Step Hero ecosystem is the perfect combination of NFT gaming and DeFi that enables users to have fun and earn profit simultaneously. The comprehensive ecosystem comprises Step Hero RPG game, Heroes Farming, and NFT Marketplace. More than a game, Step Hero also has a strong community helping players on investing activites to earn money from game.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is not renounced (belongs to a wallet)
Pragma version^0.8.0 (#7) allows old versions
Pragma version^0.8.0 (#91) allows old versions
Pragma version^0.8.0 (#119) allows old versions
Pragma version^0.8.0 (#145) allows old versions
Pragma version^0.8.0 (#500) allows old versions
Pragma version^0.8.0 (#572) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
StepHero.transfer(address,uint256) (#596-603) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp >= startTime && block.timestamp <= endTime (#597)
Avoid relying on block.timestamp.
Additional information: link
Context._msgData() (#136-138) is never used and should be removed
ERC20._burn(address,uint256) (#413-428) is never used and should be removed
Remove unused functions.
Additional information: link
Constant StepHero.startTime (#577) is not in UPPER_CASE_WITH_UNDERSCORES
Constant StepHero.endTime (#578) is not in UPPER_CASE_WITH_UNDERSCORES
Follow the Solidity naming convention.
Additional information: link
StepHero.constructor() (#583-585) uses literals with too many digits:
- _mint(msg.sender,100000000 * 10 ** 18) (#584)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
name() should be declared external:
- ERC20.name() (#200-202)
symbol() should be declared external:
- ERC20.symbol() (#208-210)
decimals() should be declared external:
- ERC20.decimals() (#225-227)
totalSupply() should be declared external:
- ERC20.totalSupply() (#232-234)
balanceOf(address) should be declared external:
- ERC20.balanceOf(address) (#239-241)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#251-254)
- StepHero.transfer(address,uint256) (#596-603)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (#259-261)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#270-273)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#288-302)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#316-319)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#335-343)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#548-550)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#556-559)
setupWhitelist(address[],bool) should be declared external:
- StepHero.setupWhitelist(address[],bool) (#609-613)
Use the external attribute for functions never called from the contract.
Additional information: link
Token has relatively low CoinGecko rank