Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
doggens.addLiquidity(uint256,uint256) (#719-732) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in doggens._transfer(address,address,uint256) (#631-671):
External calls:
- swapAndLiquify(contractTokenBalance) (#655)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#655)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#658)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#666)
- finalAmount = takeFee(sender,recipient,amount) (#660-661)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#739)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Reentrancy in doggens._transfer(address,address,uint256) (#631-671):
External calls:
- swapAndLiquify(contractTokenBalance) (#655)
- recipient.transfer(amount) (#598)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#655)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#658)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#666)
- finalAmount = takeFee(sender,recipient,amount) (#660-661)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#739)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#740)
- finalAmount = takeFee(sender,recipient,amount) (#660-661)
- Transfer(sender,recipient,finalAmount) (#668)
Reentrancy in doggens.swapAndLiquify(uint256) (#680-697):
External calls:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#694)
- recipient.transfer(amount) (#598)
- transferToAddressETH(buyBackWalletAddress,amountBNBBuyBack) (#695)
- recipient.transfer(amount) (#598)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#694)
- recipient.transfer(amount) (#598)
- transferToAddressETH(buyBackWalletAddress,amountBNBBuyBack) (#695)
- recipient.transfer(amount) (#598)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- _allowances[owner][spender] = amount (#534)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#535)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
Reentrancy in doggens.transferFrom(address,address,uint256) (#625-629):
External calls:
- _transfer(sender,recipient,amount) (#626)
- recipient.transfer(amount) (#598)
External calls sending eth:
- _transfer(sender,recipient,amount) (#626)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#627)
- _allowances[owner][spender] = amount (#534)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#535)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#627)
Apply the check-effects-interactions pattern.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#270) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#271)
Prevent variables from having similar names.
Additional information: link
doggens.constructor() (#461-485) uses literals with too many digits:
- isWalletLimitExempt[0x000000000000000000000000000000000000dEaD] = true (#481)
doggens.slitherConstructorVariables() (#398-746) uses literals with too many digits:
- deadAddress = 0x000000000000000000000000000000000000dEaD (#409)
doggens.slitherConstructorVariables() (#398-746) uses literals with too many digits:
- _totalSupply = 1000000000000000 * 10 ** 9 (#425)
doggens.slitherConstructorVariables() (#398-746) uses literals with too many digits:
- _maxTxAmount = 20000000000000 * 10 ** 9 (#426)
doggens.slitherConstructorVariables() (#398-746) uses literals with too many digits:
- _walletMax = 40000000000000 * 10 ** 9 (#427)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
doggens._decimals (#405) should be constant
doggens._name (#403) should be constant
doggens._symbol (#404) should be constant
doggens._totalSupply (#425) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
Redundant expression "this (#14)" inContext (#7-17)
Remove redundant statements if they congest code but offer no value.
Additional information: link
doggens.swapAndLiquify(uint256) (#680-697) performs a multiplication on the result of a division:
-tokensForLP = tAmount.div(_totalTaxIfBuying).mul(_liquidityFee).div(2) (#682)
Consider ordering multiplication before division.
Additional information: link
doggens.addLiquidity(uint256,uint256) (#719-732) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
Ensure that all the return values of the function calls are used.
Additional information: link
doggens.allowance(address,address).owner (#507) shadows:
- Ownable.owner() (#155-157) (function)
doggens._approve(address,address,uint256).owner (#530) shadows:
- Ownable.owner() (#155-157) (function)
Rename the local variables that shadow another component.
Additional information: link
doggens.setTaxes(uint256,uint256,uint256,uint256) (#546-554) should emit an event for:
- _liquidityFee = newLiquidityTax (#547)
- _buyBackFee = newBuyBackTax (#549)
- _totalTaxIfBuying = _liquidityFee.add(_marketingFee).add(_buyBackFee) (#552)
- _totalTaxIfSelling = _totalTaxIfBuying.add(_extraFeeOnSell) (#553)
doggens.setMaxTxAmount(uint256) (#556-558) should emit an event for:
- _maxTxAmount = maxTxAmount (#557)
doggens.setWalletLimit(uint256) (#568-570) should emit an event for:
- _walletMax = newLimit (#569)
doggens.setNumTokensBeforeSwap(uint256) (#572-574) should emit an event for:
- minimumTokensBeforeSwap = newLimit (#573)
Emit an event for critical parameter changes.
Additional information: link
doggens.setMarketingWalletAddress(address).newAddress (#576) lacks a zero-check on :
- marketingWalletAddress = address(newAddress) (#577)
doggens.setbuyBackWalletAddress(address).newAddress (#580) lacks a zero-check on :
- buyBackWalletAddress = address(newAddress) (#581)
Check that the address is not zero.
Additional information: link
Reentrancy in doggens.changeRouterVersion(address) (#601-615):
External calls:
- newPairAddress = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#609-610)
State variables written after the call(s):
- uniswapV2Pair = newPairAddress (#613)
- uniswapV2Router = _uniswapV2Router (#614)
Reentrancy in doggens.constructor() (#461-485):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#465-466)
State variables written after the call(s):
- _allowances[address(this)][address(uniswapV2Router)] = _totalSupply (#469)
- _balances[_msgSender()] = _totalSupply (#483)
- _totalTaxIfBuying = _liquidityFee.add(_marketingFee).add(_buyBackFee) (#474)
- _totalTaxIfSelling = _totalTaxIfBuying.add(_extraFeeOnSell) (#475)
- isExcludedFromFee[owner()] = true (#471)
- isExcludedFromFee[address(this)] = true (#472)
- isWalletLimitExempt[owner()] = true (#477)
- isWalletLimitExempt[address(uniswapV2Pair)] = true (#478)
- isWalletLimitExempt[address(this)] = true (#480)
- isWalletLimitExempt[0x000000000000000000000000000000000000dEaD] = true (#481)
- uniswapV2Router = _uniswapV2Router (#468)
Reentrancy in doggens.swapAndLiquify(uint256) (#680-697):
External calls:
- swapTokensForEth(tokensForSwap) (#685)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#694)
- recipient.transfer(amount) (#598)
- transferToAddressETH(buyBackWalletAddress,amountBNBBuyBack) (#695)
- recipient.transfer(amount) (#598)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- _allowances[owner][spender] = amount (#534)
Reentrancy in doggens.transferFrom(address,address,uint256) (#625-629):
External calls:
- _transfer(sender,recipient,amount) (#626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
External calls sending eth:
- _transfer(sender,recipient,amount) (#626)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#627)
- _allowances[owner][spender] = amount (#534)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in doggens._transfer(address,address,uint256) (#631-671):
External calls:
- swapAndLiquify(contractTokenBalance) (#655)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#655)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#740)
- finalAmount = takeFee(sender,recipient,amount) (#660-661)
- Transfer(sender,recipient,finalAmount) (#668)
Reentrancy in doggens.constructor() (#461-485):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#465-466)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_totalSupply) (#484)
Reentrancy in doggens.swapAndLiquify(uint256) (#680-697):
External calls:
- swapTokensForEth(tokensForSwap) (#685)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#694)
- recipient.transfer(amount) (#598)
- transferToAddressETH(buyBackWalletAddress,amountBNBBuyBack) (#695)
- recipient.transfer(amount) (#598)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#535)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#696)
Reentrancy in doggens.swapTokensForEth(uint256) (#699-717):
External calls:
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
Event emitted after the call(s):
- SwapTokensForETH(tokenAmount,path) (#716)
Reentrancy in doggens.transferFrom(address,address,uint256) (#625-629):
External calls:
- _transfer(sender,recipient,amount) (#626)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#708-714)
External calls sending eth:
- _transfer(sender,recipient,amount) (#626)
- recipient.transfer(amount) (#598)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#724-731)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#535)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#627)
Apply the check-effects-interactions pattern.
Additional information: link
Ownable.unlock() (#190-195) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp > _lockTime,Contract is locked until 7 days) (#192)
Avoid relying on block.timestamp.
Additional information: link
Address.isContract(address) (#86-95) uses assembly
- INLINE ASM (#93)
Address._functionCallWithValue(address,bytes,uint256,string) (#122-139) uses assembly
- INLINE ASM (#131-134)
Do not use evm assembly.
Additional information: link
Address._functionCallWithValue(address,bytes,uint256,string) (#122-139) is never used and should be removed
Address.functionCall(address,bytes) (#105-107) is never used and should be removed
Address.functionCall(address,bytes,string) (#109-111) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#113-115) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#117-120) is never used and should be removed
Address.isContract(address) (#86-95) is never used and should be removed
Address.sendValue(address,uint256) (#97-103) is never used and should be removed
Context._msgData() (#13-16) is never used and should be removed
SafeMath.mod(uint256,uint256) (#74-76) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#78-81) is never used and should be removed
Remove unused functions.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#97-103):
- (success) = recipient.call{value: amount}() (#101)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#122-139):
- (success,returndata) = target.call{value: weiValue}(data) (#125)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#229) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#230) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#246) is not in mixedCase
Function IUniswapV2Router01.WETH() (#265) is not in mixedCase
Contract doggens (#398-746) is not in CapWords
Parameter doggens.setSwapAndLiquifyEnabled(bool)._enabled (#584) is not in mixedCase
Variable doggens._balances (#411) is not in mixedCase
Variable doggens._liquidityFee (#418) is not in mixedCase
Variable doggens._marketingFee (#419) is not in mixedCase
Variable doggens._buyBackFee (#420) is not in mixedCase
Variable doggens._extraFeeOnSell (#421) is not in mixedCase
Variable doggens._totalTaxIfBuying (#422) is not in mixedCase
Variable doggens._totalTaxIfSelling (#423) is not in mixedCase
Variable doggens._maxTxAmount (#426) is not in mixedCase
Variable doggens._walletMax (#427) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#164-167)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#169-173)
getUnlockTime() should be declared external:
- Ownable.getUnlockTime() (#175-177)
getTime() should be declared external:
- Ownable.getTime() (#179-181)
lock(uint256) should be declared external:
- Ownable.lock(uint256) (#183-188)
unlock() should be declared external:
- Ownable.unlock() (#190-195)
name() should be declared external:
- doggens.name() (#487-489)
symbol() should be declared external:
- doggens.symbol() (#491-493)
decimals() should be declared external:
- doggens.decimals() (#495-497)
totalSupply() should be declared external:
- doggens.totalSupply() (#499-501)
allowance(address,address) should be declared external:
- doggens.allowance(address,address) (#507-509)
increaseAllowance(address,uint256) should be declared external:
- doggens.increaseAllowance(address,uint256) (#511-514)
decreaseAllowance(address,uint256) should be declared external:
- doggens.decreaseAllowance(address,uint256) (#516-519)
minimumTokensBeforeSwapAmount() should be declared external:
- doggens.minimumTokensBeforeSwapAmount() (#521-523)
approve(address,uint256) should be declared external:
- doggens.approve(address,uint256) (#525-528)
blacklistAddress(address,bool) should be declared external:
- doggens.blacklistAddress(address,bool) (#538-540)
setIsExcludedFromFee(address,bool) should be declared external:
- doggens.setIsExcludedFromFee(address,bool) (#542-544)
setSwapAndLiquifyEnabled(bool) should be declared external:
- doggens.setSwapAndLiquifyEnabled(bool) (#584-587)
setSwapAndLiquifyByLimitOnly(bool) should be declared external:
- doggens.setSwapAndLiquifyByLimitOnly(bool) (#589-591)
getCirculatingSupply() should be declared external:
- doggens.getCirculatingSupply() (#593-595)
changeRouterVersion(address) should be declared external:
- doggens.changeRouterVersion(address) (#601-615)
transfer(address,uint256) should be declared external:
- doggens.transfer(address,uint256) (#620-623)
transferFrom(address,address,uint256) should be declared external:
- doggens.transferFrom(address,address,uint256) (#625-629)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts