CZFarm provides rewards to Pancakeswap LP farmers, pools for earning partnered tokens, and a trading dex with rewards. Produced by the long established CZodiac community and actively developed.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
CZFarmMaster.safeCzfTransfer(address,uint256) (#2719-2726) ignores return value by czf.transfer(_to,czfBal) (#2722)
CZFarmMaster.safeCzfTransfer(address,uint256) (#2719-2726) ignores return value by czf.transfer(_to,_amount) (#2724)
CZodiacToken._swap(address) (#3755-3777) ignores return value by prevCzodiac.transferFrom(swapper,address(this),amountToBurn) (#3774)
CZodiacToken.withdrawToken(IERC20) (#3835-3837) ignores return value by _token.transfer(owner(),_token.balanceOf(address(this))) (#3836)
LockedSale.withdrawToken(IERC20) (#5188-5190) ignores return value by _token.transfer(owner(),_token.balanceOf(address(this))) (#5189)
TigerHunt.winHunt() (#5391-5410) ignores return value by tigerHP.transferFrom(target,_msgSender(),amount) (#5406)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
CZFarmMaster.updatePool(uint256) (#2596-2616) uses a dangerous strict equality:
- lpSupply == 0 (#2602)
CZFarmPool._updatePool() (#3079-3097) uses a dangerous strict equality:
- stakedTokenSupply == 0 (#3086)
TigerHunt.isHuntWinning(address) (#5521-5533) uses a dangerous strict equality:
- hunterHP == 0 (#5529)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
CZFarmMaster.pendingCzf(uint256,address) (#2561-2587) performs a multiplication on the result of a division:
-czfReward = multiplier.mul(czfPerBlock).mul(pool.allocPoint).div(totalAllocPoint) (#2575-2578)
-accCzfPerShare = accCzfPerShare.add(czfReward.mul(1e12).div(lpSupply)) (#2579-2581)
CZFarmMaster.updatePool(uint256) (#2596-2616) performs a multiplication on the result of a division:
-czfReward = multiplier.mul(czfPerBlock).mul(pool.allocPoint).div(totalAllocPoint) (#2607-2610)
-pool.accCzfPerShare = pool.accCzfPerShare.add(czfReward.mul(1e12).div(lpSupply)) (#2612-2614)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4642)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4643)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4644)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4645)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4646)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4647)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4648)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-d /= pow2 (#4638)
-r *= 2 - d * r (#4649)
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) performs a multiplication on the result of a division:
-l /= pow2 (#4639)
-l * r (#4650)
TigerHunt.isHuntWinning(address) (#5521-5533) performs a multiplication on the result of a division:
-targetHP = tigerHP.balanceOf(tigerAccount.huntTarget) / 10 ** 18 / 2 (#5525-5527)
-minRoll = (~ uint256(0) / 2 / hunterHP) * targetHP (#5531)
Consider ordering multiplication before division.
Additional information: link
Reentrancy in CZFarmMaster.add(uint256,IERC20,bool) (#2525-2545):
External calls:
- massUpdatePools() (#2531)
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- poolInfo.push(PoolInfo(_lpToken,_allocPoint,lastRewardBlock,0)) (#2537-2544)
- totalAllocPoint = totalAllocPoint.add(_allocPoint) (#2536)
Reentrancy in CZFarmMaster.claim(uint256) (#2703-2717):
External calls:
- updatePool(_pid) (#2706)
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- user.pendingRewards = user.pendingRewards.add(pending) (#2711)
Reentrancy in CZFarmMaster.claim(uint256) (#2703-2717):
External calls:
- updatePool(_pid) (#2706)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2712)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
State variables written after the call(s):
- user.pendingRewards = 0 (#2714)
- user.rewardDebt = user.amount.mul(pool.accCzfPerShare).div(1e12) (#2716)
Reentrancy in CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656):
External calls:
- updatePool(_pid) (#2625)
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- user.pendingRewards = user.pendingRewards.add(pending) (#2634)
Reentrancy in CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656):
External calls:
- updatePool(_pid) (#2625)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2637)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
State variables written after the call(s):
- user.pendingRewards = 0 (#2639)
Reentrancy in CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656):
External calls:
- updatePool(_pid) (#2625)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2637)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
- require(bool,string)(pool.lpToken.transferFrom(address(msg.sender),address(this),_amount),CZFarmMaster: Transfer failed) (#2644-2651)
State variables written after the call(s):
- user.rewardDebt = user.amount.mul(pool.accCzfPerShare).div(1e12) (#2654)
Reentrancy in CZFarmPool.deposit(uint256) (#2895-2921):
External calls:
- rewardToken.safeTransfer(address(msg.sender),pending) (#2905)
State variables written after the call(s):
- user.amount = user.amount + _amount (#2910)
Reentrancy in CZFarmPool.deposit(uint256) (#2895-2921):
External calls:
- rewardToken.safeTransfer(address(msg.sender),pending) (#2905)
- stakedToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#2911-2915)
State variables written after the call(s):
- user.rewardDebt = (user.amount * accTokenPerShare) / PRECISION_FACTOR (#2918)
Reentrancy in CZFarmMaster.emergencyWithdraw(uint256) (#2690-2701):
External calls:
- require(bool,string)(pool.lpToken.transfer(address(msg.sender),user.amount),CZFarmMaster: Transfer failed) (#2693-2696)
State variables written after the call(s):
- user.amount = 0 (#2698)
- user.rewardDebt = 0 (#2699)
- user.pendingRewards = 0 (#2700)
Reentrancy in CZFarmMaster.set(uint256,uint256,bool) (#2547-2559):
External calls:
- massUpdatePools() (#2553)
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- poolInfo[_pid].allocPoint = _allocPoint (#2558)
- totalAllocPoint = totalAllocPoint.sub(poolInfo[_pid].allocPoint).add(_allocPoint) (#2555-2557)
Reentrancy in CZUsdBorrow.setStrategy(address) (#4329-4335):
External calls:
- czfarm.approve(strategy,0) (#4330)
- czusd.approve(strategy,0) (#4331)
State variables written after the call(s):
- strategy = _to (#4332)
Reentrancy in CZFarmMaster.updatePool(uint256) (#2596-2616):
External calls:
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- pool.accCzfPerShare = pool.accCzfPerShare.add(czfReward.mul(1e12).div(lpSupply)) (#2612-2614)
- pool.lastRewardBlock = block.number (#2615)
Reentrancy in TigerHunt.winHunt() (#5391-5410):
External calls:
- tigerHP.transferFrom(target,_msgSender(),amount) (#5406)
- tigerHP.burnFrom(target,amount) (#5407)
State variables written after the call(s):
- tigerAccount.huntBlock = 0 (#5408)
- tigerAccount.huntTarget = address(0) (#5409)
Reentrancy in CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688):
External calls:
- updatePool(_pid) (#2666)
- czf.mint(address(this),czfReward) (#2611)
State variables written after the call(s):
- user.pendingRewards = user.pendingRewards.add(pending) (#2671)
Reentrancy in CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688):
External calls:
- updatePool(_pid) (#2666)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2674)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
State variables written after the call(s):
- user.pendingRewards = 0 (#2676)
- user.amount = user.amount.sub(_amount) (#2680)
Reentrancy in CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688):
External calls:
- updatePool(_pid) (#2666)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2674)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
- require(bool,string)(pool.lpToken.transfer(address(msg.sender),_amount),CZFarmMaster: Transfer failed) (#2681-2684)
State variables written after the call(s):
- user.rewardDebt = user.amount.mul(pool.accCzfPerShare).div(1e12) (#2686)
Reentrancy in CZFarmPool.withdraw(uint256) (#2927-2949):
External calls:
- stakedToken.safeTransfer(address(msg.sender),_amount) (#2939)
- rewardToken.safeTransfer(address(msg.sender),pending) (#2943)
State variables written after the call(s):
- user.rewardDebt = (user.amount * accTokenPerShare) / PRECISION_FACTOR (#2946)
Reentrancy in CZUsdBorrow.withdraw(uint256) (#4211-4225):
External calls:
- czfarmCzusdOracle.update() (#4212)
- collateralAsset.safeTransferFrom(address(strategy),_msgSender(),uint256(_amount)) (#4214-4218)
State variables written after the call(s):
- balanceSheet.collateral -= _amount (#4219)
Reentrancy in CZUsdBorrow.withdrawCZFarm(uint256) (#4227-4241):
External calls:
- czfarmCzusdOracle.update() (#4228)
- czfarm.safeTransferFrom(address(strategy),_msgSender(),uint256(_amount)) (#4230-4234)
State variables written after the call(s):
- balanceSheet.czfarm -= _amount (#4235)
Apply the check-effects-interactions pattern.
Additional information: link
CZUsdBorrow.seizeStart(address[]).i (#4277) is a local variable never initialized
AmmLibrary.getAmountsOut(address,uint256,address[]).i (#4579) is a local variable never initialized
CZUsd.fillRequests(uint256,uint256).i (#3907) is a local variable never initialized
CZUsdBorrow.seizeCancel(address[]).i (#4291) is a local variable never initialized
CZodiacToken.swapFor(address[]).i (#3351) is a local variable never initialized
CZUsd.totalBusdWithdrawsRequested().total (#3940) is a local variable never initialized
CZUsdBorrow.seize(address[]).i (#4300) is a local variable never initialized
CZUsd.totalBusdWithdrawsRequested().i (#3941) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
AccessControlEnumerable.grantRole(bytes32,address) (#1624-1627) ignores return value by _roleMembers[role].add(account) (#1626)
AccessControlEnumerable.revokeRole(bytes32,address) (#1632-1635) ignores return value by _roleMembers[role].remove(account) (#1634)
AccessControlEnumerable.renounceRole(bytes32,address) (#1640-1647) ignores return value by _roleMembers[role].remove(account) (#1646)
AccessControlEnumerable._setupRole(bytes32,address) (#1652-1659) ignores return value by _roleMembers[role].add(account) (#1658)
CZUsdBorrow.setStrategy(address) (#4329-4335) ignores return value by czfarm.approve(strategy,0) (#4330)
CZUsdBorrow.setStrategy(address) (#4329-4335) ignores return value by czusd.approve(strategy,0) (#4331)
CZUsdBorrow.setStrategy(address) (#4329-4335) ignores return value by czfarm.approve(strategy,~ uint256(0)) (#4333)
CZUsdBorrow.setStrategy(address) (#4329-4335) ignores return value by czusd.approve(strategy,~ uint256(0)) (#4334)
Ensure that all the return values of the function calls are used.
Additional information: link
ERC20PresetMinterPauser.constructor(string,string).name (#1695) shadows:
- ERC20.name() (#312-314) (function)
- IERC20Metadata.name() (#244) (function)
ERC20PresetMinterPauser.constructor(string,string).symbol (#1695) shadows:
- ERC20.symbol() (#320-322) (function)
- IERC20Metadata.symbol() (#249) (function)
CZodiacToken.allowance(address,address).owner (#3378) shadows:
- Ownable.owner() (#102-104) (function)
CZodiacToken._approve(address,address,uint256).owner (#3509) shadows:
- Ownable.owner() (#102-104) (function)
CZUsd.constructor(string,string,address,IERC20)._name (#3870) shadows:
- ERC20._name (#292) (state variable)
CZUsd.constructor(string,string,address,IERC20)._symbol (#3871) shadows:
- ERC20._symbol (#293) (state variable)
Rename the local variables that shadow another component.
Additional information: link
CZFarmMaster.add(uint256,IERC20,bool) (#2525-2545) should emit an event for:
- totalAllocPoint = totalAllocPoint.add(_allocPoint) (#2536)
CZFarmMaster.set(uint256,uint256,bool) (#2547-2559) should emit an event for:
- totalAllocPoint = totalAllocPoint.sub(poolInfo[_pid].allocPoint).add(_allocPoint) (#2555-2557)
CZFarmMaster.setCzfPerBlock(uint256) (#2728-2731) should emit an event for:
- czfPerBlock = _czfPerBlock (#2730)
CZFarmPool.czfarmSetStart(uint256) (#3118-3123) should emit an event for:
- timestampStart = _timestampStart (#3120)
CZFarmPool.czfarmSetDuration(uint256) (#3125-3129) should emit an event for:
- timestampEnd = timestampStart + _durationSeconds (#3127)
CZUsdBorrow.setCzFarmMultiplier(uint256) (#4337-4339) should emit an event for:
- czFarmMultiplier = _to (#4338)
CZUsdBorrow.setGlobalBorrowLimit(uint256) (#4345-4347) should emit an event for:
- globalBorrowLimit = _to (#4346)
Emit an event for critical parameter changes.
Additional information: link
CZodiacToken.constructor(address,IERC20,string,string,uint256,uint256)._autoFarm (#3300) lacks a zero-check on :
- autoFarm = _autoFarm (#3312)
CZodiacToken.setAutoFarm(address)._autoFarm (#3831) lacks a zero-check on :
- autoFarm = _autoFarm (#3832)
CZUsd.constructor(string,string,address,IERC20)._farmer (#3872) lacks a zero-check on :
- farmer = _farmer (#3876)
CZUsd.setFarmer(address)._farmer (#3931) lacks a zero-check on :
- farmer = _farmer (#3936)
CZUsdBorrow.setStrategy(address)._to (#4329) lacks a zero-check on :
- strategy = _to (#4332)
Check that the address is not zero.
Additional information: link
Reentrancy in CZodiacToken._swap(address) (#3755-3777):
External calls:
- prevCzodiac.transferFrom(swapper,address(this),amountToBurn) (#3774)
State variables written after the call(s):
- _transfer(address(this),swapper,amountToMint) (#3775)
- _rOwned[autoFarm] = _rOwned[autoFarm].add(rLiquidity) (#3742)
- _rOwned[sender] = _rOwned[sender].sub(rValues.rAmount) (#3599)
- _rOwned[sender] = _rOwned[sender].sub(rValues.rAmount) (#3577)
- _rOwned[sender] = _rOwned[sender].sub(rValues.rAmount) (#3646)
- _rOwned[sender] = _rOwned[sender].sub(rValues.rAmount) (#3623)
- _rOwned[recipient] = _rOwned[recipient].add(rValues.rTransferAmount) (#3578)
- _rOwned[recipient] = _rOwned[recipient].add(rValues.rTransferAmount) (#3624)
- _rOwned[recipient] = _rOwned[recipient].add(rValues.rTransferAmount) (#3601)
- _rOwned[recipient] = _rOwned[recipient].add(rValues.rTransferAmount) (#3648)
- _rOwned[owner()] = _rOwned[owner()].add(rDevRewards) (#3749)
- _transfer(address(this),swapper,amountToMint) (#3775)
- _rTotal = _rTotal.sub(rFee).sub(rBurn) (#3665)
- _transfer(address(this),swapper,amountToMint) (#3775)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#3645)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#3622)
- _tOwned[autoFarm] = _tOwned[autoFarm].add(tLiquidity) (#3744)
- _tOwned[recipient] = _tOwned[recipient].add(tValues.tTransferAmount) (#3600)
- _tOwned[recipient] = _tOwned[recipient].add(tValues.tTransferAmount) (#3647)
- _tOwned[owner()] = _tOwned[owner()].add(tDevRewards) (#3751)
- _transfer(address(this),swapper,amountToMint) (#3775)
- _tTotal = _tTotal.sub(tBurn) (#3666)
Reentrancy in CZUsdBorrow.borrow(uint256) (#4194-4205):
External calls:
- czfarmCzusdOracle.update() (#4195)
State variables written after the call(s):
- balanceSheet.borrow += _amount (#4197)
Reentrancy in CZUsdBorrow.borrow(uint256) (#4194-4205):
External calls:
- czfarmCzusdOracle.update() (#4195)
- czusd.mint(_msgSender(),_amount) (#4198)
State variables written after the call(s):
- totalBorrow += _amount (#4199)
Reentrancy in CZUsd.deposit(uint256) (#3879-3885):
External calls:
- require(bool,string)(busd.transferFrom(_msgSender(),farmer,_wadBusd),CZUsd: busd transfer failed) (#3880-3883)
State variables written after the call(s):
- _mint(_msgSender(),_wadBusd) (#3884)
- _balances[account] += amount (#543)
- _mint(_msgSender(),_wadBusd) (#3884)
- _totalSupply += amount (#542)
Reentrancy in CZUsdBorrow.depositCZFarmFor(address,uint256) (#4255-4265):
External calls:
- czfarmCzusdOracle.update() (#4256)
- czfarm.safeTransferFrom(_msgSender(),address(strategy),uint256(_amount)) (#4257-4261)
State variables written after the call(s):
- balanceSheet.czfarm += _amount (#4263)
- totalCzfarm += _amount (#4264)
Reentrancy in CZUsdBorrow.depositFor(address,uint256) (#4243-4253):
External calls:
- czfarmCzusdOracle.update() (#4244)
- collateralAsset.safeTransferFrom(_msgSender(),address(strategy),uint256(_amount)) (#4245-4249)
State variables written after the call(s):
- balanceSheet.collateral += _amount (#4251)
- totalCollateral += _amount (#4252)
Reentrancy in CZUsdBorrow.repayFor(address,uint256) (#4267-4273):
External calls:
- czfarmCzusdOracle.update() (#4268)
- czusd.burnFrom(_msgSender(),_amount) (#4269)
State variables written after the call(s):
- balanceSheet.borrow -= _amount (#4271)
- totalBorrow -= _amount (#4272)
Reentrancy in CZUsdBorrow.seize(address[]) (#4298-4320):
External calls:
- czfarmCzusdOracle.update() (#4299)
State variables written after the call(s):
- balanceSheet.seizeTime = 0 (#4315)
- balanceSheet.collateral = 0 (#4316)
- balanceSheet.czfarm = 0 (#4317)
- balanceSheet.borrow = 0 (#4318)
- totalBorrow -= balanceSheet.borrow (#4312)
- totalCollateral -= balanceSheet.collateral (#4314)
- totalCzfarm -= balanceSheet.czfarm (#4313)
Reentrancy in CZUsdBorrow.seizeStart(address[]) (#4275-4288):
External calls:
- czfarmCzusdOracle.update() (#4276)
State variables written after the call(s):
- balanceSheet.seizeTime = uint128(block.timestamp + liquidationDelay) (#4284-4286)
Reentrancy in CZUsdBorrow.withdraw(uint256) (#4211-4225):
External calls:
- czfarmCzusdOracle.update() (#4212)
- collateralAsset.safeTransferFrom(address(strategy),_msgSender(),uint256(_amount)) (#4214-4218)
State variables written after the call(s):
- totalCollateral -= _amount (#4220)
Reentrancy in CZUsdBorrow.withdrawCZFarm(uint256) (#4227-4241):
External calls:
- czfarmCzusdOracle.update() (#4228)
- czfarm.safeTransferFrom(address(strategy),_msgSender(),uint256(_amount)) (#4230-4234)
State variables written after the call(s):
- totalCzfarm -= _amount (#4236)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in CZUsd._fillRequest(uint256,address) (#3946-3955):
External calls:
- require(bool,string)(busd.transferFrom(_by,withdraws.requester,withdraws.request),CZUsd: busd transfer failed) (#3950-3953)
Event emitted after the call(s):
- FillRequest(_id) (#3954)
Reentrancy in CZodiacToken._swap(address) (#3755-3777):
External calls:
- prevCzodiac.transferFrom(swapper,address(this),amountToBurn) (#3774)
Event emitted after the call(s):
- BurnEvent(tBurn) (#3668)
- _transfer(address(this),swapper,amountToMint) (#3775)
- DevRewardsEvent(tDevRewards) (#3752)
- _transfer(address(this),swapper,amountToMint) (#3775)
- HolderRewardsEvent(tFee) (#3667)
- _transfer(address(this),swapper,amountToMint) (#3775)
- LPRewardsEvent(tLiquidity) (#3745)
- _transfer(address(this),swapper,amountToMint) (#3775)
- Swap(swapper,amountToBurn,amountToMint) (#3776)
- Transfer(sender,recipient,tValues.tTransferAmount) (#3586)
- _transfer(address(this),swapper,amountToMint) (#3775)
- Transfer(sender,recipient,tValues.tTransferAmount) (#3632)
- _transfer(address(this),swapper,amountToMint) (#3775)
- Transfer(sender,recipient,tValues.tTransferAmount) (#3609)
- _transfer(address(this),swapper,amountToMint) (#3775)
- Transfer(sender,recipient,tValues.tTransferAmount) (#3656)
- _transfer(address(this),swapper,amountToMint) (#3775)
Reentrancy in CZFarmMaster.claim(uint256) (#2703-2717):
External calls:
- updatePool(_pid) (#2706)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2712)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
Event emitted after the call(s):
- Claim(msg.sender,_pid,user.pendingRewards) (#2713)
Reentrancy in CZFarmPoolFactory.createPool(IERC20,IERC20,uint256,uint256,uint256) (#3165-3194):
External calls:
- CZFarmPool(pool).initialize(token,reward,rewardPerSecond,startTimestamp,endTimestamp,owner()) (#3182-3189)
- czfarm.setContractSafe(pool) (#3191)
Event emitted after the call(s):
- NewCZFarmPool(address(pool)) (#3193)
Reentrancy in CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656):
External calls:
- updatePool(_pid) (#2625)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2637)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
Event emitted after the call(s):
- Claim(msg.sender,_pid,user.pendingRewards) (#2638)
Reentrancy in CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656):
External calls:
- updatePool(_pid) (#2625)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2637)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
- require(bool,string)(pool.lpToken.transferFrom(address(msg.sender),address(this),_amount),CZFarmMaster: Transfer failed) (#2644-2651)
Event emitted after the call(s):
- Deposit(msg.sender,_pid,_amount) (#2655)
Reentrancy in CZFarmPool.deposit(uint256) (#2895-2921):
External calls:
- rewardToken.safeTransfer(address(msg.sender),pending) (#2905)
- stakedToken.safeTransferFrom(address(msg.sender),address(this),_amount) (#2911-2915)
Event emitted after the call(s):
- Deposit(msg.sender,_amount) (#2920)
Reentrancy in CZUsd.deposit(uint256) (#3879-3885):
External calls:
- require(bool,string)(busd.transferFrom(_msgSender(),farmer,_wadBusd),CZUsd: busd transfer failed) (#3880-3883)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#544)
- _mint(_msgSender(),_wadBusd) (#3884)
Reentrancy in CZFarmMaster.emergencyWithdraw(uint256) (#2690-2701):
External calls:
- require(bool,string)(pool.lpToken.transfer(address(msg.sender),user.amount),CZFarmMaster: Transfer failed) (#2693-2696)
Event emitted after the call(s):
- EmergencyWithdraw(msg.sender,_pid,user.amount) (#2697)
Reentrancy in CZFarmPool.emergencyWithdraw() (#2955-2966):
External calls:
- stakedToken.safeTransfer(address(msg.sender),amountToTransfer) (#2962)
Event emitted after the call(s):
- EmergencyWithdraw(msg.sender,user.amount) (#2965)
Reentrancy in CZFarmPool.recoverWrongTokens(address,uint256) (#2982-2998):
External calls:
- IERC20(_tokenAddress).safeTransfer(address(msg.sender),_tokenAmount) (#2995)
Event emitted after the call(s):
- AdminTokenRecovery(_tokenAddress,_tokenAmount) (#2997)
Reentrancy in CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688):
External calls:
- updatePool(_pid) (#2666)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2674)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
Event emitted after the call(s):
- Claim(msg.sender,_pid,user.pendingRewards) (#2675)
Reentrancy in CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688):
External calls:
- updatePool(_pid) (#2666)
- czf.mint(address(this),czfReward) (#2611)
- safeCzfTransfer(msg.sender,user.pendingRewards) (#2674)
- czf.transfer(_to,czfBal) (#2722)
- czf.transfer(_to,_amount) (#2724)
- require(bool,string)(pool.lpToken.transfer(address(msg.sender),_amount),CZFarmMaster: Transfer failed) (#2681-2684)
Event emitted after the call(s):
- Withdraw(msg.sender,_pid,_amount) (#2687)
Reentrancy in CZFarmPool.withdraw(uint256) (#2927-2949):
External calls:
- stakedToken.safeTransfer(address(msg.sender),_amount) (#2939)
- rewardToken.safeTransfer(address(msg.sender),pending) (#2943)
Event emitted after the call(s):
- Withdraw(msg.sender,_amount) (#2948)
Apply the check-effects-interactions pattern.
Additional information: link
CZFarmPool.deposit(uint256) (#2895-2921) uses timestamp for comparisons
Dangerous comparisons:
- pending > 0 (#2904)
CZFarmPool.withdraw(uint256) (#2927-2949) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(user.amount >= _amount,Amount to withdraw too high) (#2929)
- pending > 0 (#2942)
CZFarmPool.updateRewardPerSecond(uint256) (#3013-3020) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < timestampStart,Pool has started) (#3017)
CZFarmPool.updateStartAndEndTimestamps(uint256,uint256) (#3028-3049) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < timestampStart,Pool has started) (#3032)
- require(bool,string)(block.timestamp < _timestampStart,New timestampStart must be higher than current timestamp) (#3037-3040)
CZFarmPool.pendingReward(address) (#3056-3074) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp > timestampLast && stakedTokenSupply != 0 (#3059)
CZFarmPool._updatePool() (#3079-3097) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp <= timestampLast (#3080)
CZFarmPool._getMultiplier(uint256,uint256) (#3104-3116) uses timestamp for comparisons
Dangerous comparisons:
- _to <= timestampEnd (#3109)
- _from >= timestampEnd (#3111)
CZFarmPool.czfarmSetStart(uint256) (#3118-3123) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < timestampStart,Pool has started) (#3119)
CZFarmPool.czfarmSetDuration(uint256) (#3125-3129) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < timestampStart,Pool has started) (#3126)
CZodiacToken._swap(address) (#3755-3777) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= swapStartTimestamp,CzodiacToken: Swap not yet open) (#3760-3763)
- require(bool,string)(block.timestamp <= swapEndTimestamp,CzodiacToken: Swap closed) (#3764-3767)
CZUsdBorrow.seize(address[]) (#4298-4320) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= balanceSheet.seizeTime,Must be past seize time) (#4308-4311)
LockedSale._deposit(address) (#5200-5224) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= startTime,LockedSale: Sale not yet open.) (#5202)
- require(bool,string)(block.timestamp <= endTime,LockedSale: Sale has closed.) (#5203)
TigerHunt.isOnGuard(address) (#5535-5541) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp - _getActionTimestamp(tigerAccount,TigerAction.GUARD) <= actionTimes[uint32(TigerAction.GUARD)] (#5537-5540)
TigerHunt._checkActionTimestamp(TigerHunt.TigerAccount,TigerHunt.TigerAction) (#5586-5593) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp - _getActionTimestamp(_tigerAccount,_action) >= actionTimes[uint32(_action)] (#5590-5592)
Checkpoints.updateCheckpointValueAtNow(Checkpoints.Checkpoint[],uint256,uint256) (#5807-5833) uses timestamp for comparisons
Dangerous comparisons:
- checkpoints[checkpoints.length - 1].fromTime < block.timestamp (#5821)
Avoid relying on block.timestamp.
Additional information: link
Address.isContract(address) (#1787-1798) uses assembly
- INLINE ASM (#1794-1796)
Address._verifyCallResult(bool,bytes,string) (#1992-2013) uses assembly
- INLINE ASM (#2005-2008)
CZFarmPoolFactory.createPool(IERC20,IERC20,uint256,uint256,uint256) (#3165-3194) uses assembly
- INLINE ASM (#3178-3180)
Do not use evm assembly.
Additional information: link
CZUsd._fillRequest(uint256,address) (#3946-3955) compares to a boolean constant:
-withdraws.isFilled == true (#3948)
Remove the equality to the boolean constant.
Additional information: link
CZodiacToken._reflectFee(uint256,uint256,uint256,uint256) (#3659-3669) has costly operations inside a loop:
- _rTotal = _rTotal.sub(rFee).sub(rBurn) (#3665)
CZodiacToken._reflectFee(uint256,uint256,uint256,uint256) (#3659-3669) has costly operations inside a loop:
- _tTotal = _tTotal.sub(tBurn) (#3666)
CZodiacToken.includeInReward(address) (#3495-3506) has costly operations inside a loop:
- _excluded.pop() (#3502)
CZUsdBorrow.seize(address[]) (#4298-4320) has costly operations inside a loop:
- totalBorrow -= balanceSheet.borrow (#4312)
CZUsdBorrow.seize(address[]) (#4298-4320) has costly operations inside a loop:
- totalCzfarm -= balanceSheet.czfarm (#4313)
CZUsdBorrow.seize(address[]) (#4298-4320) has costly operations inside a loop:
- totalCollateral -= balanceSheet.collateral (#4314)
Use a local variable to hold the loop computation result.
Additional information: link
AccessControl._setRoleAdmin(bytes32,bytes32) (#1178-1181) is never used and should be removed
Address.functionCall(address,bytes) (#1848-1853) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#1880-1892) is never used and should be removed
Address.functionDelegateCall(address,bytes) (#1962-1972) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (#1980-1990) is never used and should be removed
Address.functionStaticCall(address,bytes) (#1925-1936) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#1944-1954) is never used and should be removed
Address.sendValue(address,uint256) (#1816-1828) is never used and should be removed
AmmLibrary.getAmountIn(uint256,uint256,uint256) (#4555-4568) is never used and should be removed
AmmLibrary.getAmountOut(uint256,uint256,uint256) (#4538-4552) is never used and should be removed
AmmLibrary.getAmountsIn(address,uint256,address[]) (#4590-4606) is never used and should be removed
AmmLibrary.getAmountsOut(address,uint256,address[]) (#4571-4587) is never used and should be removed
AmmLibrary.getReserves(address,address,address) (#4508-4521) is never used and should be removed
AmmLibrary.pairFor(address,address,address) (#4485-4505) is never used and should be removed
AmmLibrary.quote(uint256,uint256,uint256) (#4524-4535) is never used and should be removed
AmmLibrary.sortTokens(address,address) (#4472-4482) is never used and should be removed
Babylonian.sqrt(uint256) (#4685-4727) is never used and should be removed
BitMath.leastSignificantBit(uint256) (#4785-4825) is never used and should be removed
BitMath.mostSignificantBit(uint256) (#4745-4777) is never used and should be removed
Checkpoints.getCheckpointValueAt(Checkpoints.Checkpoint[],uint256) (#5779-5805) is never used and should be removed
Checkpoints.updateCheckpointValueAtNow(Checkpoints.Checkpoint[],uint256,uint256) (#5807-5833) is never used and should be removed
Context._msgData() (#60-63) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes32Set,bytes32) (#1355-1360) is never used and should be removed
EnumerableSet.add(EnumerableSet.UintSet,uint256) (#1491-1493) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes32Set,uint256) (#1403-1409) is never used and should be removed
EnumerableSet.at(EnumerableSet.UintSet,uint256) (#1536-1542) is never used and should be removed
EnumerableSet.contains(EnumerableSet.AddressSet,address) (#1446-1452) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes32Set,bytes32) (#1378-1384) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UintSet,uint256) (#1511-1517) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes32Set) (#1389-1391) is never used and should be removed
EnumerableSet.length(EnumerableSet.UintSet) (#1522-1524) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes32Set,bytes32) (#1368-1373) is never used and should be removed
EnumerableSet.remove(EnumerableSet.UintSet,uint256) (#1501-1506) is never used and should be removed
FixedPoint.decode(FixedPoint.uq112x112) (#4864-4866) is never used and should be removed
FixedPoint.decode144(FixedPoint.uq144x112) (#4869-4871) is never used and should be removed
FixedPoint.divuq(FixedPoint.uq112x112,FixedPoint.uq112x112) (#4937-4955) is never used and should be removed
FixedPoint.encode(uint112) (#4854-4856) is never used and should be removed
FixedPoint.encode144(uint144) (#4859-4861) is never used and should be removed
FixedPoint.fraction(uint256,uint256) (#4959-4976) is never used and should be removed
FixedPoint.mul(FixedPoint.uq112x112,uint256) (#4875-4886) is never used and should be removed
FixedPoint.muli(FixedPoint.uq112x112,int256) (#4890-4898) is never used and should be removed
FixedPoint.muluq(FixedPoint.uq112x112,FixedPoint.uq112x112) (#4902-4934) is never used and should be removed
FixedPoint.reciprocal(FixedPoint.uq112x112) (#4981-4989) is never used and should be removed
FixedPoint.sqrt(FixedPoint.uq112x112) (#4993-5011) is never used and should be removed
FullMath.fullDiv(uint256,uint256,uint256) (#4631-4652) is never used and should be removed
FullMath.fullMul(uint256,uint256) (#4618-4629) is never used and should be removed
FullMath.mulDiv(uint256,uint256,uint256) (#4654-4671) is never used and should be removed
Math.average(uint256,uint256) (#4076-4079) is never used and should be removed
Math.max(uint256,uint256) (#4061-4063) is never used and should be removed
SafeERC20.safeApprove(IERC20,address,uint256) (#2062-2079) is never used and should be removed
SafeERC20.safeDecreaseAllowance(IERC20,address,uint256) (#2097-2118) is never used and should be removed
SafeERC20.safeIncreaseAllowance(IERC20,address,uint256) (#2081-2095) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#2427-2436) is never used and should be removed
SafeMath.mod(uint256,uint256) (#2383-2385) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#2453-2462) is never used and should be removed
SafeMath.tryAdd(uint256,uint256) (#2234-2244) is never used and should be removed
SafeMath.tryDiv(uint256,uint256) (#2288-2297) is never used and should be removed
SafeMath.tryMod(uint256,uint256) (#2304-2313) is never used and should be removed
SafeMath.tryMul(uint256,uint256) (#2267-2281) is never used and should be removed
SafeMath.trySub(uint256,uint256) (#2251-2260) is never used and should be removed
Strings.toHexString(uint256) (#815-826) is never used and should be removed
Strings.toString(uint256) (#790-810) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (#43) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#1816-1828):
- (success) = recipient.call{value: amount}() (#1823)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#1900-1917):
- (success,returndata) = target.call{value: value}(data) (#1913-1915)
Low level call in Address.functionStaticCall(address,bytes,string) (#1944-1954):
- (success,returndata) = target.staticcall(data) (#1952)
Low level call in Address.functionDelegateCall(address,bytes,string) (#1980-1990):
- (success,returndata) = target.delegatecall(data) (#1988)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Constant Strings.alphabet (#785) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter CZFarm.setContractSafe(address)._for (#2197) is not in mixedCase
Parameter CZFarm.setContractUnsafe(address)._for (#2205) is not in mixedCase
Parameter CZFarmMaster.getMultiplier(uint256,uint256)._from (#2517) is not in mixedCase
Parameter CZFarmMaster.getMultiplier(uint256,uint256)._to (#2517) is not in mixedCase
Parameter CZFarmMaster.add(uint256,IERC20,bool)._allocPoint (#2526) is not in mixedCase
Parameter CZFarmMaster.add(uint256,IERC20,bool)._lpToken (#2527) is not in mixedCase
Parameter CZFarmMaster.add(uint256,IERC20,bool)._withUpdate (#2528) is not in mixedCase
Parameter CZFarmMaster.set(uint256,uint256,bool)._pid (#2548) is not in mixedCase
Parameter CZFarmMaster.set(uint256,uint256,bool)._allocPoint (#2549) is not in mixedCase
Parameter CZFarmMaster.set(uint256,uint256,bool)._withUpdate (#2550) is not in mixedCase
Parameter CZFarmMaster.pendingCzf(uint256,address)._pid (#2561) is not in mixedCase
Parameter CZFarmMaster.pendingCzf(uint256,address)._user (#2561) is not in mixedCase
Parameter CZFarmMaster.updatePool(uint256)._pid (#2596) is not in mixedCase
Parameter CZFarmMaster.deposit(uint256,uint256,bool)._pid (#2619) is not in mixedCase
Parameter CZFarmMaster.deposit(uint256,uint256,bool)._amount (#2620) is not in mixedCase
Parameter CZFarmMaster.deposit(uint256,uint256,bool)._withdrawRewards (#2621) is not in mixedCase
Parameter CZFarmMaster.withdraw(uint256,uint256,bool)._pid (#2659) is not in mixedCase
Parameter CZFarmMaster.withdraw(uint256,uint256,bool)._amount (#2660) is not in mixedCase
Parameter CZFarmMaster.withdraw(uint256,uint256,bool)._withdrawRewards (#2661) is not in mixedCase
Parameter CZFarmMaster.emergencyWithdraw(uint256)._pid (#2690) is not in mixedCase
Parameter CZFarmMaster.claim(uint256)._pid (#2703) is not in mixedCase
Parameter CZFarmMaster.safeCzfTransfer(address,uint256)._to (#2719) is not in mixedCase
Parameter CZFarmMaster.safeCzfTransfer(address,uint256)._amount (#2719) is not in mixedCase
Parameter CZFarmMaster.setCzfPerBlock(uint256)._czfPerBlock (#2728) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._stakedToken (#2862) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._rewardToken (#2863) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._rewardPerSecond (#2864) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._timestampStart (#2865) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._timestampEnd (#2866) is not in mixedCase
Parameter CZFarmPool.initialize(IERC20,IERC20,uint256,uint256,uint256,address)._admin (#2867) is not in mixedCase
Parameter CZFarmPool.deposit(uint256)._amount (#2895) is not in mixedCase
Parameter CZFarmPool.withdraw(uint256)._amount (#2927) is not in mixedCase
Parameter CZFarmPool.emergencyRewardWithdraw(uint256)._amount (#2972) is not in mixedCase
Parameter CZFarmPool.recoverWrongTokens(address,uint256)._tokenAddress (#2982) is not in mixedCase
Parameter CZFarmPool.recoverWrongTokens(address,uint256)._tokenAmount (#2982) is not in mixedCase
Parameter CZFarmPool.updateRewardPerSecond(uint256)._rewardPerSecond (#3013) is not in mixedCase
Parameter CZFarmPool.updateStartAndEndTimestamps(uint256,uint256)._timestampStart (#3029) is not in mixedCase
Parameter CZFarmPool.updateStartAndEndTimestamps(uint256,uint256)._timestampEnd (#3030) is not in mixedCase
Parameter CZFarmPool.pendingReward(address)._user (#3056) is not in mixedCase
Parameter CZFarmPool.czfarmSetStart(uint256)._timestampStart (#3118) is not in mixedCase
Parameter CZFarmPool.czfarmSetDuration(uint256)._durationSeconds (#3125) is not in mixedCase
Parameter CZFarmPool.czfarmSetStartAndDuration(uint256,uint256)._timestampStart (#3132) is not in mixedCase
Parameter CZFarmPool.czfarmSetStartAndDuration(uint256,uint256)._durationSeconds (#3133) is not in mixedCase
Variable CZFarmPool.PRECISION_FACTOR (#2824) is not in mixedCase
Parameter CZodiacToken.calculateHolderReward(uint256)._amount (#3779) is not in mixedCase
Parameter CZodiacToken.calculateBurn(uint256)._amount (#3787) is not in mixedCase
Parameter CZodiacToken.calculateLpReward(uint256)._amount (#3791) is not in mixedCase
Parameter CZodiacToken.calculateDevReward(uint256)._amount (#3795) is not in mixedCase
Parameter CZodiacToken.setNextCzodiac(IERC20)._nextCzodiac (#3815) is not in mixedCase
Parameter CZodiacToken.setGlobalRewardsEnabled(bool)._globalRewardsEnabled (#3820) is not in mixedCase
Parameter CZodiacToken.setTransfersEnabled(bool)._areTransfersEnabled (#3827) is not in mixedCase
Parameter CZodiacToken.setAutoFarm(address)._autoFarm (#3831) is not in mixedCase
Parameter CZodiacToken.withdrawToken(IERC20)._token (#3835) is not in mixedCase
Constant CZodiacToken._holderRewardBasis (#3261) is not in UPPER_CASE_WITH_UNDERSCORES
Constant CZodiacToken._burnBasis (#3264) is not in UPPER_CASE_WITH_UNDERSCORES
Constant CZodiacToken._lpRewardBasis (#3267) is not in UPPER_CASE_WITH_UNDERSCORES
Constant CZodiacToken._devRewardBasis (#3270) is not in UPPER_CASE_WITH_UNDERSCORES
Constant CZodiacToken._swapBasisRate (#3272) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter CZUsd.deposit(uint256)._wadBusd (#3879) is not in mixedCase
Parameter CZUsd.withdrawRequest(uint256)._wadZusd (#3887) is not in mixedCase
Parameter CZUsd.fillSpecificRequest(uint256)._id (#3912) is not in mixedCase
Parameter CZUsd.setTotalBusdBacking(uint256)._wad (#3926) is not in mixedCase
Parameter CZUsd.setFarmer(address)._farmer (#3931) is not in mixedCase
Parameter CZUsdBorrow.baseCollateralUsdWad(address)._for (#4136) is not in mixedCase
Parameter CZUsdBorrow.czFarmUsdWad(address)._for (#4145) is not in mixedCase
Parameter CZUsdBorrow.totalCollateralUsdWad(address)._for (#4154) is not in mixedCase
Parameter CZUsdBorrow.maxBorrowFromCZFarmMultiplier(address)._for (#4162) is not in mixedCase
Parameter CZUsdBorrow.maxBorrow(address)._for (#4170) is not in mixedCase
Parameter CZUsdBorrow.isInGoodStanding(address)._for (#4178) is not in mixedCase
Parameter CZUsdBorrow.deposit(uint256)._amount (#4186) is not in mixedCase
Parameter CZUsdBorrow.depositCZFarm(uint256)._amount (#4190) is not in mixedCase
Parameter CZUsdBorrow.borrow(uint256)._amount (#4194) is not in mixedCase
Parameter CZUsdBorrow.repay(uint256)._amount (#4207) is not in mixedCase
Parameter CZUsdBorrow.withdraw(uint256)._amount (#4211) is not in mixedCase
Parameter CZUsdBorrow.withdrawCZFarm(uint256)._amount (#4227) is not in mixedCase
Parameter CZUsdBorrow.depositFor(address,uint256)._for (#4243) is not in mixedCase
Parameter CZUsdBorrow.depositFor(address,uint256)._amount (#4243) is not in mixedCase
Parameter CZUsdBorrow.depositCZFarmFor(address,uint256)._for (#4255) is not in mixedCase
Parameter CZUsdBorrow.depositCZFarmFor(address,uint256)._amount (#4255) is not in mixedCase
Parameter CZUsdBorrow.repayFor(address,uint256)._for (#4267) is not in mixedCase
Parameter CZUsdBorrow.repayFor(address,uint256)._amount (#4267) is not in mixedCase
Parameter CZUsdBorrow.seizeStart(address[])._for (#4275) is not in mixedCase
Parameter CZUsdBorrow.seizeCancel(address[])._for (#4290) is not in mixedCase
Parameter CZUsdBorrow.seize(address[])._for (#4298) is not in mixedCase
Parameter CZUsdBorrow.setStrategy(address)._to (#4329) is not in mixedCase
Parameter CZUsdBorrow.setCzFarmMultiplier(uint256)._to (#4337) is not in mixedCase
Parameter CZUsdBorrow.setLiquidationDelay(uint256)._to (#4341) is not in mixedCase
Parameter CZUsdBorrow.setGlobalBorrowLimit(uint256)._to (#4345) is not in mixedCase
Function IAmmPair.DOMAIN_SEPARATOR() (#4389) is not in mixedCase
Function IAmmPair.PERMIT_TYPEHASH() (#4391) is not in mixedCase
Function IAmmPair.MINIMUM_LIQUIDITY() (#4422) is not in mixedCase
Struct FixedPoint.uq112x112 (#4837-4839) is not in CapWords
Struct FixedPoint.uq144x112 (#4843-4845) is not in CapWords
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._startTime (#5082) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._endTime (#5083) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._minPurchase (#5084) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._maxPurchase (#5085) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._tokensForSale (#5086) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._maxSaleSize (#5087) is not in mixedCase
Parameter LockedSale.setState(uint256,uint256,uint256,uint256,uint256,uint256,IERC20)._token (#5088) is not in mixedCase
Parameter LockedSale.setWhitelistRequired(bool)._value (#5114) is not in mixedCase
Parameter LockedSale.isWhitelisted(address)._buyer (#5118) is not in mixedCase
Parameter LockedSale.whitelist(address[])._buyers (#5147) is not in mixedCase
Parameter LockedSale.unwhitelist(address[])._buyers (#5154) is not in mixedCase
Parameter LockedSale.depositFor(address)._buyer (#5165) is not in mixedCase
Parameter LockedSale.distribute(uint256)._count (#5169) is not in mixedCase
Parameter LockedSale.withdrawToken(IERC20)._token (#5188) is not in mixedCase
Variable LockedSale._isWhitelisted (#5037) is not in mixedCase
Parameter TigerHunt.stakeTigz(uint256)._wad (#5313) is not in mixedCase
Parameter TigerHunt.unstakeTigz(uint256)._wad (#5328) is not in mixedCase
Parameter TigerHunt.setHuntExempt(address[])._fors (#5463) is not in mixedCase
Parameter TigerHunt.unsetHuntExempt(address[])._fors (#5469) is not in mixedCase
Parameter TigerHunt.setPause(bool)._to (#5475) is not in mixedCase
Parameter TigerHunt.isHuntWinning(address)._for (#5521) is not in mixedCase
Parameter TigerHunt.isOnGuard(address)._for (#5535) is not in mixedCase
Parameter TigerHuntPoints.setContractSafe(address)._for (#5669) is not in mixedCase
Parameter TigerHuntPoints.setContractUnsafe(address)._for (#5673) is not in mixedCase
Parameter Checkpoints.getCheckpointValueAt(Checkpoints.Checkpoint[],uint256)._time (#5781) is not in mixedCase
Parameter Checkpoints.updateCheckpointValueAtNow(Checkpoints.Checkpoint[],uint256,uint256)._oldValue (#5809) is not in mixedCase
Parameter Checkpoints.updateCheckpointValueAtNow(Checkpoints.Checkpoint[],uint256,uint256)._value (#5810) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#61)" inContext (#55-64)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Variable CZodiacToken._takeLpAndDevRewards(uint256,uint256).rDevRewards (#3748) is too similar to CZodiacToken._takeLpAndDevRewards(uint256,uint256).tDevRewards (#3735)
Variable TigerHunt._getReward(TigerHunt.TigerAccount,TigerHunt.TigerAction)._tigerAccount (#5610) is too similar to TigerHunt.tigerAccounts (#5272)
Variable TigerHunt._getActionTimestamp(TigerHunt.TigerAccount,TigerHunt.TigerAction)._tigerAccount (#5596) is too similar to TigerHunt.tigerAccounts (#5272)
Variable TigerHunt._setActionTimestamp(TigerHunt.TigerAccount,TigerHunt.TigerAction,uint256)._tigerAccount (#5603) is too similar to TigerHunt.tigerAccounts (#5272)
Variable TigerHunt._checkActionTimestamp(TigerHunt.TigerAccount,TigerHunt.TigerAction)._tigerAccount (#5587) is too similar to TigerHunt.tigerAccounts (#5272)
Prevent variables from having similar names.
Additional information: link
CZFarmPoolFactory.createPool(IERC20,IERC20,uint256,uint256,uint256) (#3165-3194) uses literals with too many digits:
- bytecode = type()(CZFarmPool).creationCode (#3172)
Babylonian.sqrt(uint256) (#4685-4727) uses literals with too many digits:
- xx >= 0x100000000000000000000000000000000 (#4691)
Babylonian.sqrt(uint256) (#4685-4727) uses literals with too many digits:
- xx >= 0x10000000000000000 (#4695)
Babylonian.sqrt(uint256) (#4685-4727) uses literals with too many digits:
- xx >= 0x100000000 (#4699)
BitMath.mostSignificantBit(uint256) (#4745-4777) uses literals with too many digits:
- x >= 0x100000000000000000000000000000000 (#4748)
BitMath.mostSignificantBit(uint256) (#4745-4777) uses literals with too many digits:
- x >= 0x10000000000000000 (#4752)
BitMath.mostSignificantBit(uint256) (#4745-4777) uses literals with too many digits:
- x >= 0x100000000 (#4756)
FixedPoint.slitherConstructorConstantVariables() (#4834-5012) uses literals with too many digits:
- Q112 = 0x10000000000000000000000000000 (#4848)
FixedPoint.slitherConstructorConstantVariables() (#4834-5012) uses literals with too many digits:
- Q224 = 0x100000000000000000000000000000000000000000000000000000000 (#4849-4850)
TigerHunt.slitherConstructorVariables() (#5248-5620) uses literals with too many digits:
- oxBonusThreshold = (10000000000000000000000000,100000000000000000000000000,1000000000000000000000000000,10000000000000000000000000000,100000000000000000000000000000) (#5291-5297)
TigerHunt.slitherConstructorVariables() (#5248-5620) uses literals with too many digits:
- huntRefreshFee = 100000000000000000000000 (#5301)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
CZodiacToken.totalLiquidityProviderRewards (#3275) should be constant
TigerHunt.guardTigzMultiplier (#5289) should be constant
TigerHunt.huntBlocks (#5300) should be constant
TigerHunt.huntPct (#5299) should be constant
TigerHunt.huntRefreshFee (#5301) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#121-124)
name() should be declared external:
- ERC20.name() (#312-314)
symbol() should be declared external:
- ERC20.symbol() (#320-322)
decimals() should be declared external:
- ERC20.decimals() (#337-339)
totalSupply() should be declared external:
- CZodiacToken.totalSupply() (#3360-3362)
- ERC20.totalSupply() (#344-346)
balanceOf(address) should be declared external:
- CZodiacToken.balanceOf(address) (#3364-3367)
- ERC20.balanceOf(address) (#351-359)
transfer(address,uint256) should be declared external:
- CZodiacToken.transfer(address,uint256) (#3369-3376)
- ERC20.transfer(address,uint256) (#369-377)
approve(address,uint256) should be declared external:
- CZodiacToken.approve(address,uint256) (#3387-3394)
- ERC20.approve(address,uint256) (#399-407)
transferFrom(address,address,uint256) should be declared external:
- CZodiacToken.transferFrom(address,address,uint256) (#3396-3412)
- ERC20.transferFrom(address,address,uint256) (#422-437)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#451-462)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#478-491)
burn(uint256) should be declared external:
- CZFarm.burn(uint256) (#2193-2195)
- ERC20Burnable.burn(uint256) (#632-634)
burnFrom(address,uint256) should be declared external:
- CZFarm.burnFrom(address,uint256) (#2181-2191)
- ERC20Burnable.burnFrom(address,uint256) (#647-655)
- TigerHuntPoints.burnFrom(address,uint256) (#5657-5667)
getRoleMember(bytes32,uint256) should be declared external:
- AccessControlEnumerable.getRoleMember(bytes32,uint256) (#1599-1606)
getRoleMemberCount(bytes32) should be declared external:
- AccessControlEnumerable.getRoleMemberCount(bytes32) (#1612-1619)
mint(address,uint256) should be declared external:
- ERC20PresetMinterPauser.mint(address,uint256) (#1711-1717)
pause() should be declared external:
- ERC20PresetMinterPauser.pause() (#1728-1734)
unpause() should be declared external:
- ERC20PresetMinterPauser.unpause() (#1745-1751)
add(uint256,IERC20,bool) should be declared external:
- CZFarmMaster.add(uint256,IERC20,bool) (#2525-2545)
set(uint256,uint256,bool) should be declared external:
- CZFarmMaster.set(uint256,uint256,bool) (#2547-2559)
deposit(uint256,uint256,bool) should be declared external:
- CZFarmMaster.deposit(uint256,uint256,bool) (#2618-2656)
withdraw(uint256,uint256,bool) should be declared external:
- CZFarmMaster.withdraw(uint256,uint256,bool) (#2658-2688)
emergencyWithdraw(uint256) should be declared external:
- CZFarmMaster.emergencyWithdraw(uint256) (#2690-2701)
claim(uint256) should be declared external:
- CZFarmMaster.claim(uint256) (#2703-2717)
setCzfPerBlock(uint256) should be declared external:
- CZFarmMaster.setCzfPerBlock(uint256) (#2728-2731)
czfarmSetStartAndDuration(uint256,uint256) should be declared external:
- CZFarmPool.czfarmSetStartAndDuration(uint256,uint256) (#3131-3137)
increaseAllowance(address,uint256) should be declared external:
- CZodiacToken.increaseAllowance(address,uint256) (#3414-3425)
decreaseAllowance(address,uint256) should be declared external:
- CZodiacToken.decreaseAllowance(address,uint256) (#3427-3441)
isExcludedFromReward(address) should be declared external:
- CZodiacToken.isExcludedFromReward(address) (#3443-3445)
deliver(uint256) should be declared external:
- CZodiacToken.deliver(uint256) (#3447-3457)
reflectionFromToken(uint256,bool) should be declared external:
- CZodiacToken.reflectionFromToken(uint256,bool) (#3459-3471)
isExcludedFromFee(address) should be declared external:
- CZodiacToken.isExcludedFromFee(address) (#3803-3805)
totalBusdWithdrawsRequested() should be declared external:
- CZUsd.totalBusdWithdrawsRequested() (#3939-3944)
deposit(uint256) should be declared external:
- CZUsdBorrow.deposit(uint256) (#4186-4188)
depositCZFarm(uint256) should be declared external:
- CZUsdBorrow.depositCZFarm(uint256) (#4190-4192)
borrow(uint256) should be declared external:
- CZUsdBorrow.borrow(uint256) (#4194-4205)
repay(uint256) should be declared external:
- CZUsdBorrow.repay(uint256) (#4207-4209)
withdraw(uint256) should be declared external:
- CZUsdBorrow.withdraw(uint256) (#4211-4225)
withdrawCZFarm(uint256) should be declared external:
- CZUsdBorrow.withdrawCZFarm(uint256) (#4227-4241)
setCzFarmMultiplier(uint256) should be declared external:
- CZUsdBorrow.setCzFarmMultiplier(uint256) (#4337-4339)
setLiquidationDelay(uint256) should be declared external:
- CZUsdBorrow.setLiquidationDelay(uint256) (#4341-4343)
setGlobalBorrowLimit(uint256) should be declared external:
- CZUsdBorrow.setGlobalBorrowLimit(uint256) (#4345-4347)
Use the external attribute for functions never called from the contract.
Additional information: link
CZFarmMaster.updatePool(uint256) (#2596-2616) has external calls inside a loop: lpSupply = pool.lpToken.balanceOf(address(this)) (#2601)
CZFarmMaster.updatePool(uint256) (#2596-2616) has external calls inside a loop: czf.mint(address(this),czfReward) (#2611)
CZodiacToken._swap(address) (#3755-3777) has external calls inside a loop: amountToBurn = prevCzodiac.balanceOf(swapper) (#3768)
CZodiacToken._swap(address) (#3755-3777) has external calls inside a loop: prevCzodiac.transferFrom(swapper,address(this),amountToBurn) (#3774)
CZUsd._fillRequest(uint256,address) (#3946-3955) has external calls inside a loop: require(bool,string)(busd.transferFrom(_by,withdraws.requester,withdraws.request),CZUsd: busd transfer failed) (#3950-3953)
CZUsdBorrow.czFarmUsdWad(address) (#4145-4152) has external calls inside a loop: Math.min(czfarmCzusdOracle.consultPair(address(czfarm),czfarmWad),czfarmCzusdOracle.consultTwap(address(czfarm),czfarmWad)) (#4147-4151)
PriceConsumer.getPrice() (#4029-4040) has external calls inside a loop: (price) = priceFeed.latestRoundData() (#4030-4037)
PriceConsumer.getDecimals() (#4045-4047) has external calls inside a loop: priceFeed.decimals() (#4046)
Address.functionCallWithValue(address,bytes,uint256,string) (#1900-1917) has external calls inside a loop: (success,returndata) = target.call{value: value}(data) (#1913-1915)
Favor pull over push strategy for external calls.
Additional information: link
Unable to find token contract audit
Unable to find audit link on the website
Unable to find whitepaper link on the website
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinMarketCap rank
Last post in Twitter was more than 30 days ago
Unable to find Youtube account