Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
BonusKing.addLiquidity(uint256,uint256) (king.sol#446-461) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
BonusKing.swapAndSendDividends(uint256) (king.sol#463-476) sends eth to arbitrary user
Dangerous calls:
- _projectAddress.transfer(h8) (king.sol#469)
BonusKing.sendLuckBonus() (king.sol#478-493) sends eth to arbitrary user
Dangerous calls:
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
State variables written after the call(s):
- swapping = false (king.sol#352)
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
State variables written after the call(s):
- super._transfer(from,address(this),fees) (king.sol#381)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (ERC20.sol#221)
- _balances[recipient] = _balances[recipient].add(amount) (ERC20.sol#222)
- super._transfer(from,to,amount) (king.sol#384)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (ERC20.sol#221)
- _balances[recipient] = _balances[recipient].add(amount) (ERC20.sol#222)
Reentrancy in DividendPayingToken._withdrawDividendOfUser(address) (DividendPayingToken.sol#76-92):
External calls:
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (DividendPayingToken.sol#81)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (DividendPayingToken.sol#84)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Reentrancy in BonusKing.updateDividendTracker(address) (king.sol#135-150):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (king.sol#142)
- newDividendTracker.excludeFromDividends(address(this)) (king.sol#143)
- newDividendTracker.excludeFromDividends(owner()) (king.sol#144)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (king.sol#145)
State variables written after the call(s):
- dividendTracker = newDividendTracker (king.sol#149)
Apply the check-effects-interactions pattern.
Additional information: link
BonusKing._transfer(address,address,uint256).iterations (king.sol#394) is a local variable never initialized
BonusKing._transfer(address,address,uint256).claims (king.sol#395) is a local variable never initialized
BonusKing._transfer(address,address,uint256).lastProcessedIndex (king.sol#396) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
BonusKing.claim() (king.sol#303-305) ignores return value by dividendTracker.processAccount(msg.sender,false) (king.sol#304)
BonusKing._transfer(address,address,uint256) (king.sol#320-401) ignores return value by dividendTracker.process(gas) (king.sol#394-398)
BonusKing.addLiquidity(uint256,uint256) (king.sol#446-461) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
Ensure that all the return values of the function calls are used.
Additional information: link
DividendPayingToken.constructor(string,string)._name (DividendPayingToken.sol#47) shadows:
- ERC20._name (ERC20.sol#43) (state variable)
DividendPayingToken.constructor(string,string)._symbol (DividendPayingToken.sol#47) shadows:
- ERC20._symbol (ERC20.sol#44) (state variable)
DividendPayingToken.dividendOf(address)._owner (DividendPayingToken.sol#98) shadows:
- Ownable._owner (Ownable.sol#8) (state variable)
DividendPayingToken.withdrawableDividendOf(address)._owner (DividendPayingToken.sol#105) shadows:
- Ownable._owner (Ownable.sol#8) (state variable)
DividendPayingToken.withdrawnDividendOf(address)._owner (DividendPayingToken.sol#112) shadows:
- Ownable._owner (Ownable.sol#8) (state variable)
DividendPayingToken.accumulativeDividendOf(address)._owner (DividendPayingToken.sol#122) shadows:
- Ownable._owner (Ownable.sol#8) (state variable)
Rename the local variables that shadow another component.
Additional information: link
BonusKing.updateL(uint256) (king.sol#211-213) should emit an event for:
- luckTokensAtAmount = l (king.sol#212)
BonusKing.updateS(uint256) (king.sol#215-217) should emit an event for:
- swapTokensAtAmount = s (king.sol#216)
BonusKing.updateLUCKHODL(uint256) (king.sol#219-221) should emit an event for:
- minLuckHold = LUCKHODL (king.sol#220)
BonusKing.updateSellFees(uint256) (king.sol#223-225) should emit an event for:
- _fees = sellFees (king.sol#224)
BonusKing.updateBuyFees(uint256) (king.sol#227-229) should emit an event for:
- _buyFees = buyFees (king.sol#228)
BonusKing.updateCAKEReward(uint256) (king.sol#231-233) should emit an event for:
- _BNBReward = CAKEReward (king.sol#232)
BonusKing.updateMaxWalletTokenPerThousand(uint256) (king.sol#235-238) should emit an event for:
- _maxWalletTokenPerThousand = perThousand (king.sol#236)
- _maxWalletToken = maxSupply.mul(_maxWalletTokenPerThousand).div(1000) (king.sol#237)
BonusKing.updateProject(uint256) (king.sol#240-242) should emit an event for:
- _project = project (king.sol#241)
BonusKing.updateLiquidity(uint256) (king.sol#244-246) should emit an event for:
- _liquidity = liquidity (king.sol#245)
Emit an event for critical parameter changes.
Additional information: link
BonusKing.setAddress(address).projectAddress (king.sol#248) lacks a zero-check on :
- _projectAddress = projectAddress (king.sol#249)
Check that the address is not zero.
Additional information: link
DividendPayingToken._withdrawDividendOfUser(address) (DividendPayingToken.sol#76-92) has external calls inside a loop: (success) = user.call{gas: 3000,value: _withdrawableDividend}() (DividendPayingToken.sol#81)
Favor pull over push strategy for external calls.
Additional information: link
Variable 'BonusKing._transfer(address,address,uint256).iterations (king.sol#394)' in BonusKing._transfer(address,address,uint256) (king.sol#320-401) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (king.sol#397)
Variable 'BonusKing._transfer(address,address,uint256).lastProcessedIndex (king.sol#396)' in BonusKing._transfer(address,address,uint256) (king.sol#320-401) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (king.sol#397)
Variable 'BonusKing._transfer(address,address,uint256).claims (king.sol#395)' in BonusKing._transfer(address,address,uint256) (king.sol#320-401) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (king.sol#397)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
State variables written after the call(s):
- swapAndSendDividends(sellTokens) (king.sol#349)
- _allowances[owner][spender] = amount (ERC20.sol#287)
Reentrancy in BonusKing.constructor() (king.sol#105-130):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (king.sol#110-111)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (king.sol#114)
- uniswapV2Router = _uniswapV2Router (king.sol#113)
Reentrancy in BonusKing.constructor() (king.sol#105-130):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (king.sol#110-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (king.sol#116)
- dividendTracker.excludeFromDividends(pair) (king.sol#187)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (king.sol#119)
- dividendTracker.excludeFromDividends(address(this)) (king.sol#120)
- dividendTracker.excludeFromDividends(owner()) (king.sol#121)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (king.sol#122)
State variables written after the call(s):
- _mint(owner(),maxSupply) (king.sol#129)
- _balances[account] = _balances[account].add(amount) (ERC20.sol#241)
- excludeFromFees(liquidityWallet,true) (king.sol#125)
- _isExcludedFromFees[account] = excluded (king.sol#160)
- excludeFromFees(address(this),true) (king.sol#126)
- _isExcludedFromFees[account] = excluded (king.sol#160)
- excludeFromFees(owner(),true) (king.sol#127)
- _isExcludedFromFees[account] = excluded (king.sol#160)
- _mint(owner(),maxSupply) (king.sol#129)
- _totalSupply = _totalSupply.add(amount) (ERC20.sol#240)
Reentrancy in BonusKingDividendTracker.processAccount(address,bool) (king.sol#703-713):
External calls:
- amount = _withdrawDividendOfUser(account) (king.sol#704)
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (DividendPayingToken.sol#81)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (king.sol#707)
Reentrancy in BonusKing.sendLuckBonus() (king.sol#478-493):
External calls:
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
State variables written after the call(s):
- luckRecord[id].addr = luckAddress (king.sol#486)
- luckRecord[id].amount = luckAmount (king.sol#487)
- nextLuckId ++ (king.sol#488)
Reentrancy in BonusKing.swapAndLiquify(uint256) (king.sol#403-424):
External calls:
- swapTokensForEth(half) (king.sol#415)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- _allowances[owner][spender] = amount (ERC20.sol#287)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in BonusKing._setAutomatedMarketMakerPair(address,bool) (king.sol#182-191):
External calls:
- dividendTracker.excludeFromDividends(pair) (king.sol#187)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (king.sol#190)
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
Event emitted after the call(s):
- Approval(owner,spender,amount) (ERC20.sol#288)
- swapAndSendDividends(sellTokens) (king.sol#349)
- SendDividends(tokens,newBalance) (king.sol#474)
- swapAndSendDividends(sellTokens) (king.sol#349)
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
Event emitted after the call(s):
- SendLuck(luckAddress,luckAmount) (king.sol#489)
- sendLuckBonus() (king.sol#356)
- Transfer(sender,recipient,amount) (ERC20.sol#223)
- super._transfer(from,address(this),fees) (king.sol#381)
- Transfer(sender,recipient,amount) (ERC20.sol#223)
- super._transfer(from,to,amount) (king.sol#384)
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- swapAndSendDividends(sellTokens) (king.sol#349)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
- dividendTracker.setBalance(address(from),balanceOf(from)) (king.sol#388)
- dividendTracker.setBalance(address(to),balanceOf(to)) (king.sol#389)
- dividendTracker.process(gas) (king.sol#394-398)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (king.sol#397)
Reentrancy in BonusKing.constructor() (king.sol#105-130):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (king.sol#110-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (king.sol#116)
- dividendTracker.excludeFromDividends(pair) (king.sol#187)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (king.sol#190)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (king.sol#116)
Reentrancy in BonusKing.constructor() (king.sol#105-130):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (king.sol#110-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (king.sol#116)
- dividendTracker.excludeFromDividends(pair) (king.sol#187)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (king.sol#119)
- dividendTracker.excludeFromDividends(address(this)) (king.sol#120)
- dividendTracker.excludeFromDividends(owner()) (king.sol#121)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (king.sol#122)
Event emitted after the call(s):
- ExcludeFromFees(account,excluded) (king.sol#162)
- excludeFromFees(owner(),true) (king.sol#127)
- ExcludeFromFees(account,excluded) (king.sol#162)
- excludeFromFees(address(this),true) (king.sol#126)
- ExcludeFromFees(account,excluded) (king.sol#162)
- excludeFromFees(liquidityWallet,true) (king.sol#125)
- Transfer(address(0),account,amount) (ERC20.sol#242)
- _mint(owner(),maxSupply) (king.sol#129)
Reentrancy in BonusKingDividendTracker.processAccount(address,bool) (king.sol#703-713):
External calls:
- amount = _withdrawDividendOfUser(account) (king.sol#704)
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (DividendPayingToken.sol#81)
Event emitted after the call(s):
- Claim(account,amount,automatic) (king.sol#708)
Reentrancy in BonusKing.processDividendTracker(uint256) (king.sol#298-301):
External calls:
- (iterations,claims,lastProcessedIndex) = dividendTracker.process(gas) (king.sol#299)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,false,gas,tx.origin) (king.sol#300)
Reentrancy in BonusKing.sendLuckBonus() (king.sol#478-493):
External calls:
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
Event emitted after the call(s):
- SendLuck(luckAddress,luckAmount) (king.sol#489)
Reentrancy in BonusKing.swapAndLiquify(uint256) (king.sol#403-424):
External calls:
- swapTokensForEth(half) (king.sol#415)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
Event emitted after the call(s):
- Approval(owner,spender,amount) (ERC20.sol#288)
- addLiquidity(otherHalf,newBalance) (king.sol#421)
- SwapAndLiquify(half,newBalance,otherHalf) (king.sol#423)
Reentrancy in BonusKing.swapAndSendDividends(uint256) (king.sol#463-476):
External calls:
- swapTokensForEth(tokens) (king.sol#465)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (king.sol#436-442)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
External calls sending eth:
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
Event emitted after the call(s):
- SendDividends(tokens,newBalance) (king.sol#474)
Reentrancy in BonusKing.updateDividendTracker(address) (king.sol#135-150):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (king.sol#142)
- newDividendTracker.excludeFromDividends(address(this)) (king.sol#143)
- newDividendTracker.excludeFromDividends(owner()) (king.sol#144)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (king.sol#145)
Event emitted after the call(s):
- UpdateDividendTracker(newAddress,address(dividendTracker)) (king.sol#147)
Apply the check-effects-interactions pattern.
Additional information: link
BonusKingDividendTracker.getAccount(address) (king.sol#577-613) uses timestamp for comparisons
Dangerous comparisons:
- nextClaimTime > block.timestamp (king.sol#612)
BonusKingDividendTracker.canAutoClaim(uint256) (king.sol#632-637) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > block.timestamp (king.sol#633)
- block.timestamp.sub(lastClaimTime) >= claimWait (king.sol#636)
Avoid relying on block.timestamp.
Additional information: link
Context._msgData() (Context.sol#20-23) is never used and should be removed
DividendPayingToken._transfer(address,address,uint256) (DividendPayingToken.sol#132-138) is never used and should be removed
SafeMathInt.abs(int256) (SafeMathInt.sol#82-85) is never used and should be removed
SafeMathInt.div(int256,int256) (SafeMathInt.sol#53-59) is never used and should be removed
SafeMathInt.mul(int256,int256) (SafeMathInt.sol#41-48) is never used and should be removed
Remove unused functions.
Additional information: link
BonusKing._maxWalletToken (king.sol#41) is set pre-construction with a non-constant function or state variable:
- maxSupply.mul(_maxWalletTokenPerThousand).div(1000)
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Pragma version^0.6.2 (Context.sol#3) allows old versions
Pragma version^0.6.2 (DividendPayingToken.sol#3) allows old versions
Pragma version^0.6.2 (DividendPayingTokenInterface.sol#3) allows old versions
Pragma version^0.6.2 (DividendPayingTokenOptionalInterface.sol#3) allows old versions
Pragma version^0.6.2 (ERC20.sol#3) allows old versions
Pragma version^0.6.2 (IERC20.sol#3) allows old versions
Pragma version^0.6.2 (IERC20Metadata.sol#3) allows old versions
Pragma version^0.6.2 (IUniswapV2Factory.sol#3) allows old versions
Pragma version^0.6.2 (IUniswapV2Pair.sol#3) allows old versions
Pragma version^0.6.2 (IUniswapV2Router.sol#3) allows old versions
Pragma version^0.6.2 (IterableMapping.sol#2) allows old versions
Pragma version^0.6.2 (Ownable.sol#1) allows old versions
Pragma version^0.6.2 (SafeMath.sol#3) allows old versions
Pragma version^0.6.2 (SafeMathInt.sol#28) allows old versions
Pragma version^0.6.2 (SafeMathUint.sol#3) allows old versions
Pragma version^0.6.2 (king.sol#11) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in DividendPayingToken._withdrawDividendOfUser(address) (DividendPayingToken.sol#76-92):
- (success) = user.call{gas: 3000,value: _withdrawableDividend}() (DividendPayingToken.sol#81)
Low level call in BonusKing.swapAndSendDividends(uint256) (king.sol#463-476):
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
Low level call in BonusKing.sendLuckBonus() (king.sol#478-493):
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Parameter DividendPayingToken.dividendOf(address)._owner (DividendPayingToken.sol#98) is not in mixedCase
Parameter DividendPayingToken.withdrawableDividendOf(address)._owner (DividendPayingToken.sol#105) is not in mixedCase
Parameter DividendPayingToken.withdrawnDividendOf(address)._owner (DividendPayingToken.sol#112) is not in mixedCase
Parameter DividendPayingToken.accumulativeDividendOf(address)._owner (DividendPayingToken.sol#122) is not in mixedCase
Constant DividendPayingToken.magnitude (DividendPayingToken.sol#27) is not in UPPER_CASE_WITH_UNDERSCORES
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (IUniswapV2Pair.sol#20) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (IUniswapV2Pair.sol#21) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (IUniswapV2Pair.sol#38) is not in mixedCase
Function IUniswapV2Router01.WETH() (IUniswapV2Router.sol#7) is not in mixedCase
Function BonusKing.BonusKingExcludeFromDividends(address) (king.sol#165-167) is not in mixedCase
Parameter BonusKing.updateLUCKHODL(uint256).LUCKHODL (king.sol#219) is not in mixedCase
Parameter BonusKing.updateCAKEReward(uint256).CAKEReward (king.sol#231) is not in mixedCase
Variable BonusKing.WBNB (king.sol#28) is not in mixedCase
Variable BonusKing._maxWalletTokenPerThousand (king.sol#40) is not in mixedCase
Variable BonusKing._maxWalletToken (king.sol#41) is not in mixedCase
Variable BonusKing._fees (king.sol#43) is not in mixedCase
Variable BonusKing._buyFees (king.sol#44) is not in mixedCase
Variable BonusKing._BNBReward (king.sol#46) is not in mixedCase
Variable BonusKing._project (king.sol#47) is not in mixedCase
Variable BonusKing._liquidity (king.sol#48) is not in mixedCase
Variable BonusKing._projectAddress (king.sol#50) is not in mixedCase
Parameter BonusKingDividendTracker.getAccount(address)._account (king.sol#577) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (Context.sol#21)" inContext (Context.sol#15-25)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
State variables written after the call(s):
- swapping = false (king.sol#352)
Reentrancy in BonusKing._transfer(address,address,uint256) (king.sol#320-401):
External calls:
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
External calls sending eth:
- swapAndLiquify(swapTokens) (king.sol#345)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityWallet,block.timestamp) (king.sol#452-459)
- swapAndSendDividends(sellTokens) (king.sol#349)
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
- sendLuckBonus() (king.sol#356)
- (success) = luckAddress.call{gas: 3000,value: luckAmount}() (king.sol#483)
State variables written after the call(s):
- super._transfer(from,address(this),fees) (king.sol#381)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (ERC20.sol#221)
- _balances[recipient] = _balances[recipient].add(amount) (ERC20.sol#222)
- super._transfer(from,to,amount) (king.sol#384)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (ERC20.sol#221)
- _balances[recipient] = _balances[recipient].add(amount) (ERC20.sol#222)
- sendLuckBonus() (king.sol#356)
- luckRecord[id].addr = luckAddress (king.sol#486)
- luckRecord[id].amount = luckAmount (king.sol#487)
- sendLuckBonus() (king.sol#356)
- nextLuckId ++ (king.sol#488)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (king.sol#397)
- SendLuck(luckAddress,luckAmount) (king.sol#489)
- sendLuckBonus() (king.sol#356)
- Transfer(sender,recipient,amount) (ERC20.sol#223)
- super._transfer(from,to,amount) (king.sol#384)
- Transfer(sender,recipient,amount) (ERC20.sol#223)
- super._transfer(from,address(this),fees) (king.sol#381)
Reentrancy in BonusKing.swapAndSendDividends(uint256) (king.sol#463-476):
External calls:
- _projectAddress.transfer(h8) (king.sol#469)
External calls sending eth:
- _projectAddress.transfer(h8) (king.sol#469)
- (success) = address(dividendTracker).call{value: h8}() (king.sol#472)
Event emitted after the call(s):
- SendDividends(tokens,newBalance) (king.sol#474)
Apply the check-effects-interactions pattern.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (IUniswapV2Router.sol#12) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (IUniswapV2Router.sol#13)
Variable DividendPayingToken._withdrawDividendOfUser(address)._withdrawableDividend (DividendPayingToken.sol#77) is too similar to BonusKingDividendTracker.getAccount(address).withdrawableDividends (king.sol#582)
Prevent variables from having similar names.
Additional information: link
BonusKing.updateGasForProcessing(uint256) (king.sol#200-205) uses literals with too many digits:
- require(bool,string)(newValue >= 200000 && newValue <= 500000,BonusKing: gasForProcessing must be between 200,000 and 500,000) (king.sol#201)
BonusKing.slitherConstructorVariables() (king.sol#22-507) uses literals with too many digits:
- swapTokensAtAmount = 20000000 * (10 ** 18) (king.sol#35)
BonusKing.slitherConstructorVariables() (king.sol#22-507) uses literals with too many digits:
- minLuckHold = 50000000 * (10 ** 18) (king.sol#37)
BonusKing.slitherConstructorVariables() (king.sol#22-507) uses literals with too many digits:
- maxSupply = 100000000000 * (10 ** 18) (king.sol#38)
BonusKing.slitherConstructorVariables() (king.sol#22-507) uses literals with too many digits:
- gasForProcessing = 300000 (king.sol#54)
BonusKingDividendTracker.constructor() (king.sol#529-532) uses literals with too many digits:
- minimumTokenBalanceForDividends = 5000000 * (10 ** 18) (king.sol#531)
BonusKingDividendTracker.getAccountAtIndex(uint256) (king.sol#615-630) uses literals with too many digits:
- (0x0000000000000000000000000000000000000000,- 1,- 1,0,0,0,0,0) (king.sol#626)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (SafeMathInt.sol#36) is never used in SafeMathInt (SafeMathInt.sol#34-93)
Remove unused state variables.
Additional information: link
BonusKing.maxSupply (king.sol#38) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
withdrawDividend() should be declared external:
- BonusKingDividendTracker.withdrawDividend() (king.sol#538-540)
- DividendPayingToken.withdrawDividend() (DividendPayingToken.sol#70-72)
dividendOf(address) should be declared external:
- DividendPayingToken.dividendOf(address) (DividendPayingToken.sol#98-100)
withdrawnDividendOf(address) should be declared external:
- DividendPayingToken.withdrawnDividendOf(address) (DividendPayingToken.sol#112-114)
name() should be declared external:
- ERC20.name() (ERC20.sol#63-65)
symbol() should be declared external:
- ERC20.symbol() (ERC20.sol#71-73)
decimals() should be declared external:
- ERC20.decimals() (ERC20.sol#88-90)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (ERC20.sol#114-117)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (ERC20.sol#122-124)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (ERC20.sol#133-136)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (ERC20.sol#151-159)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (ERC20.sol#173-176)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (ERC20.sol#192-195)
get(IterableMapping.Map,address) should be declared external:
- IterableMapping.get(IterableMapping.Map,address) (IterableMapping.sol#13-15)
getIndexOfKey(IterableMapping.Map,address) should be declared external:
- IterableMapping.getIndexOfKey(IterableMapping.Map,address) (IterableMapping.sol#17-22)
getKeyAtIndex(IterableMapping.Map,uint256) should be declared external:
- IterableMapping.getKeyAtIndex(IterableMapping.Map,uint256) (IterableMapping.sol#24-26)
size(IterableMapping.Map) should be declared external:
- IterableMapping.size(IterableMapping.Map) (IterableMapping.sol#30-32)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (Ownable.sol#43-46)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (Ownable.sol#52-56)
updateDividendTracker(address) should be declared external:
- BonusKing.updateDividendTracker(address) (king.sol#135-150)
updateUniswapV2Router(address) should be declared external:
- BonusKing.updateUniswapV2Router(address) (king.sol#152-156)
BonusKingExcludeFromDividends(address) should be declared external:
- BonusKing.BonusKingExcludeFromDividends(address) (king.sol#165-167)
excludeMultipleAccountsFromFees(address[],bool) should be declared external:
- BonusKing.excludeMultipleAccountsFromFees(address[],bool) (king.sol#169-175)
setAutomatedMarketMakerPair(address,bool) should be declared external:
- BonusKing.setAutomatedMarketMakerPair(address,bool) (king.sol#177-180)
updateLiquidityWallet(address) should be declared external:
- BonusKing.updateLiquidityWallet(address) (king.sol#193-198)
updateGasForProcessing(uint256) should be declared external:
- BonusKing.updateGasForProcessing(uint256) (king.sol#200-205)
updateL(uint256) should be declared external:
- BonusKing.updateL(uint256) (king.sol#211-213)
updateS(uint256) should be declared external:
- BonusKing.updateS(uint256) (king.sol#215-217)
updateLUCKHODL(uint256) should be declared external:
- BonusKing.updateLUCKHODL(uint256) (king.sol#219-221)
updateSellFees(uint256) should be declared external:
- BonusKing.updateSellFees(uint256) (king.sol#223-225)
updateBuyFees(uint256) should be declared external:
- BonusKing.updateBuyFees(uint256) (king.sol#227-229)
updateCAKEReward(uint256) should be declared external:
- BonusKing.updateCAKEReward(uint256) (king.sol#231-233)
updateMaxWalletTokenPerThousand(uint256) should be declared external:
- BonusKing.updateMaxWalletTokenPerThousand(uint256) (king.sol#235-238)
updateProject(uint256) should be declared external:
- BonusKing.updateProject(uint256) (king.sol#240-242)
updateLiquidity(uint256) should be declared external:
- BonusKing.updateLiquidity(uint256) (king.sol#244-246)
setAddress(address) should be declared external:
- BonusKing.setAddress(address) (king.sol#248-250)
isExcludedFromFees(address) should be declared external:
- BonusKing.isExcludedFromFees(address) (king.sol#260-262)
withdrawableDividendOf(address) should be declared external:
- BonusKing.withdrawableDividendOf(address) (king.sol#264-266)
dividendTokenBalanceOf(address) should be declared external:
- BonusKing.dividendTokenBalanceOf(address) (king.sol#268-270)
rescueToken(address,uint256) should be declared external:
- BonusKing.rescueToken(address,uint256) (king.sol#495-497)
getLuckAddress() should be declared external:
- BonusKingDividendTracker.getLuckAddress() (king.sol#567-571)
getAccountAtIndex(uint256) should be declared external:
- BonusKingDividendTracker.getAccountAtIndex(uint256) (king.sol#615-630)
process(uint256) should be declared external:
- BonusKingDividendTracker.process(uint256) (king.sol#656-701)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts