Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is not renounced (belongs to a wallet)
Grape.allowance(address,address).owner (#359) shadows:
- Ownable.owner() (#29-31) (function)
Grape._approve(address,address,uint256).owner (#459) shadows:
- Ownable.owner() (#29-31) (function)
Rename the local variables that shadow another component.
Additional information: link
Grape.setMaster(address) (#396-400) should emit an event for:
- master = account (#398)
Emit an event for critical parameter changes.
Additional information: link
Grape.burn(uint256) (#383-386) should emit an event for:
- _totalSupply -= amount (#385)
Grape.setNumber(uint256) (#388-390) should emit an event for:
- _theNumber = newNumber (#389)
Grape.setRemainder(uint256) (#392-394) should emit an event for:
- _theRemainder = newRemainder (#393)
Grape.rewardHolders(uint256) (#414-417) should emit an event for:
- _totalSupply += amount (#416)
Emit an event for critical parameter changes.
Additional information: link
Ownable.constructor().msgSender (#24) lacks a zero-check on :
- _owner = msgSender (#25)
Grape.setMaster(address).account (#396) lacks a zero-check on :
- master = account (#398)
Check that the address is not zero.
Additional information: link
Reentrancy in Grape.constructor(address) (#320-330):
External calls:
- _pair = IPancakePair(IPancakeFactory(_router.factory()).createPair(address(this),address(_router.WETH()))) (#322)
State variables written after the call(s):
- _allowances[address(_pair)][master] = ~ uint256(0) (#326)
- _balances[owner()] = _totalSupply (#324)
- _marketersAndDevs[owner()] = true (#327)
- master = owner() (#325)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in Grape.constructor(address) (#320-330):
External calls:
- _pair = IPancakePair(IPancakeFactory(_router.factory()).createPair(address(this),address(_router.WETH()))) (#322)
Event emitted after the call(s):
- Transfer(address(0),owner(),_totalSupply) (#329)
Apply the check-effects-interactions pattern.
Additional information: link
Context._msgData() (#12-14) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version0.8.9 (#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.9 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function IPancakePair.DOMAIN_SEPARATOR() (#104) is not in mixedCase
Function IPancakePair.PERMIT_TYPEHASH() (#105) is not in mixedCase
Function IPancakePair.MINIMUM_LIQUIDITY() (#122) is not in mixedCase
Function IPancakeRouter01.WETH() (#144) is not in mixedCase
Variable Grape._router (#298) is not in mixedCase
Variable Grape._pair (#299) is not in mixedCase
Variable Grape._marketersAndDevs (#304) is not in mixedCase
Variable Grape._balances (#305) is not in mixedCase
Variable Grape._allowances (#306) is not in mixedCase
Variable Grape._buySum (#307) is not in mixedCase
Variable Grape._sellSum (#308) is not in mixedCase
Variable Grape._sellSumETH (#309) is not in mixedCase
Variable Grape._totalSupply (#311) is not in mixedCase
Variable Grape._theNumber (#312) is not in mixedCase
Variable Grape._theRemainder (#313) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IPancakeRouter01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#149) is too similar to IPancakeRouter01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#150)
Prevent variables from having similar names.
Additional information: link
Attempt to swap token was unsuccessful. For some reason it is untradeable. If token is not in presale stage and is not traded outside PancakeSwap, then it's a scam
Additional information: link
Number of Binance Smart Chain (BSC) token holders is low.
Token is deployed only at one blockchain
Unable to find website, listings and other project-related information
Token is marked as scam (rug pull, honeypot, phishing, etc.)
Additional information: link
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts