Reentrancy in COSOEquityToken.withdrawAction(uint256) (#829-843):
External calls:
- withdrawTokenList[_withdrawId].safeTransfer(msg.sender,withdrawNumList[_withdrawId]) (#839)
External calls sending eth:
- address(msg.sender).transfer(withdrawNumList[_withdrawId]) (#837)
State variables written after the call(s):
- withdrawStatus[_withdrawId] = true (#841)
Apply the check-effects-interactions pattern.
Additional information: link
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is not renounced (belongs to a wallet)
Reentrancy in COSOEquityToken.buyback(uint256) (#786-795):
External calls:
- IERC20(buybackToken).safeTransfer(msg.sender,back) (#792)
- safeTransferFrom(msg.sender,devAddress,_tokenId) (#793)
- IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
State variables written after the call(s):
- canBuyBackList[msg.sender][_tokenId] = false (#794)
Reentrancy in COSOEquityToken.massMintOne(address[]) (#752-765):
External calls:
- _safeMint(_toList[i_scope_0],tokenIdNow) (#760)
- IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
State variables written after the call(s):
- hasMineOneList[_toList[i_scope_0]] = true (#761)
Apply the check-effects-interactions pattern.
Additional information: link
ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) ignores return value by IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
Ensure that all the return values of the function calls are used.
Additional information: link
COSOEquityToken.setBaseURI(string)._baseURI (#718) shadows:
- ERC721._baseURI() (#389-391) (function)
Rename the local variables that shadow another component.
Additional information: link
COSOEquityToken.setSwapFee(uint256) (#714-716) should emit an event for:
- swapFee = _swapFee (#715)
COSOEquityToken.setBuyBackPrice(IERC20,uint256) (#734-737) should emit an event for:
- buybackPrice = _price.mul(10 ** IERC20(_token).decimals()) (#736)
COSOEquityToken.setCanBuyBlackBlockNumber(bool,uint256) (#739-742) should emit an event for:
- canBuyBlackBlockNumber = _canBuyBlackBlockNumber (#741)
Emit an event for critical parameter changes.
Additional information: link
COSOEquityToken.setDevAddress(address)._devAddress (#709) lacks a zero-check on :
- devAddress = _devAddress (#711)
Check that the address is not zero.
Additional information: link
ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) has external calls inside a loop: IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
Favor pull over push strategy for external calls.
Additional information: link
Variable 'ERC721._checkOnERC721Received(address,address,uint256,bytes).retval (#541)' in ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) potentially used before declaration: retval == IERC721Receiver(to).onERC721Received.selector (#542)
Variable 'ERC721._checkOnERC721Received(address,address,uint256,bytes).reason (#543)' in ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) potentially used before declaration: reason.length == 0 (#544)
Variable 'ERC721._checkOnERC721Received(address,address,uint256,bytes).reason (#543)' in ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) potentially used before declaration: revert(uint256,uint256)(32 + reason,mload(uint256)(reason)) (#548)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in COSOEquityToken.massMintOne(address[]) (#752-765):
External calls:
- _safeMint(_toList[i_scope_0],tokenIdNow) (#760)
- IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
State variables written after the call(s):
- canBuyBackList[_toList[i_scope_0]][tokenIdNow] = true (#762)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in COSOEquityToken.buyback(uint256) (#786-795):
External calls:
- IERC20(buybackToken).safeTransfer(msg.sender,back) (#792)
- safeTransferFrom(msg.sender,devAddress,_tokenId) (#793)
- IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,_data) (#541-551)
Event emitted after the call(s):
- Approval(ERC721.ownerOf(tokenId),to,tokenId) (#531)
- safeTransferFrom(msg.sender,devAddress,_tokenId) (#793)
- Transfer(from,to,tokenId) (#526)
- safeTransferFrom(msg.sender,devAddress,_tokenId) (#793)
Reentrancy in COSOEquityToken.withdrawAction(uint256) (#829-843):
External calls:
- withdrawTokenList[_withdrawId].safeTransfer(msg.sender,withdrawNumList[_withdrawId]) (#839)
External calls sending eth:
- address(msg.sender).transfer(withdrawNumList[_withdrawId]) (#837)
Event emitted after the call(s):
- withdrawEvent(_withdrawId,withdrawTokenList[_withdrawId],withdrawNumList[_withdrawId],msg.sender) (#842)
Apply the check-effects-interactions pattern.
Additional information: link
Address.isContract(address) (#234-240) uses assembly
- INLINE ASM (#236-238)
Address._verifyCallResult(bool,bytes,string) (#312-332) uses assembly
- INLINE ASM (#324-327)
ERC721._checkOnERC721Received(address,address,uint256,bytes) (#534-555) uses assembly
- INLINE ASM (#547-549)
Do not use evm assembly.
Additional information: link
COSOEquityToken.mintForMiner(address) (#744-750) compares to a boolean constant:
-require(bool,string)(MinerList[msg.sender] == true,e002) (#745)
COSOEquityToken.massMintOne(address[]) (#752-765) compares to a boolean constant:
-require(bool,string)(hasMineOneList[_toList[i]] == false,e005) (#755)
COSOEquityToken.massMintOne(address[]) (#752-765) compares to a boolean constant:
-require(bool,string)(hasMineOneList[_toList[i_scope_0]] == false,e006) (#758)
COSOEquityToken.getBuybackTokenId(address) (#767-784) compares to a boolean constant:
-canBuyBackList[_user][tokenOfOwnerByIndex(_user,i_scope_0)] == true (#779)
COSOEquityToken.getBuybackTokenId(address) (#767-784) compares to a boolean constant:
-canBuyBackList[_user][tokenOfOwnerByIndex(_user,i)] == true (#772)
COSOEquityToken.buyback(uint256) (#786-795) compares to a boolean constant:
-require(bool,string)(canBuyBackList[msg.sender][_tokenId] == true,e008) (#788)
COSOEquityToken.buyback(uint256) (#786-795) compares to a boolean constant:
-require(bool,string)(canBuyBlack == true && block.number > canBuyBlackBlockNumber && canBuyBlackBlockNumber > 0,e007) (#787)
COSOEquityToken.createWithdraw(IERC20,uint256) (#801-809) compares to a boolean constant:
-require(bool,string)(isDevAddressList[msg.sender] == true,e001) (#803)
COSOEquityToken.createEthWithdraw(uint256) (#811-819) compares to a boolean constant:
-require(bool,string)(isDevAddressList[msg.sender] == true,e002) (#813)
COSOEquityToken.approveWithdraw(uint256) (#821-827) compares to a boolean constant:
-require(bool,string)(isDevAddressList[msg.sender] == true,e004) (#823)
COSOEquityToken.approveWithdraw(uint256) (#821-827) compares to a boolean constant:
-require(bool,string)(withdrawRequestList[_withdrawId][msg.sender] == false,e005) (#824)
COSOEquityToken.withdrawAction(uint256) (#829-843) compares to a boolean constant:
-require(bool,string)(isDevAddressList[msg.sender] == true,e006) (#830)
COSOEquityToken.withdrawAction(uint256) (#829-843) compares to a boolean constant:
-require(bool,string)(withdrawRequestList[_withdrawId][devAddressList[i]] == true,e007) (#832)
COSOEquityToken.withdrawAction(uint256) (#829-843) compares to a boolean constant:
-require(bool,string)(withdrawStatus[_withdrawId] == false,e009) (#835)
Remove the equality to the boolean constant.
Additional information: link
COSOEquityToken.constructor(string,string,IERC20,address[]) (#693-702) has costly operations inside a loop:
- devAddressListNum = devAddressListNum.add(1) (#700)
COSOEquityToken.massMintOne(address[]) (#752-765) has costly operations inside a loop:
- tokenIdNow = tokenIdNow + 1 (#759)
ERC721Enumerable._removeTokenFromAllTokensEnumeration(uint256) (#638-646) has costly operations inside a loop:
- delete _allTokensIndex[tokenId] (#644)
ERC721Enumerable._removeTokenFromAllTokensEnumeration(uint256) (#638-646) has costly operations inside a loop:
- _allTokens.pop() (#645)
ERC721Enumerable._removeTokenFromOwnerEnumeration(address,uint256) (#626-636) has costly operations inside a loop:
- delete _ownedTokensIndex[tokenId] (#634)
Use a local variable to hold the loop computation result.
Additional information: link
Address.functionCall(address,bytes) (#249-251) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#261-267) is never used and should be removed
Address.functionDelegateCall(address,bytes) (#297-299) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (#301-310) is never used and should be removed
Address.functionStaticCall(address,bytes) (#282-284) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#286-295) is never used and should be removed
Address.sendValue(address,uint256) (#242-247) is never used and should be removed
Context._msgData() (#162-164) is never used and should be removed
ERC721._baseURI() (#389-391) is never used and should be removed
ERC721._burn(uint256) (#497-509) is never used and should be removed
SafeERC20.safeTransferFrom(IERC20,address,address,uint256) (#56-58) is never used and should be removed
Strings.toHexString(uint256) (#131-142) is never used and should be removed
Strings.toHexString(uint256,uint256) (#144-154) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (#2) allows old versions
solc-0.8.10 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#242-247):
- (success) = recipient.call{value: amount}() (#245)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#269-280):
- (success,returndata) = target.call{value: value}(data) (#278)
Low level call in Address.functionStaticCall(address,bytes,string) (#286-295):
- (success,returndata) = target.staticcall(data) (#293)
Low level call in Address.functionDelegateCall(address,bytes,string) (#301-310):
- (success,returndata) = target.delegatecall(data) (#308)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Parameter ERC721.safeTransferFrom(address,address,uint256,bytes)._data (#443) is not in mixedCase
Struct COSOEquityToken.nftInfoItem (#675-680) is not in CapWords
Struct COSOEquityToken.otherInfoItem (#682-691) is not in CapWords
Event COSOEquityTokencreateEvent(uint256,IERC20,uint256,address) (#704) is not in CapWords
Event COSOEquityTokenapproveEvent(uint256,address) (#705) is not in CapWords
Event COSOEquityTokenwithdrawEvent(uint256,IERC20,uint256,address) (#706) is not in CapWords
Parameter COSOEquityToken.setDevAddress(address)._devAddress (#709) is not in mixedCase
Parameter COSOEquityToken.setSwapFee(uint256)._swapFee (#714) is not in mixedCase
Parameter COSOEquityToken.setBaseURI(string)._baseURI (#718) is not in mixedCase
Parameter COSOEquityToken.addMiner(address)._adddress (#722) is not in mixedCase
Parameter COSOEquityToken.removeMiner(address)._adddress (#726) is not in mixedCase
Parameter COSOEquityToken.transferMore(uint256)._tokenId (#730) is not in mixedCase
Parameter COSOEquityToken.setBuyBackPrice(IERC20,uint256)._token (#734) is not in mixedCase
Parameter COSOEquityToken.setBuyBackPrice(IERC20,uint256)._price (#734) is not in mixedCase
Parameter COSOEquityToken.setCanBuyBlackBlockNumber(bool,uint256)._canBuyBackOrNot (#739) is not in mixedCase
Parameter COSOEquityToken.setCanBuyBlackBlockNumber(bool,uint256)._canBuyBlackBlockNumber (#739) is not in mixedCase
Parameter COSOEquityToken.mintForMiner(address)._to (#744) is not in mixedCase
Parameter COSOEquityToken.massMintOne(address[])._toList (#752) is not in mixedCase
Parameter COSOEquityToken.getBuybackTokenId(address)._user (#767) is not in mixedCase
Parameter COSOEquityToken.buyback(uint256)._tokenId (#786) is not in mixedCase
Parameter COSOEquityToken.tokenURI(uint256)._tokenId (#797) is not in mixedCase
Parameter COSOEquityToken.createWithdraw(IERC20,uint256)._token (#801) is not in mixedCase
Parameter COSOEquityToken.createWithdraw(IERC20,uint256)._amount (#801) is not in mixedCase
Parameter COSOEquityToken.createEthWithdraw(uint256)._amount (#811) is not in mixedCase
Parameter COSOEquityToken.approveWithdraw(uint256)._withdrawId (#821) is not in mixedCase
Parameter COSOEquityToken.withdrawAction(uint256)._withdrawId (#829) is not in mixedCase
Variable COSOEquityToken.ETH (#662) is not in mixedCase
Variable COSOEquityToken.MinerList (#664) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Reentrancy in COSOEquityToken.withdrawAction(uint256) (#829-843):
External calls:
- address(msg.sender).transfer(withdrawNumList[_withdrawId]) (#837)
State variables written after the call(s):
- withdrawStatus[_withdrawId] = true (#841)
Event emitted after the call(s):
- withdrawEvent(_withdrawId,withdrawTokenList[_withdrawId],withdrawNumList[_withdrawId],msg.sender) (#842)
Apply the check-effects-interactions pattern.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#183-185)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#187-190)
approve(address,uint256) should be declared external:
- ERC721.approve(address,uint256) (#393-403)
setApprovalForAll(address,bool) should be declared external:
- ERC721.setApprovalForAll(address,bool) (#411-416)
transferFrom(address,address,uint256) should be declared external:
- ERC721.transferFrom(address,address,uint256) (#422-429)
tokenByIndex(uint256) should be declared external:
- ERC721Enumerable.tokenByIndex(uint256) (#592-595)
setSwapFee(uint256) should be declared external:
- COSOEquityToken.setSwapFee(uint256) (#714-716)
setBaseURI(string) should be declared external:
- COSOEquityToken.setBaseURI(string) (#718-720)
removeMiner(address) should be declared external:
- COSOEquityToken.removeMiner(address) (#726-728)
transferMore(uint256) should be declared external:
- COSOEquityToken.transferMore(uint256) (#730-732)
setBuyBackPrice(IERC20,uint256) should be declared external:
- COSOEquityToken.setBuyBackPrice(IERC20,uint256) (#734-737)
setCanBuyBlackBlockNumber(bool,uint256) should be declared external:
- COSOEquityToken.setCanBuyBlackBlockNumber(bool,uint256) (#739-742)
mintForMiner(address) should be declared external:
- COSOEquityToken.mintForMiner(address) (#744-750)
massMintOne(address[]) should be declared external:
- COSOEquityToken.massMintOne(address[]) (#752-765)
getBuybackTokenId(address) should be declared external:
- COSOEquityToken.getBuybackTokenId(address) (#767-784)
buyback(uint256) should be declared external:
- COSOEquityToken.buyback(uint256) (#786-795)
createWithdraw(IERC20,uint256) should be declared external:
- COSOEquityToken.createWithdraw(IERC20,uint256) (#801-809)
createEthWithdraw(uint256) should be declared external:
- COSOEquityToken.createEthWithdraw(uint256) (#811-819)
approveWithdraw(uint256) should be declared external:
- COSOEquityToken.approveWithdraw(uint256) (#821-827)
withdrawAction(uint256) should be declared external:
- COSOEquityToken.withdrawAction(uint256) (#829-843)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Young tokens have high risks of price dump / death
Unable to find Telegram and Twitter accounts