DEXMINER is a decentralized financial asset that rewards users with a sustainable fixed interest model through the use of its unique Rebase protocol.
An impressive protocol with rewards in BUSD & Fixed APY 596,247.10%✅ Multi Chain ✅
Auto staking & Auto Compounding✅ KYC and Audit✅ Collection NFT's✅
Dapp Web3 Ready✅
DexMiner._name (#545) shadows:
- ERC20Detailed._name (#512)
DexMiner._symbol (#546) shadows:
- ERC20Detailed._symbol (#513)
DexMiner._decimals (#547) shadows:
- ERC20Detailed._decimals (#514)
Remove the state variable shadowing.
Additional information: link
DexMiner.swapBack() (#822-860) sends eth to arbitrary user
Dangerous calls:
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in DexMiner._transferFrom(address,address,uint256) (#709-746):
External calls:
- rebase() (#720)
- pairContract.sync() (#669)
- addLiquidity() (#724)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#799-805)
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
- swapBack() (#728)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#836-842)
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
External calls sending eth:
- addLiquidity() (#724)
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
- swapBack() (#728)
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
State variables written after the call(s):
- _gonBalances[sender] = _gonBalances[sender].sub(gonAmount) (#732)
- _gonBalances[recipient] = _gonBalances[recipient].add(gonAmountReceived) (#736-738)
- gonAmountReceived = takeFee(sender,recipient,gonAmount) (#733-735)
- _gonBalances[RewardsfirePit] = _gonBalances[RewardsfirePit].add(gonAmount.div(feeDenominator).mul(RewardsfirePitFee)) (#763-765)
- _gonBalances[address(this)] = _gonBalances[address(this)].add(gonAmount.div(feeDenominator).mul(_treasuryFee.add(ReferralInsuranceFundFee))) (#766-770)
- _gonBalances[autoLiquidityReceiver] = _gonBalances[autoLiquidityReceiver].add(gonAmount.div(feeDenominator).mul(liquidityFee)) (#771-773)
- swapBack() (#728)
- inSwap = true (#587)
- inSwap = false (#589)
Apply the check-effects-interactions pattern.
Additional information: link
Too many vulnerabilities (Unchecked transfer, Reentrancy vulnerability, etc.). High risk of a scam. DYOR & manual audit are advised.
Unable to verify that contract auditor is trusted: Certik, Quantstamp, Hacken, Solidity, Paladinsec, Openzeppelin, Verichains
Contract ownership is not renounced (belongs to a wallet)
DexMiner.swapBack().success (#848) is written in both
(success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
(success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
Fix or remove the writes.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Contract ticker ($DXM) contains non-alphanumeric characters.
Not a direct threat, but may indicate unreliable intentions of developer. Non-alphanumeric chars (,.;!#*&") are extremely rare among low risk tokens.
DexMiner.rebase() (#642-672) performs a multiplication on the result of a division:
-times = deltaTime.div(900) (#647)
-epoch = times.mul(15) (#648)
DexMiner.rebase() (#642-672) performs a multiplication on the result of a division:
-times = deltaTime.div(900) (#647)
-_lastRebasedTime = _lastRebasedTime.add(times.mul(900)) (#667)
DexMiner.takeFee(address,address,uint256) (#748-777) performs a multiplication on the result of a division:
-feeAmount = gonAmount.div(feeDenominator).mul(_totalFee) (#761)
DexMiner.takeFee(address,address,uint256) (#748-777) performs a multiplication on the result of a division:
-_gonBalances[RewardsfirePit] = _gonBalances[RewardsfirePit].add(gonAmount.div(feeDenominator).mul(RewardsfirePitFee)) (#763-765)
DexMiner.takeFee(address,address,uint256) (#748-777) performs a multiplication on the result of a division:
-_gonBalances[address(this)] = _gonBalances[address(this)].add(gonAmount.div(feeDenominator).mul(_treasuryFee.add(ReferralInsuranceFundFee))) (#766-770)
DexMiner.takeFee(address,address,uint256) (#748-777) performs a multiplication on the result of a division:
-_gonBalances[autoLiquidityReceiver] = _gonBalances[autoLiquidityReceiver].add(gonAmount.div(feeDenominator).mul(liquidityFee)) (#771-773)
DexMiner.getLiquidityBacking(uint256) (#1014-1022) performs a multiplication on the result of a division:
-liquidityBalance = _gonBalances[pair].div(_gonsPerFragment) (#1019)
-accuracy.mul(liquidityBalance.mul(2)).div(getCirculatingSupply()) (#1020-1021)
Consider ordering multiplication before division.
Additional information: link
DexMiner.rebase().rebaseRate (#644) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
DexMiner.addLiquidity() (#779-820) ignores return value by router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
Ensure that all the return values of the function calls are used.
Additional information: link
DexMiner.setFeeReceivers(address,address,address,address)._autoLiquidityReceiver (#1003) lacks a zero-check on :
- autoLiquidityReceiver = _autoLiquidityReceiver (#1008)
DexMiner.setFeeReceivers(address,address,address,address)._treasuryReceiver (#1004) lacks a zero-check on :
- treasuryReceiver = _treasuryReceiver (#1009)
DexMiner.setFeeReceivers(address,address,address,address)._freedomInsuranceFundReceiver (#1005) lacks a zero-check on :
- ReferralInsuranceFundReceiver = _freedomInsuranceFundReceiver (#1010)
DexMiner.setFeeReceivers(address,address,address,address)._firePit (#1006) lacks a zero-check on :
- RewardsfirePit = _firePit (#1011)
DexMiner.setPairAddress(address)._pairAddress (#1039) lacks a zero-check on :
- pairAddress = _pairAddress (#1040)
Check that the address is not zero.
Additional information: link
Reentrancy in DexMiner.addLiquidity() (#779-820):
External calls:
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#799-805)
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
External calls sending eth:
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
State variables written after the call(s):
- _lastAddLiquidityTime = block.timestamp (#819)
Reentrancy in DexMiner.constructor() (#609-640):
External calls:
- pair = IPancakeSwapFactory(router.factory()).createPair(router.WETH(),address(this)) (#614-617)
State variables written after the call(s):
- ReferralInsuranceFundReceiver = 0x726CFBD4c3c898797e5945b2D70F517f42697355 (#621)
- RewardsfirePit = 0x0A2323955fB732d8637cF4a093cf3445dC57aBa1 (#622)
- _allowedFragments[address(this)][address(router)] = uint256(- 1) (#624)
- _autoAddLiquidity = true (#634)
- _autoRebase = true (#633)
- _gonBalances[treasuryReceiver] = TOTAL_GONS (#629)
- _gonsPerFragment = TOTAL_GONS.div(_totalSupply) (#630)
- _initRebaseStartTime = block.timestamp (#631)
- _isFeeExempt[treasuryReceiver] = true (#635)
- _isFeeExempt[address(this)] = true (#636)
- _lastRebasedTime = block.timestamp (#632)
- _transferOwnership(treasuryReceiver) (#638)
- _owner = newOwner (#507)
- _totalSupply = INITIAL_FRAGMENTS_SUPPLY (#628)
- autoLiquidityReceiver = 0x1351d3F4D8795cb8B3a2F0DE7Cc435d80466219D (#619)
- pairAddress = pair (#625)
- pairContract = IPancakeSwapPair(pair) (#626)
- treasuryReceiver = 0x10b67A030031819f03491Ca0196b5e1B2BDbD0e1 (#620)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in DexMiner._transferFrom(address,address,uint256) (#709-746):
External calls:
- rebase() (#720)
- pairContract.sync() (#669)
- addLiquidity() (#724)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#799-805)
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
- swapBack() (#728)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#836-842)
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
External calls sending eth:
- addLiquidity() (#724)
- router.addLiquidityETH{value: amountETHLiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#810-817)
- swapBack() (#728)
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount.div(_gonsPerFragment)) (#775)
- gonAmountReceived = takeFee(sender,recipient,gonAmount) (#733-735)
- Transfer(sender,recipient,gonAmountReceived.div(_gonsPerFragment)) (#740-744)
Reentrancy in DexMiner.constructor() (#609-640):
External calls:
- pair = IPancakeSwapFactory(router.factory()).createPair(router.WETH(),address(this)) (#614-617)
Event emitted after the call(s):
- OwnershipTransferred(_owner,newOwner) (#506)
- _transferOwnership(treasuryReceiver) (#638)
- Transfer(address(0x0),treasuryReceiver,_totalSupply) (#639)
Reentrancy in DexMiner.rebase() (#642-672):
External calls:
- pairContract.sync() (#669)
Event emitted after the call(s):
- LogRebase(epoch,_totalSupply) (#671)
Apply the check-effects-interactions pattern.
Additional information: link
DexMiner.rebase() (#642-672) uses timestamp for comparisons
Dangerous comparisons:
- deltaTimeFromInit < (31536000) (#650)
- deltaTimeFromInit >= (31536000) (#652)
- deltaTimeFromInit >= ((15 * 31536000) / 10) (#654)
- deltaTimeFromInit >= (7 * 31536000) (#656)
- i < times (#660)
DexMiner.shouldRebase() (#890-897) uses timestamp for comparisons
Dangerous comparisons:
- _autoRebase && (_totalSupply < MAX_SUPPLY) && msg.sender != pair && ! inSwap && block.timestamp >= (_lastRebasedTime + 900) (#891-896)
DexMiner.shouldAddLiquidity() (#899-905) uses timestamp for comparisons
Dangerous comparisons:
- _autoAddLiquidity && ! inSwap && msg.sender != pair && block.timestamp >= (_lastAddLiquidityTime + 172800) (#900-904)
Avoid relying on block.timestamp.
Additional information: link
DexMiner.isContract(address) (#1055-1061) uses assembly
- INLINE ASM (#1057-1059)
Do not use evm assembly.
Additional information: link
SafeMath.mod(uint256,uint256) (#90-93) is never used and should be removed
SafeMathInt.abs(int256) (#35-38) is never used and should be removed
SafeMathInt.add(int256,int256) (#29-33) is never used and should be removed
SafeMathInt.div(int256,int256) (#17-21) is never used and should be removed
SafeMathInt.mul(int256,int256) (#9-15) is never used and should be removed
SafeMathInt.sub(int256,int256) (#23-27) is never used and should be removed
Remove unused functions.
Additional information: link
DexMiner.totalFee (#568-571) is set pre-construction with a non-constant function or state variable:
- liquidityFee.add(treasuryFee).add(ReferralInsuranceFundFee).add(RewardsfirePitFee)
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Pragma version^0.7.4 (#3) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in DexMiner.swapBack() (#822-860):
- (success) = address(treasuryReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(treasuryFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#848-853)
- (success,None) = address(ReferralInsuranceFundReceiver).call{gas: 30000,value: amountETHToTreasuryAndSIF.mul(ReferralInsuranceFundFee).div(treasuryFee.add(ReferralInsuranceFundFee))}() (#854-859)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IPancakeSwapPair.DOMAIN_SEPARATOR() (#158) is not in mixedCase
Function IPancakeSwapPair.PERMIT_TYPEHASH() (#160) is not in mixedCase
Function IPancakeSwapPair.MINIMUM_LIQUIDITY() (#191) is not in mixedCase
Function IPancakeSwapRouter.WETH() (#237) is not in mixedCase
Parameter DexMiner.setAutoRebase(bool)._flag (#911) is not in mixedCase
Parameter DexMiner.setAutoAddLiquidity(bool)._flag (#920) is not in mixedCase
Parameter DexMiner.checkFeeExempt(address)._addr (#983) is not in mixedCase
Parameter DexMiner.setFeeReceivers(address,address,address,address)._autoLiquidityReceiver (#1003) is not in mixedCase
Parameter DexMiner.setFeeReceivers(address,address,address,address)._treasuryReceiver (#1004) is not in mixedCase
Parameter DexMiner.setFeeReceivers(address,address,address,address)._freedomInsuranceFundReceiver (#1005) is not in mixedCase
Parameter DexMiner.setFeeReceivers(address,address,address,address)._firePit (#1006) is not in mixedCase
Parameter DexMiner.setWhitelist(address)._addr (#1024) is not in mixedCase
Parameter DexMiner.setBotBlacklist(address,bool)._botAddress (#1028) is not in mixedCase
Parameter DexMiner.setBotBlacklist(address,bool)._flag (#1028) is not in mixedCase
Parameter DexMiner.setPairAddress(address)._pairAddress (#1039) is not in mixedCase
Parameter DexMiner.setLP(address)._address (#1043) is not in mixedCase
Variable DexMiner._name (#545) is not in mixedCase
Variable DexMiner._symbol (#546) is not in mixedCase
Variable DexMiner._decimals (#547) is not in mixedCase
Variable DexMiner._isFeeExempt (#550) is not in mixedCase
Variable DexMiner.ReferralInsuranceFundFee (#565) is not in mixedCase
Variable DexMiner.RewardsfirePitFee (#567) is not in mixedCase
Variable DexMiner.DEAD (#574) is not in mixedCase
Variable DexMiner.ZERO (#575) is not in mixedCase
Variable DexMiner.ReferralInsuranceFundReceiver (#579) is not in mixedCase
Variable DexMiner.RewardsfirePit (#580) is not in mixedCase
Variable DexMiner._autoRebase (#597) is not in mixedCase
Variable DexMiner._autoAddLiquidity (#598) is not in mixedCase
Variable DexMiner._initRebaseStartTime (#599) is not in mixedCase
Variable DexMiner._lastRebasedTime (#600) is not in mixedCase
Variable DexMiner._lastAddLiquidityTime (#601) is not in mixedCase
Variable DexMiner._totalSupply (#602) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IPancakeSwapRouter.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#242) is too similar to IPancakeSwapRouter.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#243)
Prevent variables from having similar names.
Additional information: link
DexMiner.slitherConstructorVariables() (#539-1065) uses literals with too many digits:
- DEAD = 0x000000000000000000000000000000000000dEaD (#574)
DexMiner.slitherConstructorVariables() (#539-1065) uses literals with too many digits:
- ZERO = 0x0000000000000000000000000000000000000000 (#575)
DexMiner.slitherConstructorConstantVariables() (#539-1065) uses literals with too many digits:
- INITIAL_FRAGMENTS_SUPPLY = 1000000000 * 10 ** DECIMALS (#561)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (#7) is never used in SafeMathInt (#5-39)
Remove unused state variables.
Additional information: link
DexMiner.DEAD (#574) should be constant
DexMiner.ReferralInsuranceFundFee (#565) should be constant
DexMiner.RewardsfirePitFee (#567) should be constant
DexMiner.ZERO (#575) should be constant
DexMiner._decimals (#547) should be constant
DexMiner._name (#545) should be constant
DexMiner._symbol (#546) should be constant
DexMiner.feeDenominator (#572) should be constant
DexMiner.liquidityFee (#563) should be constant
DexMiner.sellFee (#566) should be constant
DexMiner.swapEnabled (#582) should be constant
DexMiner.treasuryFee (#564) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
owner() should be declared external:
- Ownable.owner() (#482-484)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#495-498)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#500-502)
name() should be declared external:
- ERC20Detailed.name() (#526-528)
symbol() should be declared external:
- ERC20Detailed.symbol() (#530-532)
decimals() should be declared external:
- ERC20Detailed.decimals() (#534-536)
getLiquidityBacking(uint256) should be declared external:
- DexMiner.getLiquidityBacking(uint256) (#1014-1022)
setPairAddress(address) should be declared external:
- DexMiner.setPairAddress(address) (#1039-1041)
Use the external attribute for functions never called from the contract.
Additional information: link
BscScan page for the token does not contain additional info: website, socials, description, etc.
Additional information: link
Unable to find audit link on the website
Unable to find whitepaper link on the website
Unable to find token on CoinGecko
Additional information: link
Unable to find token on CoinMarketCap
Additional information: link
Token is not listed at Mobula.Finance
Additional information: link
Unable to find token on CoinHunt
Additional information: link
Unable to find code repository for the project
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank