BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in DividendPayingToken._withdrawDividendOfUser(address) (#814-841):
External calls:
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (#825-828)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (#831-833)
Reentrancy in BitBurnReflect.forceSwapAndSendDividends(uint256) (#1671-1681):
External calls:
- swapAndSendDividends(tokens) (#1677)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
External calls sending eth:
- swapAndSendDividends(tokens) (#1677)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
State variables written after the call(s):
- buyAmount = buyAmount.sub(fromBuy) (#1679)
- sellAmount = sellAmount.sub(fromSell) (#1680)
Reentrancy in BitBurnReflect._transfer(address,address,uint256) (#1439-1598):
External calls:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- swapAndSendDividends(remainingBalance) (#1551)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
External calls sending eth:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- swapAndSendDividends(remainingBalance) (#1551)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
State variables written after the call(s):
- super._transfer(from,DEAD,burntokens) (#1562)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#330-333)
- _balances[recipient] = _balances[recipient].add(amount) (#334)
- super._transfer(from,address(this),fees) (#1575)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#330-333)
- _balances[recipient] = _balances[recipient].add(amount) (#334)
- buyAmount = 0 (#1552)
- buyAmount = buyAmount.add(fees) (#1572)
- sellAmount = 0 (#1553)
- sellAmount = sellAmount.add(fees) (#1570)
- swapping = false (#1554)
Reentrancy in BitBurnReflect._transfer(address,address,uint256) (#1439-1598):
External calls:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- swapAndSendDividends(remainingBalance) (#1551)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
- dividendTracker.process(gas) (#1579-1592)
External calls sending eth:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- swapAndSendDividends(remainingBalance) (#1551)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
State variables written after the call(s):
- super._transfer(from,to,amount) (#1595)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (#330-333)
- _balances[recipient] = _balances[recipient].add(amount) (#334)
Reentrancy in BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218):
External calls:
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
- BitBurnReflectContract.transfer(account,received) (#2199)
External calls sending eth:
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
State variables written after the call(s):
- withdrawnDividends[account] = withdrawnDividends[account].sub(_withdrawableDividend) (#2208-2210)
Reentrancy in BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271):
External calls:
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (#2261-2263)
Apply the check-effects-interactions pattern.
Additional information: link
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) ignores return value by BitBurnReflectContract.transfer(account,received) (#2199)
BitBurnReflect.multiSend(address[],uint256[]) (#1744-1786) ignores return value by this.transferFrom(msg.sender,contributor,_balances[j]) (#1779)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Contract ownership is not renounced (belongs to a wallet)
BitBurnReflect.slitherConstructorVariables() (#925-1801) uses literals with too many digits:
- gasForProcessing = 300000 (#965)
BitBurnReflectDividendTracker.constructor(address,address,address,string,string) (#1847-1864) uses literals with too many digits:
- minimumTokenBalanceForAutoDividends = 100_000000000000000000 (#1858)
BitBurnReflect.multiSend(address[],uint256[]) (#1744-1786) uses literals with too many digits:
- require(bool,string)(contributor != address(0) && contributor != 0x000000000000000000000000000000000000dEaD,Cannot airdrop to a dead address) (#1773-1777)
BitBurnReflectDividendTracker.getAccountAtIndex(uint256) (#2014-2040) uses literals with too many digits:
- (0x0000000000000000000000000000000000000000,- 1,- 1,0,0,0) (#2027-2034)
BitBurnReflect.updateGasForProcessing(uint256) (#1258-1262) uses literals with too many digits:
- require(bool)(newValue >= 200000 && newValue <= 1000000) (#1259)
BitBurnReflect.slitherConstructorVariables() (#925-1801) uses literals with too many digits:
- DEAD = 0x000000000000000000000000000000000000dEaD (#931)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (#513) is never used in SafeMathInt (#511-553)
Remove unused state variables.
Additional information: link
BitBurnReflect.DEAD (#931) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
BitBurnReflectDividendTracker.constructor(address,address,address,string,string).token (#1850) lacks a zero-check on :
- defaultToken = token (#1856)
Ownable.constructor().msgSender (#482) lacks a zero-check on :
- _owner = msgSender (#483)
BitBurnReflectDividendTracker.updatePayoutToken(address).token (#2156) lacks a zero-check on :
- defaultToken = token (#2157)
Check that the address is not zero.
Additional information: link
Variable BitBurnReflectDividendTracker._withdrawDividendOfUser(address)._withdrawableDividend (#2225) is too similar to BitBurnReflectDividendTracker.getAccount(address).withdrawableDividends (#1980)
Variable BitBurnReflectDividendTracker._reinvestDividendOfUser(address)._withdrawableDividend (#2168) is too similar to BitBurnReflectDividendTracker.getAccount(address).withdrawableDividends (#1980)
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#571) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#572)
Variable DividendPayingToken._withdrawDividendOfUser(address)._withdrawableDividend (#819) is too similar to BitBurnReflectDividendTracker.getAccount(address).withdrawableDividends (#1980)
Prevent variables from having similar names.
Additional information: link
Low level call in BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742):
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
Low level call in DividendPayingToken._withdrawDividendOfUser(address) (#814-841):
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (#825-828)
Low level call in BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271):
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Variable BitBurnReflect.DEAD (#931) is not in mixedCase
Variable ERC20._totalSupply (#208) is not in mixedCase
Parameter BitBurnReflectDividendTracker.getAccount(address)._account (#1973) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#58) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#89) is not in mixedCase
Constant DividendPayingToken.magnitude (#778) is not in UPPER_CASE_WITH_UNDERSCORES
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#56) is not in mixedCase
Parameter BitBurnReflect.updateFees(uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256).RewardsSell (#1284) is not in mixedCase
Parameter BitBurnReflect.multiSend(address[],uint256[])._balances (#1746) is not in mixedCase
Parameter DividendPayingToken.dividendOf(address)._owner (#843) is not in mixedCase
Parameter BitBurnReflect.updateFees(uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256).RewardsBuy (#1283) is not in mixedCase
Parameter BitBurnReflect.multiSend(address[],uint256[])._contributors (#1745) is not in mixedCase
Parameter BitBurnReflect.setGasPriceLimit(uint256).GWEI (#1181) is not in mixedCase
Parameter DividendPayingToken.withdrawnDividendOf(address)._owner (#856) is not in mixedCase
Parameter DividendPayingToken.withdrawableDividendOf(address)._owner (#847) is not in mixedCase
Function IUniswapV2Router01.WETH() (#566) is not in mixedCase
Variable BitBurnReflectDividendTracker.BitBurnReflectContract (#1824) is not in mixedCase
Parameter DividendPayingToken.accumulativeDividendOf(address)._owner (#865) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#18)" inContext (#12-21)
Remove redundant statements if they congest code but offer no value.
Additional information: link
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) performs a multiplication on the result of a division:
-swapAmountBought = contractTokenBalance.mul(buyAmount).div(totalBuySell) (#1530-1532)
-swapBuyTokens = swapAmountBought.mul(liquidityFee).div(totalBuyFees) (#1537-1539)
BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742) performs a multiplication on the result of a division:
-dividendsFromBuy = address(this).balance.mul(buyAmount).div(totalAmount).mul(buyRewardsFee).div(buyRewardsFee + buyMarketingFees + buyDevFee) (#1699-1704)
BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742) performs a multiplication on the result of a division:
-feePortions = address(this).balance.div(_completeFees) (#1725)
-devPayout = buyDevFee.add(sellDevFee) * feePortions (#1728)
BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742) performs a multiplication on the result of a division:
-feePortions = address(this).balance.div(_completeFees) (#1725)
-marketingPayout = buyMarketingFees.add(sellMarketingFees) * feePortions (#1727)
BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742) performs a multiplication on the result of a division:
-dividendsFromSell = address(this).balance.mul(sellAmount).div(totalAmount).mul(sellRewardsFee).div(sellRewardsFee + sellMarketingFees + sellDevFee) (#1707-1712)
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) performs a multiplication on the result of a division:
-swapAmountSold = contractTokenBalance.mul(sellAmount).div(totalBuySell) (#1533-1535)
-swapSellTokens = swapAmountSold.mul(liquidityFee).div(totalSellFees) (#1541-1543)
Consider ordering multiplication before division.
Additional information: link
Reentrancy in BitBurnReflect.transferAdmin(address) (#1264-1268):
External calls:
- dividendTracker.excludeFromDividends(newOwner) (#1265)
State variables written after the call(s):
- transferOwnership(newOwner) (#1267)
- _owner = newOwner (#507)
Apply the check-effects-interactions pattern.
Additional information: link
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) uses tx.origin for authorization: require(bool,string)(_holderLastTransferBlock[tx.origin] != block.number,Too many TX in block) (#1509)
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) uses tx.origin for authorization: require(bool,string)(block.timestamp >= _holderLastTransferTimestamp[tx.origin] + cooldowntimer,cooldown period active) (#1493-1494)
Do not use tx.origin for authorization.
Additional information: link
BitBurnReflect.swapAndSendDividends(uint256).dividendsFromSell (#1696) is a local variable never initialized
BitBurnReflectDividendTracker._reinvestDividendOfUser(address).success (#2170) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).devFees (#1450) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).claims (#1581) is a local variable never initialized
BitBurnReflect.multiSend(address[],uint256[]).j (#1771) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).deadFees (#1447) is a local variable never initialized
BitBurnReflect.swapAndSendDividends(uint256).dividendsFromBuy (#1695) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).RewardsFee (#1446) is a local variable never initialized
BitBurnReflectDividendTracker._withdrawDividendOfUser(address).success (#2232) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).marketingFees (#1448) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).iterations (#1580) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).lastProcessedIndex (#1582) is a local variable never initialized
BitBurnReflect.swapAndSendDividends(uint256).feePortions (#1723) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).liquidityFee (#1449) is a local variable never initialized
BitBurnReflect._transfer(address,address,uint256).burntokens (#1558) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
BitBurnReflect.addLiquidity(uint256,uint256) (#1656-1669) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) ignores return value by dividendTracker.process(gas) (#1579-1592)
BitBurnReflect.claim() (#1403-1405) ignores return value by dividendTracker.processAccount(address(msg.sender),false) (#1404)
BitBurnReflect.constructor() (#1052-1117) ignores return value by dividendTracker.excludedFromDividends(address(0)) (#1099)
Ensure that all the return values of the function calls are used.
Additional information: link
DividendPayingToken.constructor(string,string)._name (#787) shadows:
- ERC20._name (#210) (state variable)
BitBurnReflectDividendTracker.constructor(address,address,address,string,string)._name (#1851) shadows:
- ERC20._name (#210) (state variable)
BitBurnReflect.multiSend(address[],uint256[])._balances (#1746) shadows:
- ERC20._balances (#204) (state variable)
DividendPayingToken.constructor(string,string)._symbol (#787) shadows:
- ERC20._symbol (#211) (state variable)
Rename the local variables that shadow another component.
Additional information: link
BitBurnReflect.setGasPriceLimit(uint256) (#1181-1184) should emit an event for:
- gasPriceLimit = GWEI * 1000000000 (#1183)
BitBurnReflect.setSwapTriggerAmount(uint256) (#1223-1225) should emit an event for:
- swapTokensAtAmount = amount * (10 ** 18) (#1224)
BitBurnReflect.setcooldowntimer(uint256) (#1187-1190) should emit an event for:
- cooldowntimer = value (#1189)
BitBurnReflect.forceSwapAndSendDividends(uint256) (#1671-1681) should emit an event for:
- buyAmount = buyAmount.sub(fromBuy) (#1679)
- sellAmount = sellAmount.sub(fromSell) (#1680)
BitBurnReflect.setmaxWallet(uint256) (#1193-1197) should emit an event for:
- maxWallet = value (#1196)
Emit an event for critical parameter changes.
Additional information: link
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) has external calls inside a loop: BitBurnReflectContract.transfer(account,received) (#2199)
BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271) has external calls inside a loop: path[0] = uniswapV2Router.WETH() (#2241)
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) has external calls inside a loop: received = BitBurnReflectContract.balanceOf(address(this)).sub(prevBalance) (#2194-2196)
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) has external calls inside a loop: path[0] = uniswapV2Router.WETH() (#2177)
BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271) has external calls inside a loop: uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
BitBurnReflect.airdropToWallets(address[],uint256[]) (#1788-1800) has external calls inside a loop: dividendTracker.setBalance(address(wallet),balanceOf(wallet)) (#1798)
BitBurnReflect.multiSend(address[],uint256[]) (#1744-1786) has external calls inside a loop: this.transferFrom(msg.sender,contributor,_balances[j]) (#1779)
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) has external calls inside a loop: uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271) has external calls inside a loop: (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
BitBurnReflectDividendTracker._reinvestDividendOfUser(address) (#2164-2218) has external calls inside a loop: prevBalance = BitBurnReflectContract.balanceOf(address(this)) (#2180)
Favor pull over push strategy for external calls.
Additional information: link
Variable 'BitBurnReflect._transfer(address,address,uint256).lastProcessedIndex (#1582)' in BitBurnReflect._transfer(address,address,uint256) (#1439-1598) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1584-1591)
Variable 'BitBurnReflect._transfer(address,address,uint256).claims (#1581)' in BitBurnReflect._transfer(address,address,uint256) (#1439-1598) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1584-1591)
Variable 'BitBurnReflect._transfer(address,address,uint256).iterations (#1580)' in BitBurnReflect._transfer(address,address,uint256) (#1439-1598) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1584-1591)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in BitBurnReflect._transfer(address,address,uint256) (#1439-1598):
External calls:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- swapAndSendDividends(remainingBalance) (#1551)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
External calls sending eth:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- swapAndSendDividends(remainingBalance) (#1551)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
State variables written after the call(s):
- swapAndSendDividends(remainingBalance) (#1551)
- _allowances[owner][spender] = amount (#369)
- _totalSupply = _totalSupply.sub(burntokens) (#1563)
Reentrancy in BitBurnReflect.swapAndLiquify(uint256) (#1609-1617):
External calls:
- swapTokensForEth(half) (#1613)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- addLiquidity(otherHalf,newBalance) (#1615)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#1615)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (#1615)
- _allowances[owner][spender] = amount (#369)
Reentrancy in BitBurnReflectDividendTracker.processAccount(address,bool) (#2120-2150):
External calls:
- amount = _reinvestDividendOfUser(account) (#2135-2137)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
- BitBurnReflectContract.transfer(account,received) (#2199)
- amount = _withdrawDividendOfUser(account) (#2135-2137)
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
External calls sending eth:
- amount = _reinvestDividendOfUser(account) (#2135-2137)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
- amount = _withdrawDividendOfUser(account) (#2135-2137)
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (#2140)
Reentrancy in BitBurnReflect.transferAdmin(address) (#1264-1268):
External calls:
- dividendTracker.excludeFromDividends(newOwner) (#1265)
State variables written after the call(s):
- _isExcludedFromFees[newOwner] = true (#1266)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in BitBurnReflect.transferAdmin(address) (#1264-1268):
External calls:
- dividendTracker.excludeFromDividends(newOwner) (#1265)
Event emitted after the call(s):
- OwnershipTransferred(_owner,newOwner) (#506)
- transferOwnership(newOwner) (#1267)
Reentrancy in BitBurnReflect.setPresaleWallet(address) (#1143-1148):
External calls:
- dividendTracker.excludeFromDividends(wallet) (#1146)
Event emitted after the call(s):
- SetPreSaleWallet(wallet) (#1147)
Reentrancy in BitBurnReflect.multiSend(address[],uint256[]) (#1744-1786):
External calls:
- this.transferFrom(msg.sender,contributor,_balances[j]) (#1779)
Event emitted after the call(s):
- Airdrop(contributor,_balances[j]) (#1784)
Reentrancy in BitBurnReflect._transfer(address,address,uint256) (#1439-1598):
External calls:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- swapAndSendDividends(remainingBalance) (#1551)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
External calls sending eth:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- swapAndSendDividends(remainingBalance) (#1551)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#370)
- swapAndSendDividends(remainingBalance) (#1551)
- SendDividends(dividends,marketingPayout + devPayout,success && successOp1 && successOp2) (#1737-1741)
- swapAndSendDividends(remainingBalance) (#1551)
- Transfer(sender,recipient,amount) (#335)
- super._transfer(from,address(this),fees) (#1575)
- Transfer(sender,recipient,amount) (#335)
- super._transfer(from,DEAD,burntokens) (#1562)
Reentrancy in BitBurnReflect.swapAndSendDividends(uint256) (#1683-1742):
External calls:
- swapTokensForEth(tokens) (#1687)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
External calls sending eth:
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
Event emitted after the call(s):
- SendDividends(dividends,marketingPayout + devPayout,success && successOp1 && successOp2) (#1737-1741)
Reentrancy in BitBurnReflect._setAutomatedMarketMakerPair(address,bool) (#1248-1256):
External calls:
- dividendTracker.excludeFromDividends(pair) (#1252)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (#1255)
Reentrancy in BitBurnReflectDividendTracker._withdrawDividendOfUser(address) (#2220-2271):
External calls:
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
Event emitted after the call(s):
- DividendWithdrawn(user,_withdrawableDividend) (#2266)
Reentrancy in BitBurnReflect._transfer(address,address,uint256) (#1439-1598):
External calls:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- swapAndSendDividends(remainingBalance) (#1551)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
- dividendTracker.process(gas) (#1579-1592)
External calls sending eth:
- swapAndLiquify(swapTokens) (#1547)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
- swapAndSendDividends(remainingBalance) (#1551)
- (success,None) = address(dividendTracker).call{value: dividends}() (#1717)
- (successOp1,None) = address(marketingWallet).call{value: marketingPayout}() (#1731)
- (successOp2,None) = address(devWallet).call{value: devPayout}() (#1734)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#1584-1591)
- Transfer(sender,recipient,amount) (#335)
- super._transfer(from,to,amount) (#1595)
Reentrancy in BitBurnReflect.stake(uint256) (#1206-1220):
External calls:
- dividendTracker.setBalance(_msgSender(),getStakingBalance(_msgSender())) (#1215-1218)
Event emitted after the call(s):
- EnableAccountStaking(_msgSender(),duration) (#1219)
Reentrancy in BitBurnReflectDividendTracker.processAccount(address,bool) (#2120-2150):
External calls:
- amount = _reinvestDividendOfUser(account) (#2135-2137)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
- BitBurnReflectContract.transfer(account,received) (#2199)
- amount = _withdrawDividendOfUser(account) (#2135-2137)
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
External calls sending eth:
- amount = _reinvestDividendOfUser(account) (#2135-2137)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,address(this),block.timestamp) (#2183-2205)
- amount = _withdrawDividendOfUser(account) (#2135-2137)
- (success,None) = user.call{gas: 3000,value: _withdrawableDividend}() (#2235-2238)
- uniswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: _withdrawableDividend}(0,path,user,block.timestamp) (#2243-2257)
Event emitted after the call(s):
- Claim(account,amount,automatic) (#2144)
- DividendReinvested(account,amount,automatic) (#2142)
Reentrancy in BitBurnReflect.processDividendTracker(uint256) (#1387-1401):
External calls:
- (iterations,claims,lastProcessedIndex) = dividendTracker.process(gas) (#1388-1392)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,false,gas,tx.origin) (#1393-1400)
Reentrancy in BitBurnReflect.updatePayoutToken(address) (#1633-1636):
External calls:
- dividendTracker.updatePayoutToken(token) (#1634)
Event emitted after the call(s):
- UpdatePayoutToken(token) (#1635)
Reentrancy in BitBurnReflect.swapAndLiquify(uint256) (#1609-1617):
External calls:
- swapTokensForEth(half) (#1613)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#1624-1630)
- addLiquidity(otherHalf,newBalance) (#1615)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#1615)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#1661-1668)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#370)
- addLiquidity(otherHalf,newBalance) (#1615)
- SwapAndLiquify(half,newBalance,otherHalf) (#1616)
Apply the check-effects-interactions pattern.
Additional information: link
BitBurnReflect.stake(uint256) (#1206-1220) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(stakingUntilDate[_msgSender()] < block.timestamp.add(duration),already staked for a longer duration) (#1209-1212)
BitBurnReflect._transfer(address,address,uint256) (#1439-1598) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(stakingUntilDate[from] <= block.timestamp,Tokens are staked and locked!) (#1475-1478)
- stakingUntilDate[from] != 0 (#1479)
- require(bool,string)(block.timestamp >= _holderLastTransferTimestamp[tx.origin] + cooldowntimer,cooldown period active) (#1493-1494)
Avoid relying on block.timestamp.
Additional information: link
SafeMathInt.div(int256,int256) (#524-530) is never used and should be removed
SafeMathInt.abs(int256) (#544-547) is never used and should be removed
SafeMathInt.mul(int256,int256) (#515-522) is never used and should be removed
IterableMapping.get(IterableMapping.Map,address) (#2283-2285) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#463-470) is never used and should be removed
Context._msgData() (#17-20) is never used and should be removed
SafeMath.mod(uint256,uint256) (#459-461) is never used and should be removed
DividendPayingToken._transfer(address,address,uint256) (#879-894) is never used and should be removed
DividendPayingToken._withdrawDividendOfUser(address) (#814-841) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.15 (#10) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.15 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
getPayoutToken() should be declared external:
- BitBurnReflectDividendTracker.getPayoutToken() (#2160-2162)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#274-289)
updateTransferFee(uint256) should be declared external:
- BitBurnReflect.updateTransferFee(uint256) (#1270-1274)
updateUniswapV2Router(address) should be declared external:
- BitBurnReflectDividendTracker.updateUniswapV2Router(address) (#2152-2154)
updateGasForProcessing(uint256) should be declared external:
- BitBurnReflect.updateGasForProcessing(uint256) (#1258-1262)
process(uint256) should be declared external:
- BitBurnReflectDividendTracker.process(uint256) (#2066-2118)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#496-499)
setMinimumTokenBalanceForDividends(uint256) should be declared external:
- BitBurnReflect.setMinimumTokenBalanceForDividends(uint256) (#1649-1654)
transferAdmin(address) should be declared external:
- BitBurnReflect.transferAdmin(address) (#1264-1268)
isExcludedFromFees(address) should be declared external:
- BitBurnReflect.isExcludedFromFees(address) (#1337-1339)
updatePayoutToken(address) should be declared external:
- BitBurnReflect.updatePayoutToken(address) (#1633-1636)
setExcludeFees(address,bool) should be declared external:
- BitBurnReflect.setExcludeFees(address,bool) (#1151-1154)
setAllowCustomTokens(bool) should be declared external:
- BitBurnReflect.setAllowCustomTokens(bool) (#1240-1242)
dividendOf(address) should be declared external:
- DividendPayingToken.dividendOf(address) (#843-845)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#304-318)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#244-252)
getAccountAtIndex(uint256) should be declared external:
- BitBurnReflectDividendTracker.getAccountAtIndex(uint256) (#2014-2040)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#291-302)
updateStakingAmounts(uint256,uint256) should be declared external:
- BitBurnReflect.updateStakingAmounts(uint256,uint256) (#1125-1133)
name() should be declared external:
- BitBurnReflectDividendTracker.name() (#1870-1872)
- ERC20.name() (#218-220)
decimals() should be declared external:
- BitBurnReflect.decimals() (#1119-1121)
- BitBurnReflectDividendTracker.decimals() (#1866-1868)
- ERC20.decimals() (#226-228)
dividendTokenBalanceOf(address) should be declared external:
- BitBurnReflect.dividendTokenBalanceOf(address) (#1349-1355)
enableStaking(bool) should be declared external:
- BitBurnReflect.enableStaking(bool) (#1200-1204)
setAutomatedMarketMakerPair(address,bool) should be declared external:
- BitBurnReflect.setAutomatedMarketMakerPair(address,bool) (#1233-1238)
multiSend(address[],uint256[]) should be declared external:
- BitBurnReflect.multiSend(address[],uint256[]) (#1744-1786)
setSwapTriggerAmount(uint256) should be declared external:
- BitBurnReflect.setSwapTriggerAmount(uint256) (#1223-1225)
setMinimumTokenBalanceForAutoDividends(uint256) should be declared external:
- BitBurnReflect.setMinimumTokenBalanceForAutoDividends(uint256) (#1642-1647)
withdrawDividend() should be declared external:
- BitBurnReflectDividendTracker.withdrawDividend() (#1886-1891)
- DividendPayingToken.withdrawDividend() (#810-812)
updateFees(uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256) should be declared external:
- BitBurnReflect.updateFees(uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256) (#1276-1323)
updatePayoutToken(address) should be declared external:
- BitBurnReflectDividendTracker.updatePayoutToken(address) (#2156-2158)
setAllowAutoReinvest(bool) should be declared external:
- BitBurnReflect.setAllowAutoReinvest(bool) (#1244-1246)
setExcludeDividends(address) should be declared external:
- BitBurnReflect.setExcludeDividends(address) (#1157-1159)
enableSwapAndLiquify(bool) should be declared external:
- BitBurnReflect.enableSwapAndLiquify(bool) (#1227-1231)
getPayoutToken() should be declared external:
- BitBurnReflect.getPayoutToken() (#1638-1640)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#264-272)
stake(uint256) should be declared external:
- BitBurnReflect.stake(uint256) (#1206-1220)
withdrawnDividendOf(address) should be declared external:
- DividendPayingToken.withdrawnDividendOf(address) (#856-863)
symbol() should be declared external:
- BitBurnReflectDividendTracker.symbol() (#1874-1876)
- ERC20.symbol() (#222-224)
withdrawableDividendOf(address) should be declared external:
- BitBurnReflect.withdrawableDividendOf(address) (#1341-1347)
setIncludeDividends(address) should be declared external:
- BitBurnReflect.setIncludeDividends(address) (#1162-1165)
Use the external attribute for functions never called from the contract.
Additional information: link
Not a direct threat, but may indicate unreliable intentions of developer. Widespread names (e.g. Elon, King, Moon, Doge) are common among meme-tokens and scams. The allow to gain free hype and attract unexperienced investors.
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts