HNW is a team of professionals changing the landscape of the crypto space with hard work, ingenuity and trust. Building an organic and strong community, offering our clients “The Hobbs A-Z” in launch services. Always ensuring that our clients and investors get what they deserve: THE BEST!
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
RootedToken.transfer(address,uint256) (RootedToken.sol#95-131) uses a dangerous strict equality:
- block.timestamp == launchTime (RootedToken.sol#124)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
RootedToken.checkLimitTime() (RootedToken.sol#43-49) contains a tautology or contradiction:
- endLimit - block.timestamp >= 0 (RootedToken.sol#44)
Fix the incorrect comparison by changing the value type or the comparison.
Additional information: link
LiquidityLockedERC20.balanceOf(address) (LiquidityLockedERC20.sol#45-63) uses tx.origin for authorization: require(bool,string)(last.origin == tx.origin && last.blockNumber == block.number,Liquidity is locked) (LiquidityLockedERC20.sol#50)
Do not use tx.origin for authorization.
Additional information: link
RootedToken.startTradeLimit(uint256) (RootedToken.sol#69-71) should emit an event for:
- endLimit = block.timestamp + timeInSeconds (RootedToken.sol#70)
Emit an event for critical parameter changes.
Additional information: link
RootedToken.setElite(address)._elite (RootedToken.sol#66) lacks a zero-check on :
- elite = _elite (RootedToken.sol#67)
Check that the address is not zero.
Additional information: link
Reentrancy in GatedERC20._transfer(address,address,uint256) (GatedERC20.sol#34-61):
External calls:
- fees = _transferGate.handleTransfer(msg.sender,sender,recipient,amount) (GatedERC20.sol#50)
State variables written after the call(s):
- _balanceOf[splitter] = _balanceOf[splitter].add(fees) (GatedERC20.sol#53)
- _balanceOf[sender] = _balanceOf[sender].sub(amount,ERC20: transfer amount exceeds balance) (GatedERC20.sol#58)
- _balanceOf[recipient] = _balanceOf[recipient].add(remaining) (GatedERC20.sol#59)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in GatedERC20._transfer(address,address,uint256) (GatedERC20.sol#34-61):
External calls:
- fees = _transferGate.handleTransfer(msg.sender,sender,recipient,amount) (GatedERC20.sol#50)
Event emitted after the call(s):
- Transfer(sender,splitter,fees) (GatedERC20.sol#54)
- Transfer(sender,recipient,remaining) (GatedERC20.sol#60)
Apply the check-effects-interactions pattern.
Additional information: link
RootedToken.transfer(address,uint256) (RootedToken.sol#95-131) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp == launchTime (RootedToken.sol#124)
Avoid relying on block.timestamp.
Additional information: link
Address._verifyCallResult(bool,bytes,string) (Address.sol#170-187) uses assembly
- INLINE ASM (Address.sol#179-182)
Do not use evm assembly.
Additional information: link
SafeMath.mul(uint256,uint256) (SafeMath.sol#25-38) is never used and should be removed
Remove unused functions.
Additional information: link
solc-0.7.4 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.functionDelegateCall(address,bytes,string) (Address.sol#162-168):
- (success,returndata) = target.delegatecall(data) (Address.sol#166)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function RootedToken._amnestySniper(address) (RootedToken.sol#164-174) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable RootedToken.setDistributor(address)._distributor (RootedToken.sol#63) is too similar to RootedToken.distributors (RootedToken.sol#31)
Prevent variables from having similar names.
Additional information: link
RootedToken.slitherConstructorVariables() (RootedToken.sol#22-176) uses literals with too many digits:
- buyLimit = 5000000000000000000000 (RootedToken.sol#30)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
RootedToken.distribution (RootedToken.sol#35) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
recoverTokens(IERC20) should be declared external:
- TokensRecoverable.recoverTokens(IERC20) (TokensRecoverable.sol#18-22)
Use the external attribute for functions never called from the contract.
Additional information: link
Young tokens have high risks of price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Twitter account link seems to be invalid
Unable to find Blog account (Reddit or Medium)
Unable to find Discord account