cosmostoken.airdrop(address) (#461-471) sends eth to arbitrary user
Dangerous calls:
- address(uint160(_refer)).transfer(referEth) (#468)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Contract creator or owner is blacklisted for past scams
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is not renounced (belongs to a wallet)
cosmostoken.clearETH()._owner (#385) lacks a zero-check on :
- _owner.transfer(address(this).balance) (#386)
Check that the address is not zero.
Additional information: link
SafeMath.div(uint256,uint256,string) (#139-142) is never used and should be removed
SafeMath.sub(uint256,uint256) (#67-70) is never used and should be removed
Remove unused functions.
Additional information: link
Contract cosmostoken (#169-489) is not in CapWords
Parameter cosmostoken.allocationForRewards(address,uint256)._addr (#388) is not in mixedCase
Parameter cosmostoken.allocationForRewards(address,uint256)._amount (#388) is not in mixedCase
Parameter cosmostoken.airdrop(address)._refer (#461) is not in mixedCase
Parameter cosmostoken.buy(address)._refer (#473) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
cosmostoken.clearETH()._owner (#385) shadows:
- cosmostoken._owner (#176) (state variable)
Rename the local variables that shadow another component.
Additional information: link
solc-0.6.8 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
cosmostoken.slitherConstructorVariables() (#169-489) uses literals with too many digits:
- _totalSupply = 1000000000000000000000000000000000 (#172)
cosmostoken.slitherConstructorVariables() (#169-489) uses literals with too many digits:
- _airdropEth = 4000000000000000 (#183)
cosmostoken.slitherConstructorVariables() (#169-489) uses literals with too many digits:
- _airdropToken = 2000000000000000000000000 (#184)
cosmostoken.slitherConstructorVariables() (#169-489) uses literals with too many digits:
- salePrice = 1000000000000 (#190)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
cosmostoken._airdropEth (#183) should be constant
cosmostoken._airdropToken (#184) should be constant
cosmostoken._decimals (#175) should be constant
cosmostoken._name (#173) should be constant
cosmostoken._referEth (#181) should be constant
cosmostoken._referToken (#182) should be constant
cosmostoken._swAirdrop (#179) should be constant
cosmostoken._swSale (#180) should be constant
cosmostoken._symbol (#174) should be constant
cosmostoken._totalSupply (#172) should be constant
cosmostoken.salePrice (#190) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
name() should be declared external:
- cosmostoken.name() (#230-232)
symbol() should be declared external:
- cosmostoken.symbol() (#245-247)
decimals() should be declared external:
- cosmostoken.decimals() (#265-267)
cap() should be declared external:
- cosmostoken.cap() (#272-274)
totalSupply() should be declared external:
- cosmostoken.totalSupply() (#279-281)
balanceOf(address) should be declared external:
- cosmostoken.balanceOf(address) (#286-288)
allowance(address,address) should be declared external:
- cosmostoken.allowance(address,address) (#293-295)
transferFrom(address,address,uint256) should be declared external:
- cosmostoken.transferFrom(address,address,uint256) (#366-370)
approve(address,uint256) should be declared external:
- cosmostoken.approve(address,uint256) (#379-382)
clearETH() should be declared external:
- cosmostoken.clearETH() (#384-387)
allocationForRewards(address,uint256) should be declared external:
- cosmostoken.allocationForRewards(address,uint256) (#388-390)
transfer(address,uint256) should be declared external:
- cosmostoken.transfer(address,uint256) (#445-448)
getBlock() should be declared external:
- cosmostoken.getBlock() (#450-459)
airdrop(address) should be declared external:
- cosmostoken.airdrop(address) (#461-471)
buy(address) should be declared external:
- cosmostoken.buy(address) (#473-486)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Token is marked as scam (rug pull, honeypot, phishing, etc.)
Additional information: link
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts