Hidden Game Q1/2022
TW: https://twitter.com/MCLITTLETIGERCN
VN Group : https://t.me/mclittletiger_VN
China Group : https://t.me/mclittletiger_CN
Philippin Group :https://t.me/mclittletigerphilip
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Reentrancy in MCLT._transfer(address,address,uint256) (#251-300):
External calls:
- swapTokensForEth(contractTokenBalance) (#291)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#307-313)
External calls sending eth:
- sendETHToFee(address(this).balance) (#294)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
State variables written after the call(s):
- _tokenTransfer(from,to,amount) (#299)
- _rOwned[address(this)] = _rOwned[address(this)].add(rTeam) (#368)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#358)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#359)
- _tokenTransfer(from,to,amount) (#299)
- _rTotal = _rTotal.sub(rFee) (#376)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in MCLT.openTrading() (#321-336):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#324-325)
State variables written after the call(s):
- tradingOpen = true (#335)
Apply the check-effects-interactions pattern.
Additional information: link
MCLT.allowance(address,address).owner (#215) shadows:
- Ownable.owner() (#90-92) (function)
MCLT._approve(address,address,uint256).owner (#244) shadows:
- Ownable.owner() (#90-92) (function)
Rename the local variables that shadow another component.
Additional information: link
MCLT.setMaxTx(uint256) (#234-236) should emit an event for:
- _maxTxAmount = maxTransactionAmount (#235)
MCLT.updateMaxTx(uint256) (#371-373) should emit an event for:
- _maxTxAmount = fee (#372)
Emit an event for critical parameter changes.
Additional information: link
Reentrancy in MCLT._transfer(address,address,uint256) (#251-300):
External calls:
- swapTokensForEth(contractTokenBalance) (#291)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#307-313)
External calls sending eth:
- sendETHToFee(address(this).balance) (#294)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
State variables written after the call(s):
- _tokenTransfer(from,to,amount) (#299)
- _tFeeTotal = _tFeeTotal.add(tFee) (#377)
Reentrancy in MCLT.openTrading() (#321-336):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#324-325)
State variables written after the call(s):
- _isExcludedFromFee[owner()] = true (#329)
- _isExcludedFromFee[address(this)] = true (#330)
- _maxTxAmount = 20000000000 * 7 ** 9 (#334)
- cooldownEnabled = true (#333)
- swapEnabled = true (#332)
- uniswapV2Router = _uniswapV2Router (#327)
Reentrancy in MCLT.transferFrom(address,address,uint256) (#224-228):
External calls:
- _transfer(sender,recipient,amount) (#225)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#307-313)
External calls sending eth:
- _transfer(sender,recipient,amount) (#225)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#226)
- _allowances[owner][spender] = amount (#247)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in MCLT._transfer(address,address,uint256) (#251-300):
External calls:
- swapTokensForEth(contractTokenBalance) (#291)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#307-313)
External calls sending eth:
- sendETHToFee(address(this).balance) (#294)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
Event emitted after the call(s):
- Transfer(sender,recipient,tTransferAmount) (#362)
- _tokenTransfer(from,to,amount) (#299)
Reentrancy in MCLT.transferFrom(address,address,uint256) (#224-228):
External calls:
- _transfer(sender,recipient,amount) (#225)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#307-313)
External calls sending eth:
- _transfer(sender,recipient,amount) (#225)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#248)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#226)
Apply the check-effects-interactions pattern.
Additional information: link
MCLT._transfer(address,address,uint256) (#251-300) uses timestamp for comparisons
Dangerous comparisons:
- _buyMap[from] != 0 && (_buyMap[from] + (86400) >= block.timestamp) (#258-259)
- require(bool)(cooldown[to] < block.timestamp) (#284)
Avoid relying on block.timestamp.
Additional information: link
Function IUniswapV2Router02.WETH() (#119) is not in mixedCase
Constant MCLT._tTotal (#140) is not in UPPER_CASE_WITH_UNDERSCORES
Constant MCLT._name (#149) is not in UPPER_CASE_WITH_UNDERSCORES
Constant MCLT._symbol (#150) is not in UPPER_CASE_WITH_UNDERSCORES
Constant MCLT._decimals (#151) is not in UPPER_CASE_WITH_UNDERSCORES
Follow the Solidity naming convention.
Additional information: link
Reentrancy in MCLT._transfer(address,address,uint256) (#251-300):
External calls:
- sendETHToFee(address(this).balance) (#294)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
State variables written after the call(s):
- _tokenTransfer(from,to,amount) (#299)
- _rOwned[address(this)] = _rOwned[address(this)].add(rTeam) (#368)
- _rOwned[sender] = _rOwned[sender].sub(rAmount) (#358)
- _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount) (#359)
- _tokenTransfer(from,to,amount) (#299)
- _rTotal = _rTotal.sub(rFee) (#376)
- _tokenTransfer(from,to,amount) (#299)
- _tFeeTotal = _tFeeTotal.add(tFee) (#377)
Event emitted after the call(s):
- Transfer(sender,recipient,tTransferAmount) (#362)
- _tokenTransfer(from,to,amount) (#299)
Reentrancy in MCLT.transferFrom(address,address,uint256) (#224-228):
External calls:
- _transfer(sender,recipient,amount) (#225)
- _feeAddrWallet1.transfer(amount.div(2)) (#317)
- _feeAddrWallet2.transfer(amount.div(2)) (#318)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#226)
- _allowances[owner][spender] = amount (#247)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#248)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#226)
Apply the check-effects-interactions pattern.
Additional information: link
Variable MCLT._feeAddrWallet1 (#146) is too similar to MCLT._feeAddrWallet2 (#147)
Variable MCLT._getValues(uint256).rTransferAmount (#398) is too similar to MCLT._getTValues(uint256,uint256,uint256).tTransferAmount (#405)
Variable MCLT._transferStandard(address,address,uint256).rTransferAmount (#357) is too similar to MCLT._getValues(uint256).tTransferAmount (#396)
Variable MCLT._getRValues(uint256,uint256,uint256,uint256).rTransferAmount (#413) is too similar to MCLT._getValues(uint256).tTransferAmount (#396)
Variable MCLT._getRValues(uint256,uint256,uint256,uint256).rTransferAmount (#413) is too similar to MCLT._getTValues(uint256,uint256,uint256).tTransferAmount (#405)
Variable MCLT._transferStandard(address,address,uint256).rTransferAmount (#357) is too similar to MCLT._getTValues(uint256,uint256,uint256).tTransferAmount (#405)
Variable MCLT._transferStandard(address,address,uint256).rTransferAmount (#357) is too similar to MCLT._transferStandard(address,address,uint256).tTransferAmount (#357)
Variable MCLT._getRValues(uint256,uint256,uint256,uint256).rTransferAmount (#413) is too similar to MCLT._transferStandard(address,address,uint256).tTransferAmount (#357)
Variable MCLT._getValues(uint256).rTransferAmount (#398) is too similar to MCLT._transferStandard(address,address,uint256).tTransferAmount (#357)
Variable MCLT._getValues(uint256).rTransferAmount (#398) is too similar to MCLT._getValues(uint256).tTransferAmount (#396)
Prevent variables from having similar names.
Additional information: link
MCLT.constructor() (#166-176) uses literals with too many digits:
- Transfer(address(0x0000000000000000000000000000000000000000),_msgSender(),_tTotal) (#175)
MCLT.openTrading() (#321-336) uses literals with too many digits:
- _maxTxAmount = 20000000000 * 7 ** 9 (#334)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
Ownable._previousOwner (#81) is never used in MCLT (#130-434)
MCLT._tOwned (#133) is never used in MCLT (#130-434)
Remove unused state variables.
Additional information: link
Ownable._previousOwner (#81) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#99-102)
name() should be declared external:
- MCLT.name() (#186-188)
symbol() should be declared external:
- MCLT.symbol() (#190-192)
decimals() should be declared external:
- MCLT.decimals() (#194-196)
totalSupply() should be declared external:
- MCLT.totalSupply() (#198-200)
originalPurchase(address) should be declared external:
- MCLT.originalPurchase(address) (#202-204)
transfer(address,uint256) should be declared external:
- MCLT.transfer(address,uint256) (#210-213)
allowance(address,address) should be declared external:
- MCLT.allowance(address,address) (#215-217)
approve(address,uint256) should be declared external:
- MCLT.approve(address,uint256) (#219-222)
transferFrom(address,address,uint256) should be declared external:
- MCLT.transferFrom(address,address,uint256) (#224-228)
setBots(address[]) should be declared external:
- MCLT.setBots(address[]) (#338-342)
removeStrictTxLimit() should be declared external:
- MCLT.removeStrictTxLimit() (#344-346)
delBot(address) should be declared external:
- MCLT.delBot(address) (#348-350)
updateMaxTx(uint256) should be declared external:
- MCLT.updateMaxTx(uint256) (#371-373)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Twitter account
Telegram account has relatively few subscribers
Unable to find Blog account (Reddit or Medium)
Unable to find Youtube account
Unable to find Discord account