We are delighted to be the first project which adopts the fully automated multi rewarding mechanisms, such as BTC daily rewarding model, the $BME rewarding model, and our BitcoCycle model, the seasonal investment program to reward our community.
BME.addLiquidity(uint256,uint256) (BME Contract.sol#464-479) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in BME._transfer(address,address,uint256) (BME Contract.sol#271-385):
External calls:
- swapAndLiquify(swapTokens) (BME Contract.sol#319)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#435-441)
- SWandSendBTCd(BTCTokens,BMETokens) (BME Contract.sol#332)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
- IERC20(BTC).transfer(address(dBTCTracker),swapedBTCtokens) (BME Contract.sol#487)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#435-441)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#455-461)
- dBTCTracker.distributeDividends(swapedBTCtokens,BMEtokens) (BME Contract.sol#490)
- dBTCTracker.setBalance(address(from),balanceOf(from)) (BME Contract.sol#376)
- dBTCTracker.setBalance(address(to),balanceOf(to)) (BME Contract.sol#377)
- dBTCTracker.process(gas) (BME Contract.sol#382-383)
- swapAndLiquify(Fees) (BME Contract.sol#368)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#435-441)
External calls sending eth:
- swapAndLiquify(swapTokens) (BME Contract.sol#319)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
- SWandSendBTCd(BTCTokens,BMETokens) (BME Contract.sol#332)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
- swapAndLiquify(Fees) (BME Contract.sol#368)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
State variables written after the call(s):
- super._transfer(from,to,amount) (BME Contract.sol#374)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (ERC20.sol#221)
- _balances[recipient] = _balances[recipient].add(amount) (ERC20.sol#222)
Apply the check-effects-interactions pattern.
Additional information: link
BME.SWandSendBTCd(uint256,uint256) (BME Contract.sol#481-493) ignores return value by IERC20(BTC).transfer(address(dBTCTracker),swapedBTCtokens) (BME Contract.sol#487)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
ERC20._totalSupply (ERC20.sol#41) is never initialized. It is used in:
- ERC20.totalSupply() (ERC20.sol#95-97)
- ERC20._mint(address,uint256) (ERC20.sol#235-243)
- ERC20._burn(address,uint256) (ERC20.sol#256-264)
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
BME._transfer(address,address,uint256).lastProcessedIndex (BME Contract.sol#382) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
BME.addLiquidity(uint256,uint256) (BME Contract.sol#464-479) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
Ensure that all the return values of the function calls are used.
Additional information: link
Reentrancy in BBTracking.processAccount(address,bool) (BME Contract.sol#694-713):
External calls:
- _withdrawDividendOfUserBME(account) (BME Contract.sol#706)
- successBME = IERC20(BME).transfer(user,_withdrawableDividendBME) (DividendPayingToken.sol#88)
State variables written after the call(s):
- lastClaimBME[account] = block.timestamp (BME Contract.sol#707)
Apply the check-effects-interactions pattern.
Additional information: link
DividendPayingToken.accumulativeDividendOfBME(address)._owner (DividendPayingToken.sol#133) shadows:
- Ownable._owner (Ownable.sol#8) (state variable)
Rename the local variables that shadow another component.
Additional information: link
DividendPayingToken.setBMEadd(address).newaddress (DividendPayingToken.sol#117) lacks a zero-check on :
- BME = address(newaddress) (DividendPayingToken.sol#118)
Check that the address is not zero.
Additional information: link
Variable 'BME._transfer(address,address,uint256).claims (BME Contract.sol#382)' in BME._transfer(address,address,uint256) (BME Contract.sol#271-385) potentially used before declaration: ProcessedBTCDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (BME Contract.sol#383)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in BME.swapAndLiquify(uint256) (BME Contract.sol#387-409):
External calls:
- SwapTFETH(half) (BME Contract.sol#400)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#435-441)
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- _allowances[owner][spender] = amount (ERC20.sol#287)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in BME.swapAndLiquify(uint256) (BME Contract.sol#387-409):
External calls:
- SwapTFETH(half) (BME Contract.sol#400)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (BME Contract.sol#435-441)
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,Lwallet,block.timestamp) (BME Contract.sol#470-477)
Event emitted after the call(s):
- Approval(owner,spender,amount) (ERC20.sol#288)
- addLiquidity(otherHalf,newBalance) (BME Contract.sol#406)
- SwapAndLiquify(half,newBalance,otherHalf) (BME Contract.sol#408)
Apply the check-effects-interactions pattern.
Additional information: link
BBTracking.processAccount(address,bool) (BME Contract.sol#694-713) uses timestamp for comparisons
Dangerous comparisons:
- BTCamount > 0 && lastClaimBTC[account].add(claimWaitBTC) <= block.timestamp (BME Contract.sol#698)
- BMEamount > 0 && lastClaimBME[account].add(claimWaitBME) <= block.timestamp (BME Contract.sol#705)
Avoid relying on block.timestamp.
Additional information: link
SafeMathInt.mul(int256,int256) (SafeMathInt.sol#41-48) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.6.2 (SafeMathUint.sol#3) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function IUniswapV2Router01.WETH() (IUniswapV2Router.sol#7) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (Context.sol#21)" inContext (Context.sol#15-24)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (IUniswapV2Router.sol#12) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (IUniswapV2Router.sol#13)
Prevent variables from having similar names.
Additional information: link
BBTracking.constructor() (BME Contract.sol#516-523) uses literals with too many digits:
- minimumTokenBalanceForBTC = 37500000 * (10 ** 18) (BME Contract.sol#521)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (SafeMathInt.sol#36) is never used in SafeMathInt (SafeMathInt.sol#34-92)
Remove unused state variables.
Additional information: link
DividendPayingToken.BTC (DividendPayingToken.sol#19) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (Ownable.sol#52-56)
Use the external attribute for functions never called from the contract.
Additional information: link
BscScan page for the token does not contain additional info: website, socials, description, etc.
Additional information: link
Unable to verify token contract address on the website
Unable to find code repository for the project
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Token has relatively low CoinMarketCap rank
Twitter account link seems to be invalid
Unable to find Youtube account
Unable to find Discord account