Flag Network Token Logo

FLAG [Flag Network] Token

About FLAG

Listings

Token 5 months
CoinGecko 4 months
CoinMarketCap 4 months
white paper

#FLAG - a decentralized blockchain network of the world-scale for #NFT #Gamfi #Metaverse #Web3 applications.

Social

Laser Scorebeta Last Audit: 9 May 2022

report
Code:

Third Party Audit: untrusted audit


Contract creator is blacklisted for the past scams


Contract ownership is not renounced (belongs to a wallet)


Unable to verify that contract auditor is trusted: Certik, Quantstamp, Hacken, Solidity, Paladinsec, Openzeppelin, Verichains

Token._rLockBalanceOf(address).total (#272) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.

Additional information: link

Token.setMaster(address) (#419-421) should emit an event for:
- master = _master (#420)
Emit an event for critical parameter changes.

Additional information: link

Auth.transferOwnership(address).adr (#170) lacks a zero-check on :
- owner = adr (#171)
Token.setMaster(address)._master (#419) lacks a zero-check on :
- master = _master (#420)
Check that the address is not zero.

Additional information: link

Reentrancy in Token.constructor() (#348-359):
External calls:
- pair = IDEXFactory(router.factory()).createPair(WBNB,address(this)) (#350)
State variables written after the call(s):
- _allowances[address(this)][address(router)] = ~ uint256(0) (#351)
- _rBalance[msg.sender] = rSupply (#357)
- _totalSupply = INITIAL_FRAGMENTS_SUPPLY (#354)
- pairContract = InterfaceLP(pair) (#353)
- rate = rSupply.div(_totalSupply) (#355)
Apply the check-effects-interactions pattern.

Additional information: link

Pragma version^0.8.2 (#6) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.

Additional information: link

Token.isContract(address) (#429-433) uses assembly
- INLINE ASM (#431)
Do not use evm assembly.

Additional information: link

SafeMathInt.MAX_INT256 (#86) is never used in SafeMathInt (#84-118)
Remove unused state variables.

Additional information: link

Token.DEAD (#240) should be constant
Token.WBNB (#239) should be constant
Token.ZERO (#241) should be constant
Add the constant attributes to state variables that never change.

Additional information: link

authorize(address) should be declared external:
- Auth.authorize(address) (#154-156)
unauthorize(address) should be declared external:
- Auth.unauthorize(address) (#158-160)
transferOwnership(address) should be declared external:
- Auth.transferOwnership(address) (#170-174)
lockBalanceOf(address) should be declared external:
- Token.lockBalanceOf(address) (#282-284)
viewBatches(address) should be declared external:
- Token.viewBatches(address) (#285-294)
rebase_percentage(uint256,bool) should be declared external:
- Token.rebase_percentage(uint256,bool) (#315-321)
balanceOf(address) should be declared external:
- Token.balanceOf(address) (#368-370)
getCirculatingSupply() should be declared external:
- Token.getCirculatingSupply() (#413-415)
rescueToken(address,uint256) should be declared external:
- Token.rescueToken(address,uint256) (#426-428)
Use the external attribute for functions never called from the contract.

Additional information: link

Variable IDEXRouter.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#194) is too similar to IDEXRouter.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#195)
Prevent variables from having similar names.

Additional information: link

Token.rebase_percentage(uint256,bool) (#315-321) performs a multiplication on the result of a division:
-newSupply = rebase(0,int256(_totalSupply.div(1000).mul(_percentage_base1000))) (#319)
Token.rebase_percentage(uint256,bool) (#315-321) performs a multiplication on the result of a division:
-newSupply = rebase(0,int256(_totalSupply.div(1000).mul(_percentage_base1000)).mul(- 1)) (#317)
Consider ordering multiplication before division.

Additional information: link

Token.setLockContract(address,uint256) (#257-264) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(_timestamp > block.timestamp,Invalid timestamp) (#261)
Token.changeUnlockTimestamp(address,uint256) (#265-270) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < lockTimestamps[_contractAddress],Can not change now) (#267)
- require(bool,string)(_timestamp > block.timestamp,Invalid timestamp) (#268)
Token._rLockBalanceOf(address) (#271-281) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp <= _timestamp (#276)
Avoid relying on block.timestamp.

Additional information: link

SafeMathInt.abs(int256) (#114-117) is never used and should be removed
SafeMathInt.add(int256,int256) (#108-112) is never used and should be removed
SafeMathInt.div(int256,int256) (#96-100) is never used and should be removed
SafeMathInt.sub(int256,int256) (#102-106) is never used and should be removed
Remove unused functions.

Additional information: link

Function IDEXRouter.WETH() (#189) is not in mixedCase
Parameter Token.setLockContract(address,uint256)._contractAddress (#257) is not in mixedCase
Parameter Token.setLockContract(address,uint256)._timestamp (#257) is not in mixedCase
Parameter Token.changeUnlockTimestamp(address,uint256)._contractAddress (#265) is not in mixedCase
Parameter Token.changeUnlockTimestamp(address,uint256)._timestamp (#265) is not in mixedCase
Parameter Token.lockBalanceOf(address)._address (#282) is not in mixedCase
Parameter Token.viewBatches(address)._address (#285) is not in mixedCase
Function Token.rebase_percentage(uint256,bool) (#315-321) is not in mixedCase
Parameter Token.rebase_percentage(uint256,bool)._percentage_base1000 (#315) is not in mixedCase
Parameter Token.setLP(address)._address (#407) is not in mixedCase
Parameter Token.removeBatches(address)._address (#416) is not in mixedCase
Parameter Token.setMaster(address)._master (#419) is not in mixedCase
Variable Token.WBNB (#239) is not in mixedCase
Variable Token.DEAD (#240) is not in mixedCase
Variable Token.ZERO (#241) is not in mixedCase
Constant Token._name (#243) is not in UPPER_CASE_WITH_UNDERSCORES
Constant Token._symbol (#244) is not in UPPER_CASE_WITH_UNDERSCORES
Constant Token._decimals (#245) is not in UPPER_CASE_WITH_UNDERSCORES
Variable Token._rBalance (#247) is not in mixedCase
Variable Token._allowances (#248) is not in mixedCase
Variable Token._rLocks (#256) is not in mixedCase
Variable Token.rebase_count (#308) is not in mixedCase
Variable Token._totalSupply (#310) is not in mixedCase
Constant Token.rSupply (#313) is not in UPPER_CASE_WITH_UNDERSCORES
Follow the Solidity naming convention.

Additional information: link

Reentrancy in Token.constructor() (#348-359):
External calls:
- pair = IDEXFactory(router.factory()).createPair(WBNB,address(this)) (#350)
Event emitted after the call(s):
- Transfer(address(0),msg.sender,_totalSupply) (#358)
Reentrancy in Token.rebase(uint256,int256) (#323-346):
External calls:
- pairContract.sync() (#342)
Event emitted after the call(s):
- LogRebase(epoch,_totalSupply) (#344)
Apply the check-effects-interactions pattern.

Additional information: link

Token.slitherConstructorVariables() (#235-435) uses literals with too many digits:
- DEAD = 0x000000000000000000000000000000000000dEaD (#240)
Token.slitherConstructorVariables() (#235-435) uses literals with too many digits:
- ZERO = 0x0000000000000000000000000000000000000000 (#241)
Token.slitherConstructorConstantVariables() (#235-435) uses literals with too many digits:
- INITIAL_FRAGMENTS_SUPPLY = 10000000000 * 10 ** _decimals (#307)
Use: Ether suffix, Time suffix, or The scientific notation

Additional information: link

Holders:


Token is deployed only at one blockchain


Twitter account link seems to be invalid


Unable to find Youtube account


Unable to find Discord account

Search:


Unable to find token on CoinHunt

Additional information: link


Unable to find code repository for the project


Unable to find whitepaper link on the website


Token is marked as scam (rug pull, honeypot, phishing, etc.)

Additional information: link


Young tokens have high risks of price dump / death


Young tokens have high risks of price dump / death


Token has relatively low CoinGecko rank


Young tokens have high risks of price dump / death


Young tokens have high risks of price dump / death

Anti-Scam Checks

Price for FLAG