Bunny Token Logo




Token 3 years
CoinGecko 3 years
CoinMarketCap 3 years
white paper

Compound Yields on Binance Smart Chain with Bunny. Bunny is continuously striving to create innovative new Yield Optimization Strategies.


Laser Scorebeta Last Audit: 8 November 2023

Token seems to be (relatively) fine. It still become a scam, but probability is moderate.

Token is flagged by TokenSniffer (admin)

BunnyToken._writeCheckpoint(address,uint32,uint256,uint256) (#1086-1104) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (#1096)
Don't use strict equality to determine if an account has enough Ether or tokens.

Additional information: link

Low level call in Address.sendValue(address,uint256) (#429-435):
- (success) = recipient.call{value: amount}() (#433)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#508-534):
- (success,returndata) = target.call{value: weiValue}(data) (#517)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Contract ownership is semi-renounced (passed to a contract)

Variable BunnyToken._delegates (#894) is not in mixedCase
Parameter BunnyToken.mint(address,uint256)._to (#882) is not in mixedCase
Parameter BunnyToken.mint(address,uint256)._amount (#882) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

BEP20.allowance(address,address).owner (#649) shadows:
- Ownable.owner() (#55-57) (function)
BEP20.constructor(string,string).symbol (#585) shadows:
- BEP20.symbol() (#615-617) (function)
- IBEP20.symbol() (#111) (function)
BEP20._approve(address,address,uint256).owner (#821) shadows:
- Ownable.owner() (#55-57) (function)
BEP20.constructor(string,string).name (#585) shadows:
- BEP20.name() (#601-603) (function)
- IBEP20.name() (#116) (function)
Rename the local variables that shadow another component.

Additional information: link

BunnyToken.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (#952-993) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,BUNNY::delegateBySig: signature expired) (#991)
Avoid relying on block.timestamp.

Additional information: link

Address._functionCallWithValue(address,bytes,uint256,string) (#508-534) uses assembly
- INLINE ASM (#526-529)
Address.isContract(address) (#400-411) uses assembly
- INLINE ASM (#407-409)
BunnyToken.getChainId() (#1111-1115) uses assembly
- INLINE ASM (#1113)
Do not use evm assembly.

Additional information: link

SafeMath.mul(uint256,uint256) (#269-281) is never used and should be removed
Address.sendValue(address,uint256) (#429-435) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#484-490) is never used and should be removed
SafeMath.sqrt(uint256) (#365-376) is never used and should be removed
BEP20._burnFrom(address,uint256) (#838-845) is never used and should be removed
BEP20._burn(address,uint256) (#799-805) is never used and should be removed
SafeMath.min(uint256,uint256) (#360-362) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#351-358) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#498-506) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#311-321) is never used and should be removed
Context._msgData() (#20-23) is never used and should be removed
SafeMath.mod(uint256,uint256) (#335-337) is never used and should be removed
SafeMath.div(uint256,uint256) (#295-297) is never used and should be removed
Address._functionCallWithValue(address,bytes,uint256,string) (#508-534) is never used and should be removed
Address.isContract(address) (#400-411) is never used and should be removed
Address.functionCall(address,bytes,string) (#465-471) is never used and should be removed
Address.functionCall(address,bytes) (#455-457) is never used and should be removed
Remove unused functions.

Additional information: link

Redundant expression "this (#21)" inContext (#11-24)
Remove redundant statements if they congest code but offer no value.

Additional information: link

transfer(address,uint256) should be declared external:
- BEP20.transfer(address,uint256) (#641-644)
symbol() should be declared external:
- BEP20.symbol() (#615-617)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#74-77)
approve(address,uint256) should be declared external:
- BEP20.approve(address,uint256) (#660-663)
mint(address,uint256) should be declared external:
- BunnyToken.mint(address,uint256) (#882-885)
transferFrom(address,address,uint256) should be declared external:
- BEP20.transferFrom(address,address,uint256) (#677-689)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#83-85)
mint(uint256) should be declared external:
- BEP20.mint(uint256) (#739-742)
allowance(address,address) should be declared external:
- BEP20.allowance(address,address) (#649-651)
totalSupply() should be declared external:
- BEP20.totalSupply() (#622-624)
decimals() should be declared external:
- BEP20.decimals() (#608-610)
increaseAllowance(address,uint256) should be declared external:
- BEP20.increaseAllowance(address,uint256) (#703-706)
decreaseAllowance(address,uint256) should be declared external:
- BEP20.decreaseAllowance(address,uint256) (#722-729)
Use the external attribute for functions never called from the contract.

Additional information: link


Average 30d PancakeSwap liquidity is less than $100. Token is either dead or inactive.

Average 30d number of PancakeSwap swaps is less than 1. Token is either dead or inactive.

Token is deployed only at one blockchain

Twitter account link seems to be invalid

Unable to find Youtube account

Unable to find Discord account

Token is not listed at Mobula.Finance

Additional information: link

Unable to find audit link on the website

Unable to find Telegram link on the website

Unable to find Twitter link on the website

No disclosed threats

Price for BUNNY