For the love of Cheems and DOGEs. Please dont jeet.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
CUPIDCHEEMS.addLiquidity(uint256,uint256) (#571-584) sends eth to arbitrary user
Dangerous calls:
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in CUPIDCHEEMS._transfer(address,address,uint256) (#467-514):
External calls:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
External calls sending eth:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
State variables written after the call(s):
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
- _rOwned[address(this)] += rMarketing (#378)
- _rOwned[address(this)] += rLiquidity (#368)
- _rOwned[address(this)] += recosystem (#388)
- _rOwned[sender] = _rOwned[sender] - s.rAmount (#529)
- _rOwned[recipient] = _rOwned[recipient] + s.rTransferAmount (#530)
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
- _rTotal -= rRfi (#357)
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
- _tOwned[sender] = _tOwned[sender] - tAmount (#523)
- _tOwned[address(this)] += tecosystem (#386)
- _tOwned[address(this)] += tMarketing (#376)
- _tOwned[address(this)] += tLiquidity (#366)
- _tOwned[recipient] = _tOwned[recipient] + s.tTransferAmount (#526)
Apply the check-effects-interactions pattern.
Additional information: link
CUPIDCHEEMS.rescueAnyBEP20Tokens(address,address,uint256) (#675-677) ignores return value by IERC20(_tokenAddr).transfer(_to,_amount) (#676)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
CUPIDCHEEMS.constructor(address)._pair (#203-204) lacks a zero-check on :
- pair = _pair (#207)
CUPIDCHEEMS.updateMarketingWallet(address).newWallet (#617) lacks a zero-check on :
- marketingWallet = newWallet (#618)
CUPIDCHEEMS.updateecosystemWallet(address).newWallet (#621) lacks a zero-check on :
- ecosystemWallet = newWallet (#622)
CUPIDCHEEMS.updateRouterAndPair(address,address).newPair (#663) lacks a zero-check on :
- pair = newPair (#665)
Check that the address is not zero.
Additional information: link
CUPIDCHEEMS.swapAndLiquify(uint256,CUPIDCHEEMS.Taxes) (#543-569) performs a multiplication on the result of a division:
-unitBalance = deltaBalance / (denominator - temp.liquidity) (#553)
-bnbToAddLiquidityWith = unitBalance * temp.liquidity (#554)
CUPIDCHEEMS.swapAndLiquify(uint256,CUPIDCHEEMS.Taxes) (#543-569) performs a multiplication on the result of a division:
-unitBalance = deltaBalance / (denominator - temp.liquidity) (#553)
-marketingAmt = unitBalance * 2 * temp.marketing (#561)
CUPIDCHEEMS.swapAndLiquify(uint256,CUPIDCHEEMS.Taxes) (#543-569) performs a multiplication on the result of a division:
-unitBalance = deltaBalance / (denominator - temp.liquidity) (#553)
-ecosystemAmt = unitBalance * 2 * temp.ecosystem (#565)
Consider ordering multiplication before division.
Additional information: link
CUPIDCHEEMS.addLiquidity(uint256,uint256) (#571-584) ignores return value by router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
Ensure that all the return values of the function calls are used.
Additional information: link
CUPIDCHEEMS.allowance(address,address).owner (#247) shadows:
- Ownable.owner() (#48-50) (function)
CUPIDCHEEMS._approve(address,address,uint256).owner (#460) shadows:
- Ownable.owner() (#48-50) (function)
Rename the local variables that shadow another component.
Additional information: link
CUPIDCHEEMS.updateCooldown(bool,uint256) (#626-629) should emit an event for:
- coolDownTime = time * 1 (#627)
CUPIDCHEEMS.updateSwapTokensAtAmount(uint256) (#631-633) should emit an event for:
- swapTokensAtAmount = amount * 10 ** _decimals (#632)
CUPIDCHEEMS.updateMaxTxLimit(uint256,uint256) (#654-657) should emit an event for:
- maxBuyLimit = maxBuy * 10 ** decimals() (#655)
- maxSellLimit = maxSell * 10 ** decimals() (#656)
CUPIDCHEEMS.updateMaxWalletlimit(uint256) (#659-661) should emit an event for:
- maxWalletLimit = amount * 10 ** decimals() (#660)
Emit an event for critical parameter changes.
Additional information: link
Reentrancy in CUPIDCHEEMS._transfer(address,address,uint256) (#467-514):
External calls:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
External calls sending eth:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
State variables written after the call(s):
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
- totFeesPaid.ecosystem += tecosystem (#382)
- totFeesPaid.marketing += tMarketing (#372)
- totFeesPaid.liquidity += tLiquidity (#362)
- totFeesPaid.rfi += tRfi (#358)
Reentrancy in CUPIDCHEEMS.constructor(address) (#201-224):
External calls:
- _pair = IFactory(_router.factory()).createPair(address(this),_router.WETH()) (#203-204)
State variables written after the call(s):
- excludeFromReward(pair) (#209)
- _excluded.push(account) (#318)
- excludeFromReward(pair) (#209)
- _isExcluded[account] = true (#317)
- _isExcludedFromFee[address(this)] = true (#212)
- _isExcludedFromFee[owner()] = true (#213)
- _isExcludedFromFee[marketingWallet] = true (#214)
- _isExcludedFromFee[ecosystemWallet] = true (#215)
- _rOwned[owner()] = _rTotal (#211)
- excludeFromReward(pair) (#209)
- _tOwned[account] = tokenFromReflection(_rOwned[account]) (#315)
- allowedTransfer[address(this)] = true (#217)
- allowedTransfer[owner()] = true (#218)
- allowedTransfer[pair] = true (#219)
- allowedTransfer[marketingWallet] = true (#220)
- allowedTransfer[ecosystemWallet] = true (#221)
- pair = _pair (#207)
- router = _router (#206)
Reentrancy in CUPIDCHEEMS.swapAndLiquify(uint256,CUPIDCHEEMS.Taxes) (#543-569):
External calls:
- swapTokensForBNB(toSwap) (#550)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
External calls sending eth:
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
State variables written after the call(s):
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
- _allowances[owner][spender] = amount (#463)
Reentrancy in CUPIDCHEEMS.transferFrom(address,address,uint256) (#256-264):
External calls:
- _transfer(sender,recipient,amount) (#257)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
External calls sending eth:
- _transfer(sender,recipient,amount) (#257)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
State variables written after the call(s):
- _approve(sender,_msgSender(),currentAllowance - amount) (#261)
- _allowances[owner][spender] = amount (#463)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in CUPIDCHEEMS._transfer(address,address,uint256) (#467-514):
External calls:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
External calls sending eth:
- swapAndLiquify(swapTokensAtAmount,selltax) (#505)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- swapAndLiquify(swapTokensAtAmount,taxes) (#506)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
Event emitted after the call(s):
- Transfer(sender,address(this),s.tLiquidity + s.tMarketing + s.tecosystem) (#535)
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
- Transfer(sender,recipient,s.tTransferAmount) (#539)
- _tokenTransfer(from,to,amount,takeFee,isSell) (#513)
Reentrancy in CUPIDCHEEMS.constructor(address) (#201-224):
External calls:
- _pair = IFactory(_router.factory()).createPair(address(this),_router.WETH()) (#203-204)
Event emitted after the call(s):
- Transfer(address(0),owner(),_tTotal) (#223)
Reentrancy in CUPIDCHEEMS.swapAndLiquify(uint256,CUPIDCHEEMS.Taxes) (#543-569):
External calls:
- swapTokensForBNB(toSwap) (#550)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
External calls sending eth:
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#464)
- addLiquidity(tokensToAddLiquidityWith,bnbToAddLiquidityWith) (#558)
Reentrancy in CUPIDCHEEMS.transferFrom(address,address,uint256) (#256-264):
External calls:
- _transfer(sender,recipient,amount) (#257)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#595-601)
- address(marketingWallet).sendValue(marketingAmt) (#563)
- address(ecosystemWallet).sendValue(ecosystemAmt) (#567)
External calls sending eth:
- _transfer(sender,recipient,amount) (#257)
- router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#576-583)
- (success) = recipient.call{value: amount}() (#101)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#464)
- _approve(sender,_msgSender(),currentAllowance - amount) (#261)
Apply the check-effects-interactions pattern.
Additional information: link
CUPIDCHEEMS._transfer(address,address,uint256) (#467-514) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(timePassed >= coolDownTime,Cooldown enabled) (#494)
Avoid relying on block.timestamp.
Additional information: link
CUPIDCHEEMS.setTradingStatus(bool) (#300-304) compares to a boolean constant:
-state == true && genesis_block == 0 (#303)
Remove the equality to the boolean constant.
Additional information: link
CUPIDCHEEMS.includeInReward(address) (#321-332) has costly operations inside a loop:
- _excluded.pop() (#328)
CUPIDCHEEMS._reflectRfi(uint256,uint256) (#356-359) has costly operations inside a loop:
- _rTotal -= rRfi (#357)
Use a local variable to hold the loop computation result.
Additional information: link
Context._msgData() (#33-36) is never used and should be removed
Remove unused functions.
Additional information: link
CUPIDCHEEMS._tTotal (#143) is set pre-construction with a non-constant function or state variable:
- initialsupply * 10 ** _decimals
CUPIDCHEEMS._rTotal (#144) is set pre-construction with a non-constant function or state variable:
- (MAX - (MAX % _tTotal))
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#98-103):
- (success) = recipient.call{value: amount}() (#101)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IRouter.WETH() (#79) is not in mixedCase
Struct CUPIDCHEEMS.valuesFromGetValues (#178-190) is not in CapWords
Parameter CUPIDCHEEMS.setTaxes(uint256,uint256,uint256,uint256)._rfi (#346) is not in mixedCase
Parameter CUPIDCHEEMS.setTaxes(uint256,uint256,uint256,uint256)._marketing (#346) is not in mixedCase
Parameter CUPIDCHEEMS.setTaxes(uint256,uint256,uint256,uint256)._liquidity (#346) is not in mixedCase
Parameter CUPIDCHEEMS.setTaxes(uint256,uint256,uint256,uint256)._ecosystem (#346) is not in mixedCase
Parameter CUPIDCHEEMS.setselltax(uint256,uint256,uint256,uint256)._rfi (#351) is not in mixedCase
Parameter CUPIDCHEEMS.setselltax(uint256,uint256,uint256,uint256)._marketing (#351) is not in mixedCase
Parameter CUPIDCHEEMS.setselltax(uint256,uint256,uint256,uint256)._liquidity (#351) is not in mixedCase
Parameter CUPIDCHEEMS.setselltax(uint256,uint256,uint256,uint256)._ecosystem (#351) is not in mixedCase
Parameter CUPIDCHEEMS.updateSwapEnabled(bool)._enabled (#635) is not in mixedCase
Parameter CUPIDCHEEMS.rescueAnyBEP20Tokens(address,address,uint256)._tokenAddr (#675) is not in mixedCase
Parameter CUPIDCHEEMS.rescueAnyBEP20Tokens(address,address,uint256)._to (#675) is not in mixedCase
Parameter CUPIDCHEEMS.rescueAnyBEP20Tokens(address,address,uint256)._amount (#675) is not in mixedCase
Constant CUPIDCHEEMS._decimals (#139) is not in UPPER_CASE_WITH_UNDERSCORES
Variable CUPIDCHEEMS.genesis_block (#151) is not in mixedCase
Constant CUPIDCHEEMS._name (#156) is not in UPPER_CASE_WITH_UNDERSCORES
Constant CUPIDCHEEMS._symbol (#157) is not in UPPER_CASE_WITH_UNDERSCORES
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#34)" inContext (#28-37)
Remove redundant statements if they congest code but offer no value.
Additional information: link
CUPIDCHEEMS.initialsupply (#142) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#57-59)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#61-64)
name() should be declared external:
- CUPIDCHEEMS.name() (#227-229)
symbol() should be declared external:
- CUPIDCHEEMS.symbol() (#230-232)
totalSupply() should be declared external:
- CUPIDCHEEMS.totalSupply() (#238-240)
allowance(address,address) should be declared external:
- CUPIDCHEEMS.allowance(address,address) (#247-249)
approve(address,uint256) should be declared external:
- CUPIDCHEEMS.approve(address,uint256) (#251-254)
transferFrom(address,address,uint256) should be declared external:
- CUPIDCHEEMS.transferFrom(address,address,uint256) (#256-264)
increaseAllowance(address,uint256) should be declared external:
- CUPIDCHEEMS.increaseAllowance(address,uint256) (#266-269)
decreaseAllowance(address,uint256) should be declared external:
- CUPIDCHEEMS.decreaseAllowance(address,uint256) (#271-277)
transfer(address,uint256) should be declared external:
- CUPIDCHEEMS.transfer(address,uint256) (#279-283)
isExcludedFromReward(address) should be declared external:
- CUPIDCHEEMS.isExcludedFromReward(address) (#285-287)
reflectionFromToken(uint256,bool) should be declared external:
- CUPIDCHEEMS.reflectionFromToken(uint256,bool) (#289-298)
excludeFromFee(address) should be declared external:
- CUPIDCHEEMS.excludeFromFee(address) (#334-336)
includeInFee(address) should be declared external:
- CUPIDCHEEMS.includeInFee(address) (#338-340)
isExcludedFromFee(address) should be declared external:
- CUPIDCHEEMS.isExcludedFromFee(address) (#342-344)
setTaxes(uint256,uint256,uint256,uint256) should be declared external:
- CUPIDCHEEMS.setTaxes(uint256,uint256,uint256,uint256) (#346-349)
setselltax(uint256,uint256,uint256,uint256) should be declared external:
- CUPIDCHEEMS.setselltax(uint256,uint256,uint256,uint256) (#351-354)
rescueAnyBEP20Tokens(address,address,uint256) should be declared external:
- CUPIDCHEEMS.rescueAnyBEP20Tokens(address,address,uint256) (#675-677)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Twitter account
Telegram account has relatively few subscribers
Unable to find Blog account (Reddit or Medium)
Unable to find Youtube account
Unable to find Discord account