted after the call(s):
- Withdraw(msg.sender,_pid,_amount) (#1753)
Apply the check-effects-interactions pattern.
Additional information: link
Astronos.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (#1033-1074) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,DexToken::delegateBySig: signature expired) (#1072)
Space.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (#1350-1391) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,DexToken::delegateBySig: signature expired) (#1389)
Avoid relying on block.timestamp.
Additional information: link
Address.functionCall(address,bytes) (#367-369) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#396-402) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#410-418) is never used and should be removed
Address.sendValue(address,uint256) (#341-347) is never used and should be removed
BEP20._burnFrom(address,uint256) (#943-950) is never used and should be removed
Context._msgData() (#564-567) is never used and should be removed
SafeBEP20.safeApprove(IBEP20,address,uint256) (#487-501) is never used and should be removed
SafeBEP20.safeDecreaseAllowance(IBEP20,address,uint256) (#512-522) is never used and should be removed
SafeBEP20.safeIncreaseAllowance(IBEP20,address,uint256) (#503-510) is never used and should be removed
SafeMath.min(uint256,uint256) (#175-177) is never used and should be removed
SafeMath.mod(uint256,uint256) (#150-152) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#166-173) is never used and should be removed
SafeMath.sqrt(uint256) (#180-191) is never used and should be removed
Remove unused functions.
Additional information: link
Parameter Astronos.mint(address,uint256)._to (#961) is not in mixedCase
Parameter Astronos.mint(address,uint256)._amount (#961) is not in mixedCase
Parameter Astronos.isHolder(uint256)._addr (#1197) is not in mixedCase
Parameter Astronos.getHolderAmount(uint256)._addr (#1205) is not in mixedCase
Parameter Astronos.addHolders(uint256[])._users (#1221) is not in mixedCase
Parameter Astronos.addHoldersAmount(uint256[])._amounts (#1226) is not in mixedCase
Variable Astronos._delegates (#975) is not in mixedCase
Parameter Space.mint(address,uint256)._to (#1254) is not in mixedCase
Parameter Space.mint(address,uint256)._amount (#1254) is not in mixedCase
Parameter Space.burn(address,uint256)._from (#1260) is not in mixedCase
Parameter Space.burn(address,uint256)._amount (#1260) is not in mixedCase
Parameter Space.safeDexTokenTransfer(address,uint256)._to (#1276) is not in mixedCase
Parameter Space.safeDexTokenTransfer(address,uint256)._amount (#1276) is not in mixedCase
Variable Space._delegates (#1292) is not in mixedCase
Parameter MasterChief.updateDexTokenPerBlock(uint256)._dexTokenPerBlock (#1604) is not in mixedCase
Parameter MasterChief.add(uint256,IBEP20,bool)._allocPoint (#1622) is not in mixedCase
Parameter MasterChief.add(uint256,IBEP20,bool)._lpToken (#1622) is not in mixedCase
Parameter MasterChief.add(uint256,IBEP20,bool)._withUpdate (#1622) is not in mixedCase
Parameter MasterChief.set(uint256,uint256,bool)._pid (#1638) is not in mixedCase
Parameter MasterChief.set(uint256,uint256,bool)._allocPoint (#1638) is not in mixedCase
Parameter MasterChief.set(uint256,uint256,bool)._withUpdate (#1638) is not in mixedCase
Parameter MasterChief.getMultiplier(uint256,uint256)._from (#1666) is not in mixedCase
Parameter MasterChief.getMultiplier(uint256,uint256)._to (#1666) is not in mixedCase
Parameter MasterChief.pendingDexToken(uint256,address)._pid (#1671) is not in mixedCase
Parameter MasterChief.pendingDexToken(uint256,address)._user (#1671) is not in mixedCase
Parameter MasterChief.updatePool(uint256)._pid (#1695) is not in mixedCase
Parameter MasterChief.deposit(uint256,uint256)._pid (#1714) is not in mixedCase
Parameter MasterChief.deposit(uint256,uint256)._amount (#1714) is not in mixedCase
Parameter MasterChief.withdraw(uint256,uint256)._pid (#1736) is not in mixedCase
Parameter MasterChief.withdraw(uint256,uint256)._amount (#1736) is not in mixedCase
Parameter MasterChief.enterStaking(uint256)._amount (#1757) is not in mixedCase
Parameter MasterChief.leaveStaking(uint256)._amount (#1778) is not in mixedCase
Parameter MasterChief.emergencyWithdraw(uint256)._pid (#1798) is not in mixedCase
Parameter MasterChief.safeDexTokenTransfer(address,uint256)._to (#1808) is not in mixedCase
Parameter MasterChief.safeDexTokenTransfer(address,uint256)._amount (#1808) is not in mixedCase
Parameter MasterChief.dev(address)._devaddr (#1813) is not in mixedCase
Variable MasterChief.BONUS_MULTIPLIER (#1563) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#619-622)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#628-630)
decimals() should be declared external:
- BEP20.decimals() (#713-715)
symbol() should be declared external:
- BEP20.symbol() (#720-722)
totalSupply() should be declared external:
- BEP20.totalSupply() (#727-729)
transfer(address,uint256) should be declared external:
- BEP20.transfer(address,uint256) (#746-749)
allowance(address,address) should be declared external:
- BEP20.allowance(address,address) (#754-756)
approve(address,uint256) should be declared external:
- BEP20.approve(address,uint256) (#765-768)
transferFrom(address,address,uint256) should be declared external:
- BEP20.transferFrom(address,address,uint256) (#782-794)
increaseAllowance(address,uint256) should be declared external:
- BEP20.increaseAllowance(address,uint256) (#808-811)
decreaseAllowance(address,uint256) should be declared external:
- BEP20.decreaseAllowance(address,uint256) (#827-834)
mint(uint256) should be declared external:
- BEP20.mint(uint256) (#844-847)
mint(address,uint256) should be declared external:
- Astronos.mint(address,uint256) (#961-964)
isHolder(uint256) should be declared external:
- Astronos.isHolder(uint256) (#1197-1204)
getHolderAmount(uint256) should be declared external:
- Astronos.getHolderAmount(uint256) (#1205-1212)
totalHolders() should be declared external:
- Astronos.totalHolders() (#1213-1216)
totalHoldersAmount() should be declared external:
- Astronos.totalHoldersAmount() (#1217-1220)
addHolders(uint256[]) should be declared external:
- Astronos.addHolders(uint256[]) (#1221-1225)
addHoldersAmount(uint256[]) should be declared external:
- Astronos.addHoldersAmount(uint256[]) (#1226-1230)
removeAllHolders() should be declared external:
- Astronos.removeAllHolders() (#1233-1235)
removeAllHoldersAmount() should be declared external:
- Astronos.removeAllHoldersAmount() (#1236-1238)
mintHolders() should be declared external:
- Astronos.mintHolders() (#1239-1243)
mintHoldersAuto(IBEP20) should be declared external:
- Astronos.mintHoldersAuto(IBEP20) (#1244-1248)
mint(address,uint256) should be declared external:
- Space.mint(address,uint256) (#1254-1258)
burn(address,uint256) should be declared external:
- Space.burn(address,uint256) (#1260-1263)
safeDexTokenTransfer(address,uint256) should be declared external:
- Space.safeDexTokenTransfer(address,uint256) (#1276-1283)
updateDexTokenPerBlock(uint256) should be declared external:
- MasterChief.updateDexTokenPerBlock(uint256) (#1604-1606)
updateMultiplier(uint256) should be declared external:
- MasterChief.updateMultiplier(uint256) (#1608-1610)
mintDexToken(uint256) should be declared external:
- MasterChief.mintDexToken(uint256) (#1616-1618)
add(uint256,IBEP20,bool) should be declared external:
- MasterChief.add(uint256,IBEP20,bool) (#1622-1635)
set(uint256,uint256,bool) should be declared external:
- MasterChief.set(uint256,uint256,bool) (#1638-1648)
deposit(uint256,uint256) should be declared external:
- MasterChief.deposit(uint256,uint256) (#1714-1733)
withdraw(uint256,uint256) should be declared external:
- MasterChief.withdraw(uint256,uint256) (#1736-1754)
enterStaking(uint256) should be declared external:
- MasterChief.enterStaking(uint256) (#1757-1775)
leaveStaking(uint256) should be declared external:
- MasterChief.leaveStaking(uint256) (#1778-1795)
emergencyWithdraw(uint256) should be declared external:
- MasterChief.emergencyWithdraw(uint256) (#1798-1805)
dev(address) should be declared external:
- MasterChief.dev(address) (#1813-1816)
Use the external attribute for functions never called from the contract.
Additional information: link
Astronos.mintHoldersAuto(IBEP20) (#1244-1248) has external calls inside a loop: _mint(address(holders[i]),oldAstro.balanceOf(address(holders[i]))) (#1246)
MasterChief.updatePool(uint256) (#1695-1711) has external calls inside a loop: lpSupply = pool.lpToken.balanceOf(address(this)) (#1700)
MasterChief.updatePool(uint256) (#1695-1711) has external calls inside a loop: dexToken.mint(devaddr,dexTokenReward.div(10)) (#1707)
MasterChief.updatePool(uint256) (#1695-1711) has external calls inside a loop: dexToken.mint(address(rewardToken),dexTokenReward) (#1708)
Favor pull over push strategy for external calls.
Additional information: link
Contract ownership is semi-renounced (passed to a contract)
MasterChief.constructor(Astronos,Space,address,uint256,uint256)._devaddr (#1581) lacks a zero-check on :
- devaddr = _devaddr (#1587)
MasterChief.dev(address)._devaddr (#1813) lacks a zero-check on :
- devaddr = _devaddr (#1815)
Check that the address is not zero.
Additional information: link
Redundant expression "this (#565)" inContext (#555-568)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Token has relatively low CoinMarketCap rank
Unable to find Youtube account