GGUARDIANSS [GalaxyGuardians] Token

Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)

GalaxyGuardians.swapBNBForTokens(uint256) (#1179-1191) sends eth to arbitrary user
Dangerous calls:
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
GalaxyGuardians.addLiquidity(uint256,uint256) (#1196-1210) sends eth to arbitrary user
Dangerous calls:
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
Ensure that an arbitrary user cannot withdraw unauthorized funds.

Additional information: link

Reentrancy in GalaxyGuardians._transfer(address,address,uint256) (#908-1018):
External calls:
- swapAndLiquify(tokenBalance) (#943)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
External calls sending eth:
- swapAndLiquify(tokenBalance) (#943)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
State variables written after the call(s):
- _tokenTransfer(from,to,amount) (#1006)
- _rOwned[_lpAddress] = _rOwned[_lpAddress].add(rFee) (#1062)
- _rOwned[address(this)] = _rOwned[address(this)].add(rTakeAmount) (#1083)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1032)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1037)
- _tokenTransfer(from,to,amount) (#1006)
- _rTotal = _rTotal.sub(rFee) (#1073)
- _tokenTransfer(from,to,amount) (#1006)
- _tOwned[_lpAddress] = _tOwned[_lpAddress].add(tFee) (#1064)
- _tOwned[address(this)] = _tOwned[address(this)].add(tTakeAmount) (#1085)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#1030)
- _tOwned[recipient] = _tOwned[recipient].add(tTransferAmount) (#1035)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- currentlySwapping = true (#477)
- currentlySwapping = false (#479)
Apply the check-effects-interactions pattern.

Additional information: link

GalaxyGuardians.withdrawForeignToken(address) (#580-583) ignores return value by IERC20(address(token)).transfer(msg.sender,IERC20(token).balanceOf(address(this))) (#582)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.

Additional information: link

Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.

Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.

Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.

GalaxyGuardians.addLiquidity(uint256,uint256) (#1196-1210) ignores return value by _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
Ensure that all the return values of the function calls are used.

Additional information: link

GalaxyGuardians.allowance(address,address).owner (#635) shadows:
- Ownable.owner() (#213-215) (function)
GalaxyGuardians._approve(address,address,uint256).owner (#660) shadows:
- Ownable.owner() (#213-215) (function)
Rename the local variables that shadow another component.

Additional information: link

GalaxyGuardians.setTaxFeePercent(uint256) (#700-702) should emit an event for:
- _taxFee = taxFee (#701)
GalaxyGuardians.setSellTaxFeePerecent(uint256) (#704-706) should emit an event for:
- _sellTaxFee = taxFee (#705)
GalaxyGuardians.setWhaleSellTaxFeePerecent(uint256) (#708-710) should emit an event for:
- _whaleSellTaxFee = taxFee (#709)
GalaxyGuardians.setMaxTxAmount(uint256) (#712-714) should emit an event for:
- _maxTxAmount = maxTxAmount (#713)
GalaxyGuardians.setTokenSwapThreshold(uint256) (#716-718) should emit an event for:
- tokenSwapThreshold = newHoldValue (#717)
GalaxyGuardians.setBuybackBNBThreshold(uint256) (#747-749) should emit an event for:
- _buybackBNBThreshold = bnbAmount (#748)
GalaxyGuardians.setBuybackUpperLimit(uint256) (#751-753) should emit an event for:
- _buybackUpperLimit = buybackLimit (#752)
GalaxyGuardians.setBuybackBNBPercentage(uint256) (#755-757) should emit an event for:
- _buybackBNBPercentage = percentage (#756)
GalaxyGuardians.setWhaleSellThreshold(uint256) (#763-765) should emit an event for:
- _whaleSellThreshold = amount (#764)
GalaxyGuardians.setWhaleSellTimer(uint256) (#767-769) should emit an event for:
- _whaleSellTimer = time (#768)
GalaxyGuardians.setTaxPercentage(uint256,uint256,uint256,uint256) (#771-780) should emit an event for:
- _liquidityPercentage = liquidityPercentage (#775)
- _marketingPercentage = marketingPercentage (#776)
- _charityPercentage = charityPercentage (#777)
- _prizePercentage = prizePercentage (#778)
Emit an event for critical parameter changes.

Additional information: link

GalaxyGuardians.setMarketingAddress(address).marketingAddress (#727) lacks a zero-check on :
- _marketingAddress = address(marketingAddress) (#728)
GalaxyGuardians.setCharityAddress(address).charityAddress (#731) lacks a zero-check on :
- _charityAddress = address(charityAddress) (#732)
GalaxyGuardians.setPrizzeAddress(address).prizzeAddress (#735) lacks a zero-check on :
- _prizzeAddress = address(prizzeAddress) (#736)
GalaxyGuardians.setLpAddress(address).lpAddress (#739) lacks a zero-check on :
- _lpAddress = address(lpAddress) (#740)
Check that the address is not zero.

Additional information: link

Reentrancy in GalaxyGuardians._transfer(address,address,uint256) (#908-1018):
External calls:
- swapAndLiquify(tokenBalance) (#943)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
External calls sending eth:
- swapAndLiquify(tokenBalance) (#943)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
State variables written after the call(s):
- _amountSold[from] = newTotal (#985)
- _amountSold[from] = newTotal (#988)
- _amountSold[from] = amount (#992)
- _previousTaxFee = _taxFee (#996)
- removeAllFees() (#1002)
- _previousTaxFee = _taxFee (#815)
- _taxFee = fee (#997)
- removeAllFees() (#1002)
- _taxFee = 0 (#816)
- restoreAllFees() (#1010)
- _taxFee = _previousTaxFee (#823)
- _taxFee = _previousTaxFee (#1015)
- _timeSinceFirstSell[from] = block.timestamp (#991)
- _tokenTransfer(from,to,amount) (#1006)
- _totalReflections = _totalReflections.add(tFee) (#1074)
Reentrancy in GalaxyGuardians.addLiquidify(uint256) (#1141-1153):
External calls:
- swapTokensForBNB(swapAmount) (#1148)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
External calls sending eth:
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
State variables written after the call(s):
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
- _allowances[owner][spender] = amount (#664)
Reentrancy in GalaxyGuardians.constructor() (#547-562):
External calls:
- _pancakeswapV2LiquidityPair = IUniswapV2Factory(pancakeswapV2Router.factory()).createPair(address(this),pancakeswapV2Router.WETH()) (#557-558)
State variables written after the call(s):
- _pancakeswapV2Router = pancakeswapV2Router (#559)
Reentrancy in GalaxyGuardians.setRouterAddress(address) (#595-607):
External calls:
- newPair = IUniswapV2Factory(newPancakeSwapRouter.factory()).createPair(address(this),newPancakeSwapRouter.WETH()) (#602)
State variables written after the call(s):
- _pancakeswapV2LiquidityPair = newPair (#604)
- _pancakeswapV2Router = newPancakeSwapRouter (#606)
Reentrancy in GalaxyGuardians.swapAndLiquify(uint256) (#1101-1136):
External calls:
- addLiquidify(eigth) (#1105)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- swapTokensForBNB(swapAmount) (#1111)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
External calls sending eth:
- addLiquidify(eigth) (#1105)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
State variables written after the call(s):
- swapTokensForBNB(swapAmount) (#1111)
- _allowances[owner][spender] = amount (#664)
Reentrancy in GalaxyGuardians.transferFrom(address,address,uint256) (#644-648):
External calls:
- _transfer(sender,recipient,amount) (#645)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
External calls sending eth:
- _transfer(sender,recipient,amount) (#645)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#646)
- _allowances[owner][spender] = amount (#664)
Apply the check-effects-interactions pattern.

Additional information: link

Reentrancy in GalaxyGuardians._transfer(address,address,uint256) (#908-1018):
External calls:
- swapAndLiquify(tokenBalance) (#943)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
External calls sending eth:
- swapAndLiquify(tokenBalance) (#943)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
Event emitted after the call(s):
- Transfer(sender,recipient,tTransferAmount) (#1054)
- _tokenTransfer(from,to,amount) (#1006)
Reentrancy in GalaxyGuardians.addLiquidify(uint256) (#1141-1153):
External calls:
- swapTokensForBNB(swapAmount) (#1148)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
External calls sending eth:
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#665)
- addLiquidity(liquidityAmount,liquidityBNB) (#1152)
Reentrancy in GalaxyGuardians.constructor() (#547-562):
External calls:
- _pancakeswapV2LiquidityPair = IUniswapV2Factory(pancakeswapV2Router.factory()).createPair(address(this),pancakeswapV2Router.WETH()) (#557-558)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_tTotal) (#561)
Reentrancy in GalaxyGuardians.swapAndLiquify(uint256) (#1101-1136):
External calls:
- addLiquidify(eigth) (#1105)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
- swapTokensForBNB(swapAmount) (#1111)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
External calls sending eth:
- addLiquidify(eigth) (#1105)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#665)
- swapTokensForBNB(swapAmount) (#1111)
Reentrancy in GalaxyGuardians.transferFrom(address,address,uint256) (#644-648):
External calls:
- _transfer(sender,recipient,amount) (#645)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
- _pancakeswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp.add(300)) (#1167-1173)
External calls sending eth:
- _transfer(sender,recipient,amount) (#645)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#665)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#646)
Apply the check-effects-interactions pattern.

Additional information: link

GalaxyGuardians._transfer(address,address,uint256) (#908-1018) uses timestamp for comparisons
Dangerous comparisons:
- delta > 0 && delta < _whaleSellTimer && _timeSinceFirstSell[from] != 0 (#981)
Avoid relying on block.timestamp.

Additional information: link

Address.isContract(address) (#92-102) uses assembly
- INLINE ASM (#98-100)
Address._verifyCallResult(bool,bytes,string) (#174-194) uses assembly
- INLINE ASM (#186-189)
Do not use evm assembly.

Additional information: link

GalaxyGuardians.includeInReward(address) (#892-903) has costly operations inside a loop:
- _excluded.pop() (#899)
Use a local variable to hold the loop computation result.

Additional information: link

Address._verifyCallResult(bool,bytes,string) (#174-194) is never used and should be removed
Address.functionCall(address,bytes) (#111-113) is never used and should be removed
Address.functionCall(address,bytes,string) (#115-121) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#123-129) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#131-142) is never used and should be removed
Address.functionDelegateCall(address,bytes) (#159-161) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (#163-172) is never used and should be removed
Address.functionStaticCall(address,bytes) (#144-146) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#148-157) is never used and should be removed
Address.isContract(address) (#92-102) is never used and should be removed
Address.sendValue(address,uint256) (#104-109) is never used and should be removed
Context._msgData() (#30-32) is never used and should be removed
SafeMath.mod(uint256,uint256) (#80-82) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#84-87) is never used and should be removed
Remove unused functions.

Additional information: link

GalaxyGuardians._rTotal (#501) is set pre-construction with a non-constant function or state variable:
- (MAX - (MAX % _tTotal))
GalaxyGuardians._totalPercentage (#511) is set pre-construction with a non-constant function or state variable:
- _liquidityPercentage + _marketingPercentage + _charityPercentage + _prizePercentage
GalaxyGuardians._tokenSwapThreshold (#521) is set pre-construction with a non-constant function or state variable:
- tokenSwapThreshold
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.

Additional information: link

Low level call in Address.sendValue(address,uint256) (#104-109):
- (success) = recipient.call{value: amount}() (#107)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#131-142):
- (success,returndata) = target.call{value: value}(data) (#140)
Low level call in Address.functionStaticCall(address,bytes,string) (#148-157):
- (success,returndata) = target.staticcall(data) (#155)
Low level call in Address.functionDelegateCall(address,bytes,string) (#163-172):
- (success,returndata) = target.delegatecall(data) (#170)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#285) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#286) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#303) is not in mixedCase
Function IUniswapV2Router01.WETH() (#324) is not in mixedCase
Variable GalaxyGuardians._pancakeswapV2Router (#471) is not in mixedCase
Variable GalaxyGuardians._pancakeswapV2LiquidityPair (#472) is not in mixedCase
Variable GalaxyGuardians._marketingAddress (#483) is not in mixedCase
Variable GalaxyGuardians._charityAddress (#484) is not in mixedCase
Variable GalaxyGuardians._prizzeAddress (#485) is not in mixedCase
Variable GalaxyGuardians._lpAddress (#486) is not in mixedCase
Variable GalaxyGuardians._liquidityPercentage (#506) is not in mixedCase
Variable GalaxyGuardians._marketingPercentage (#507) is not in mixedCase
Variable GalaxyGuardians._charityPercentage (#508) is not in mixedCase
Variable GalaxyGuardians._prizePercentage (#509) is not in mixedCase
Variable GalaxyGuardians._totalPercentage (#511) is not in mixedCase
Variable GalaxyGuardians._taxFee (#514) is not in mixedCase
Variable GalaxyGuardians._sellTaxFee (#515) is not in mixedCase
Variable GalaxyGuardians._whaleSellTaxFee (#516) is not in mixedCase
Variable GalaxyGuardians._maxTxAmount (#520) is not in mixedCase
Variable GalaxyGuardians._tokenSwapThreshold (#521) is not in mixedCase
Variable GalaxyGuardians._whaleSellThreshold (#527) is not in mixedCase
Variable GalaxyGuardians._whaleSellTimer (#528) is not in mixedCase
Variable GalaxyGuardians._enableBuyback (#536) is not in mixedCase
Variable GalaxyGuardians._buybackBNBThreshold (#537) is not in mixedCase
Variable GalaxyGuardians._buybackUpperLimit (#538) is not in mixedCase
Variable GalaxyGuardians._buybackBNBPercentage (#539) is not in mixedCase
Variable GalaxyGuardians._enableLiquidity (#542) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Reentrancy in GalaxyGuardians._transfer(address,address,uint256) (#908-1018):
External calls:
- swapAndLiquify(tokenBalance) (#943)
- recipient.transfer(amount) (#589)
External calls sending eth:
- swapAndLiquify(tokenBalance) (#943)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
State variables written after the call(s):
- _amountSold[from] = newTotal (#985)
- _amountSold[from] = newTotal (#988)
- _amountSold[from] = amount (#992)
- _previousTaxFee = _taxFee (#996)
- removeAllFees() (#1002)
- _previousTaxFee = _taxFee (#815)
- _tokenTransfer(from,to,amount) (#1006)
- _rOwned[_lpAddress] = _rOwned[_lpAddress].add(rFee) (#1062)
- _rOwned[address(this)] = _rOwned[address(this)].add(rTakeAmount) (#1083)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#1032)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#1037)
- _tokenTransfer(from,to,amount) (#1006)
- _rTotal = _rTotal.sub(rFee) (#1073)
- _tokenTransfer(from,to,amount) (#1006)
- _tOwned[_lpAddress] = _tOwned[_lpAddress].add(tFee) (#1064)
- _tOwned[address(this)] = _tOwned[address(this)].add(tTakeAmount) (#1085)
- _tOwned[sender] = _tOwned[sender].sub(tAmount) (#1030)
- _tOwned[recipient] = _tOwned[recipient].add(tTransferAmount) (#1035)
- _taxFee = fee (#997)
- removeAllFees() (#1002)
- _taxFee = 0 (#816)
- restoreAllFees() (#1010)
- _taxFee = _previousTaxFee (#823)
- _taxFee = _previousTaxFee (#1015)
- _timeSinceFirstSell[from] = block.timestamp (#991)
- _tokenTransfer(from,to,amount) (#1006)
- _totalReflections = _totalReflections.add(tFee) (#1074)
- buyBackTokens(balance.mul(_buybackBNBPercentage).div(100)) (#959)
- currentlySwapping = true (#477)
- currentlySwapping = false (#479)
Event emitted after the call(s):
- Transfer(sender,recipient,tTransferAmount) (#1054)
- _tokenTransfer(from,to,amount) (#1006)
Reentrancy in GalaxyGuardians.transferFrom(address,address,uint256) (#644-648):
External calls:
- _transfer(sender,recipient,amount) (#645)
- recipient.transfer(amount) (#589)
External calls sending eth:
- _transfer(sender,recipient,amount) (#645)
- recipient.transfer(amount) (#589)
- _pancakeswapV2Router.addLiquidityETH{value: bnbAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp.add(300)) (#1202-1209)
- _pancakeswapV2Router.swapExactETHForTokensSupportingFeeOnTransferTokens{value: amount}(0,path,_lpAddress,block.timestamp.add(300)) (#1185-1190)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#646)
- _allowances[owner][spender] = amount (#664)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#665)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#646)
Apply the check-effects-interactions pattern.

Additional information: link

Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#329) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#330)
Variable GalaxyGuardians._takeTokens(uint256).rTakeAmount (#1082) is too similar to GalaxyGuardians._takeTokens(uint256).tTakeAmount (#1080)
Variable GalaxyGuardians.reflectionFromToken(uint256,bool).rTransferAmount (#795) is too similar to GalaxyGuardians._tokenTransfer(address,address,uint256).tTransferAmount (#1025)
Variable GalaxyGuardians.reflectionFromToken(uint256,bool).rTransferAmount (#795) is too similar to GalaxyGuardians._getValues(uint256).tTransferAmount (#830)
Variable GalaxyGuardians.reflectionFromToken(uint256,bool).rTransferAmount (#795) is too similar to GalaxyGuardians._getTValues(uint256).tTransferAmount (#840)
Variable GalaxyGuardians._getRValues(uint256,uint256,uint256).rTransferAmount (#850) is too similar to GalaxyGuardians._getValues(uint256).tTransferAmount (#830)
Variable GalaxyGuardians._getValues(uint256).rTransferAmount (#831) is too similar to GalaxyGuardians._tokenTransfer(address,address,uint256).tTransferAmount (#1025)
Variable GalaxyGuardians._getValues(uint256).rTransferAmount (#831) is too similar to GalaxyGuardians._getValues(uint256).tTransferAmount (#830)
Variable GalaxyGuardians._getValues(uint256).rTransferAmount (#831) is too similar to GalaxyGuardians._getTValues(uint256).tTransferAmount (#840)
Variable GalaxyGuardians._getRValues(uint256,uint256,uint256).rTransferAmount (#850) is too similar to GalaxyGuardians._tokenTransfer(address,address,uint256).tTransferAmount (#1025)
Variable GalaxyGuardians._tokenTransfer(address,address,uint256).rTransferAmount (#1026) is too similar to GalaxyGuardians._tokenTransfer(address,address,uint256).tTransferAmount (#1025)
Variable GalaxyGuardians._tokenTransfer(address,address,uint256).rTransferAmount (#1026) is too similar to GalaxyGuardians._getValues(uint256).tTransferAmount (#830)
Variable GalaxyGuardians._getRValues(uint256,uint256,uint256).rTransferAmount (#850) is too similar to GalaxyGuardians._getTValues(uint256).tTransferAmount (#840)
Variable GalaxyGuardians._tokenTransfer(address,address,uint256).rTransferAmount (#1026) is too similar to GalaxyGuardians._getTValues(uint256).tTransferAmount (#840)
Prevent variables from having similar names.

Additional information: link

GalaxyGuardians._decimals (#468) should be constant
GalaxyGuardians._name (#466) should be constant
GalaxyGuardians._symbol (#467) should be constant
GalaxyGuardians._tTotal (#500) should be constant
Add the constant attributes to state variables that never change.

Additional information: link

renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#232-234)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#240-243)
withdrawBNB(uint256) should be declared external:
- GalaxyGuardians.withdrawBNB(uint256) (#572-575)
withdrawForeignToken(address) should be declared external:
- GalaxyGuardians.withdrawForeignToken(address) (#580-583)
setRouterAddress(address) should be declared external:
- GalaxyGuardians.setRouterAddress(address) (#595-607)
isHackChangeStatus() should be declared external:
- GalaxyGuardians.isHackChangeStatus() (#782-784)
reflectionFromToken(uint256,bool) should be declared external:
- GalaxyGuardians.reflectionFromToken(uint256,bool) (#789-798)
reflect(uint256) should be declared external:
- GalaxyGuardians.reflect(uint256) (#1216-1222)
Use the external attribute for functions never called from the contract.

Additional information: link

Popular Tokens

About GGUARDIANSS

Listings

Age

Website

Description

Social

Contract

Laser Scorebeta Last Audit: 2 March 2022

Anti-Scam

Links

Contract

Trading

Socials

Transparency

Age

Price for GGUARDIANSS

Popular Tokens

GGUARDIANSS [GalaxyGuardians] Token

About GGUARDIANSS

Listings

Age

Website

Description

Social

Contract

Laser Scorebeta Last Audit: 2 March 2022

Anti-Scam

Links

Contract

[LSR] Audit is not found critical

[Slither] Functions that send Ether to arbitrary destinations critical

[Slither] Reentrancy vulnerabilities critical

[Slither] Unchecked transfer critical

[LSR] Dangerous combinations (1) major

[LSR] Dangerous combinations (2) major

[LSR] Dangerous combinations (3) major

[Slither] Unused return minor

[Slither] Local variable shadowing minor

[Slither] Missing events arithmetic minor

[Slither] Missing zero address validation minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Block timestamp minor

[Slither] Assembly usage minor

[Slither] Costly operations inside a loop minor

[Slither] Dead-code minor

[Slither] Function Initializing State minor

[Slither] Low-level calls minor

[Slither] Conformance to Solidity naming conventions minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Variable names too similar minor

[Slither] State variables that could be declared constant minor

[Slither] Public function that could be declared external minor

Trading

[LSR] Untradeable critical

[LSR] Few holders critical

Socials

[LSR] Socials are not found critical

Transparency

[LSR] Project is not found critical

Age

[LSR] Token age <= 90 days critical

[LSR] No CoinGecko rank major

[LSR] No CoinMarketCap rank major

Price for GGUARDIANSS