11Minutes is the first play2earn game series of its kind. Earn a life changing prize within 11 Minutes.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is not renounced (belongs to a wallet)
Modifier TransparentUpgradeableProxy.ifAdmin() (#642-648) does not always execute _; or revert
All the paths in a modifier must execute _ or revert.
Additional information: link
Reentrancy in ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#462-490):
External calls:
- Address.functionDelegateCall(newImplementation,data) (#472)
- Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (#480-483)
Event emitted after the call(s):
- Upgraded(newImplementation) (#438)
- _upgradeTo(newImplementation) (#488)
Apply the check-effects-interactions pattern.
Additional information: link
StorageSlot.getAddressSlot(bytes32) (#63-67) uses assembly
- INLINE ASM (#64-66)
Address.verifyCallResult(bool,bytes,string) (#287-307) uses assembly
- INLINE ASM (#299-302)
Proxy._delegate(address) (#326-349) uses assembly
- INLINE ASM (#327-348)
StorageSlot.getBytes32Slot(bytes32) (#81-85) uses assembly
- INLINE ASM (#82-84)
Address.isContract(address) (#118-128) uses assembly
- INLINE ASM (#124-126)
StorageSlot.getBooleanSlot(bytes32) (#72-76) uses assembly
- INLINE ASM (#73-75)
StorageSlot.getUint256Slot(bytes32) (#90-94) uses assembly
- INLINE ASM (#91-93)
Do not use evm assembly.
Additional information: link
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#462-490) ignores return value by Address.functionDelegateCall(newImplementation,data) (#472)
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#462-490) ignores return value by Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (#480-483)
ERC1967Upgrade._upgradeBeaconToAndCall(address,bytes,bool) (#565-575) ignores return value by Address.functionDelegateCall(IBeacon(newBeacon).implementation(),data) (#573)
ERC1967Upgrade._upgradeToAndCall(address,bytes,bool) (#446-455) ignores return value by Address.functionDelegateCall(newImplementation,data) (#453)
Ensure that all the return values of the function calls are used.
Additional information: link
Address.sendValue(address,uint256) (#146-151) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#200-206) is never used and should be removed
StorageSlot.getUint256Slot(bytes32) (#90-94) is never used and should be removed
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#462-490) is never used and should be removed
ERC1967Upgrade._upgradeBeaconToAndCall(address,bytes,bool) (#565-575) is never used and should be removed
TransparentUpgradeableProxy._admin() (#710-712) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#214-225) is never used and should be removed
Address.functionStaticCall(address,bytes) (#233-235) is never used and should be removed
ERC1967Upgrade._setBeacon(address) (#550-557) is never used and should be removed
StorageSlot.getBooleanSlot(bytes32) (#72-76) is never used and should be removed
StorageSlot.getBytes32Slot(bytes32) (#81-85) is never used and should be removed
Address.functionCall(address,bytes,string) (#181-187) is never used and should be removed
ERC1967Upgrade._getBeacon() (#543-545) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#243-252) is never used and should be removed
Address.functionCall(address,bytes) (#171-173) is never used and should be removed
Remove unused functions.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#146-151):
- (success) = recipient.call{value: amount}() (#149)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#214-225):
- (success,returndata) = target.call{value: value}(data) (#223)
Low level call in Address.functionStaticCall(address,bytes,string) (#243-252):
- (success,returndata) = target.staticcall(data) (#250)
Low level call in Address.functionDelegateCall(address,bytes,string) (#270-279):
- (success,returndata) = target.delegatecall(data) (#277)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
TransparentUpgradeableProxy (#625-722) should inherit from IBeacon (#8-15)
Inherit from the missing interface or contract.
Additional information: link
Token seems to be untradeable: there is no PancakeSwap trading pair and no trading volumes. Ignore for presale.
Token makes many airdrops and seems to be a phishing / airdrop scam
Additional information: link
BscScan page for the token does not contain additional info: website, socials, description, etc.
Additional information: link
Unable to find token on CoinGecko
Additional information: link
Unable to find token on CoinMarketCap
Additional information: link
Unable to find token contract audit
Unable to verify that token and website are owned by the same team (no listings + unable to find contract on website)
Unable to verify token contract address on the website
Unable to find audit link on the website
Unable to find whitepaper link on the website
Unable to find Telegram link on the website
Token is not listed at Mobula.Finance
Additional information: link
Unable to find Twitter link on the website
Unable to find token on CoinHunt
Additional information: link
Unable to find code repository for the project
Token is marked as scam (rug pull, honeypot, phishing, etc.)
Additional information: link
Young tokens have high risks of scam / price dump / death
Token has a considerable age, but social accounts / website are missing or have few users
Token has a considerable age, but average PancakeSwap 30d trading volume is low
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Twitter account link seems to be invalid
Unable to find Telegram account
Unable to find Youtube account
Unable to find Discord account