The metacash project is referred to the world of the metaverse and virtual reality, through creating a large community of more than 3000 members.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Too many vulnerabilities (Unchecked transfer, Reentrancy vulnerability, etc.). High risk of a scam. DYOR & manual audit are advised.
BABYTOKEN.addLiquidity(uint256,uint256) (contracts/tokens/BabyToken.sol#494-507) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (contracts/tokens/BabyToken.sol#512)
- dividendTracker.distributeCAKEDividends(dividends) (contracts/tokens/BabyToken.sol#515)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
State variables written after the call(s):
- super._transfer(from,address(this),fees) (contracts/tokens/BabyToken.sol#399)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#220)
- _balances[recipient] = _balances[recipient].add(amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#221)
- super._transfer(from,to,amount) (contracts/tokens/BabyToken.sol#402)
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#220)
- _balances[recipient] = _balances[recipient].add(amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#221)
- swapping = false (contracts/tokens/BabyToken.sol#382)
Apply the check-effects-interactions pattern.
Additional information: link
OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#74) shadows:
- ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#31)
ERC20Upgradeable.__gap (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#312) shadows:
- ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#31)
Remove the state variable shadowing.
Additional information: link
BABYTOKEN.swapAndSendToFee(uint256) (contracts/tokens/BabyToken.sol#427-433) ignores return value by IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Contract ownership is not renounced (belongs to a wallet)
Reentrancy in BABYTOKEN._setAutomatedMarketMakerPair(address,bool) (contracts/tokens/BabyToken.sol#231-243):
External calls:
- dividendTracker.excludeFromDividends(pair) (contracts/tokens/BabyToken.sol#239)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (contracts/tokens/BabyToken.sol#242)
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Event emitted after the call(s):
- Approval(owner,spender,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#283)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- SwapAndLiquify(half,newBalance,otherHalf) (contracts/tokens/BabyToken.sol#455)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (contracts/tokens/BabyToken.sol#512)
- dividendTracker.distributeCAKEDividends(dividends) (contracts/tokens/BabyToken.sol#515)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Event emitted after the call(s):
- Approval(owner,spender,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#283)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- SendDividends(tokens,dividends) (contracts/tokens/BabyToken.sol#516)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- Transfer(sender,recipient,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#222)
- super._transfer(from,to,amount) (contracts/tokens/BabyToken.sol#402)
- Transfer(sender,recipient,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#222)
- super._transfer(from,address(this),fees) (contracts/tokens/BabyToken.sol#399)
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (contracts/tokens/BabyToken.sol#512)
- dividendTracker.distributeCAKEDividends(dividends) (contracts/tokens/BabyToken.sol#515)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- dividendTracker.setBalance(address(from),balanceOf(from)) (contracts/tokens/BabyToken.sol#404)
- dividendTracker.setBalance(address(to),balanceOf(to)) (contracts/tokens/BabyToken.sol#405)
- dividendTracker.process(gas) (contracts/tokens/BabyToken.sol#410-423)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (contracts/tokens/BabyToken.sol#415-422)
Reentrancy in BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (contracts/tokens/BabyToken.sol#104)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#108-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (contracts/tokens/BabyToken.sol#114)
- dividendTracker.excludeFromDividends(pair) (contracts/tokens/BabyToken.sol#239)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (contracts/tokens/BabyToken.sol#242)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (contracts/tokens/BabyToken.sol#114)
Reentrancy in BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (contracts/tokens/BabyToken.sol#104)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#108-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (contracts/tokens/BabyToken.sol#114)
- dividendTracker.excludeFromDividends(pair) (contracts/tokens/BabyToken.sol#239)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (contracts/tokens/BabyToken.sol#118)
- dividendTracker.excludeFromDividends(address(this)) (contracts/tokens/BabyToken.sol#119)
- dividendTracker.excludeFromDividends(addrs[0]) (contracts/tokens/BabyToken.sol#120)
- dividendTracker.excludeFromDividends(address(0xdead)) (contracts/tokens/BabyToken.sol#121)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (contracts/tokens/BabyToken.sol#122)
Event emitted after the call(s):
- ExcludeFromFees(account,excluded) (contracts/tokens/BabyToken.sol#185)
- excludeFromFees(addrs[0],true) (contracts/tokens/BabyToken.sol#124)
- ExcludeFromFees(account,excluded) (contracts/tokens/BabyToken.sol#185)
- excludeFromFees(address(this),true) (contracts/tokens/BabyToken.sol#126)
- ExcludeFromFees(account,excluded) (contracts/tokens/BabyToken.sol#185)
- excludeFromFees(_marketingWalletAddress,true) (contracts/tokens/BabyToken.sol#125)
- OwnershipTransferred(_owner,newOwner) (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#71)
- transferOwnership(addrs[0]) (contracts/tokens/BabyToken.sol#132)
- Transfer(address(0),account,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#241)
- _mint(addrs[0],totalSupply_) (contracts/tokens/BabyToken.sol#131)
Reentrancy in BABYTOKENDividendTracker.processAccount(address,bool) (contracts/tokens/BabyTokenDividendTracker.sol#467-481):
External calls:
- amount = _withdrawDividendOfUser(account) (contracts/tokens/BabyTokenDividendTracker.sol#472)
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (contracts/tokens/BabyTokenDividendTracker.sol#143)
Event emitted after the call(s):
- Claim(account,amount,automatic) (contracts/tokens/BabyTokenDividendTracker.sol#476)
Reentrancy in BABYTOKEN.processDividendTracker(uint256) (contracts/tokens/BabyToken.sol#320-332):
External calls:
- (iterations,claims,lastProcessedIndex) = dividendTracker.process(gas) (contracts/tokens/BabyToken.sol#321-323)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,false,gas,tx.origin) (contracts/tokens/BabyToken.sol#324-331)
Reentrancy in BABYTOKEN.swapAndLiquify(uint256) (contracts/tokens/BabyToken.sol#435-456):
External calls:
- swapTokensForEth(half) (contracts/tokens/BabyToken.sol#447)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Event emitted after the call(s):
- Approval(owner,spender,amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#283)
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- SwapAndLiquify(half,newBalance,otherHalf) (contracts/tokens/BabyToken.sol#455)
Reentrancy in BABYTOKEN.swapAndSendDividends(uint256) (contracts/tokens/BabyToken.sol#509-518):
External calls:
- swapTokensForCake(tokens) (contracts/tokens/BabyToken.sol#510)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (contracts/tokens/BabyToken.sol#512)
- dividendTracker.distributeCAKEDividends(dividends) (contracts/tokens/BabyToken.sol#515)
Event emitted after the call(s):
- SendDividends(tokens,dividends) (contracts/tokens/BabyToken.sol#516)
Reentrancy in BABYTOKEN.updateDividendTracker(address) (contracts/tokens/BabyToken.sol#141-162):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (contracts/tokens/BabyToken.sol#154)
- newDividendTracker.excludeFromDividends(address(this)) (contracts/tokens/BabyToken.sol#155)
- newDividendTracker.excludeFromDividends(owner()) (contracts/tokens/BabyToken.sol#156)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (contracts/tokens/BabyToken.sol#157)
Event emitted after the call(s):
- UpdateDividendTracker(newAddress,address(dividendTracker)) (contracts/tokens/BabyToken.sol#159)
Apply the check-effects-interactions pattern.
Additional information: link
DividendPayingToken.__DividendPayingToken_init(address,string,string)._name (contracts/tokens/BabyTokenDividendTracker.sol#109) shadows:
- ERC20Upgradeable._name (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#43) (state variable)
DividendPayingToken.__DividendPayingToken_init(address,string,string)._symbol (contracts/tokens/BabyTokenDividendTracker.sol#110) shadows:
- ERC20Upgradeable._symbol (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#44) (state variable)
DividendPayingToken.dividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#159) shadows:
- OwnableUpgradeable._owner (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#20) (state variable)
DividendPayingToken.withdrawableDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#166) shadows:
- OwnableUpgradeable._owner (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#20) (state variable)
DividendPayingToken.withdrawnDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#173) shadows:
- OwnableUpgradeable._owner (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#20) (state variable)
DividendPayingToken.accumulativeDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#182) shadows:
- OwnableUpgradeable._owner (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#20) (state variable)
Rename the local variables that shadow another component.
Additional information: link
BABYTOKEN.setSwapTokensAtAmount(uint256) (contracts/tokens/BabyToken.sol#137-139) should emit an event for:
- swapTokensAtAmount = amount (contracts/tokens/BabyToken.sol#138)
BABYTOKEN.setTokenRewardsFee(uint256) (contracts/tokens/BabyToken.sol#203-206) should emit an event for:
- tokenRewardsFee = value (contracts/tokens/BabyToken.sol#204)
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (contracts/tokens/BabyToken.sol#205)
BABYTOKEN.setLiquiditFee(uint256) (contracts/tokens/BabyToken.sol#208-211) should emit an event for:
- liquidityFee = value (contracts/tokens/BabyToken.sol#209)
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (contracts/tokens/BabyToken.sol#210)
BABYTOKEN.setMarketingFee(uint256) (contracts/tokens/BabyToken.sol#213-216) should emit an event for:
- marketingFee = value (contracts/tokens/BabyToken.sol#214)
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (contracts/tokens/BabyToken.sol#215)
Emit an event for critical parameter changes.
Additional information: link
Variable 'BABYTOKEN._transfer(address,address,uint256).iterations (contracts/tokens/BabyToken.sol#411)' in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (contracts/tokens/BabyToken.sol#415-422)
Variable 'BABYTOKEN._transfer(address,address,uint256).lastProcessedIndex (contracts/tokens/BabyToken.sol#413)' in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (contracts/tokens/BabyToken.sol#415-422)
Variable 'BABYTOKEN._transfer(address,address,uint256).claims (contracts/tokens/BabyToken.sol#412)' in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (contracts/tokens/BabyToken.sol#415-422)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
State variables written after the call(s):
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- _allowances[owner][spender] = amount (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#282)
Reentrancy in BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425):
External calls:
- swapAndSendToFee(marketingTokens) (contracts/tokens/BabyToken.sol#374)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (contracts/tokens/BabyToken.sol#432)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (contracts/tokens/BabyToken.sol#512)
- dividendTracker.distributeCAKEDividends(dividends) (contracts/tokens/BabyToken.sol#515)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#485-491)
External calls sending eth:
- swapAndLiquify(swapTokens) (contracts/tokens/BabyToken.sol#377)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
State variables written after the call(s):
- swapAndSendDividends(sellTokens) (contracts/tokens/BabyToken.sol#380)
- _allowances[owner][spender] = amount (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#282)
Reentrancy in BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (contracts/tokens/BabyToken.sol#104)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#108-111)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (contracts/tokens/BabyToken.sol#113)
- uniswapV2Router = _uniswapV2Router (contracts/tokens/BabyToken.sol#112)
Reentrancy in BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (contracts/tokens/BabyToken.sol#104)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#108-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (contracts/tokens/BabyToken.sol#114)
- dividendTracker.excludeFromDividends(pair) (contracts/tokens/BabyToken.sol#239)
State variables written after the call(s):
- _marketingWalletAddress = addrs[3] (contracts/tokens/BabyToken.sol#116)
Reentrancy in BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (contracts/tokens/BabyToken.sol#104)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#108-111)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (contracts/tokens/BabyToken.sol#114)
- dividendTracker.excludeFromDividends(pair) (contracts/tokens/BabyToken.sol#239)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (contracts/tokens/BabyToken.sol#118)
- dividendTracker.excludeFromDividends(address(this)) (contracts/tokens/BabyToken.sol#119)
- dividendTracker.excludeFromDividends(addrs[0]) (contracts/tokens/BabyToken.sol#120)
- dividendTracker.excludeFromDividends(address(0xdead)) (contracts/tokens/BabyToken.sol#121)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (contracts/tokens/BabyToken.sol#122)
State variables written after the call(s):
- _mint(addrs[0],totalSupply_) (contracts/tokens/BabyToken.sol#131)
- _balances[account] = _balances[account].add(amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#240)
- excludeFromFees(addrs[0],true) (contracts/tokens/BabyToken.sol#124)
- _isExcludedFromFees[account] = excluded (contracts/tokens/BabyToken.sol#183)
- excludeFromFees(_marketingWalletAddress,true) (contracts/tokens/BabyToken.sol#125)
- _isExcludedFromFees[account] = excluded (contracts/tokens/BabyToken.sol#183)
- excludeFromFees(address(this),true) (contracts/tokens/BabyToken.sol#126)
- _isExcludedFromFees[account] = excluded (contracts/tokens/BabyToken.sol#183)
- transferOwnership(addrs[0]) (contracts/tokens/BabyToken.sol#132)
- _owner = newOwner (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#72)
- _mint(addrs[0],totalSupply_) (contracts/tokens/BabyToken.sol#131)
- _totalSupply = _totalSupply.add(amount) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#239)
Reentrancy in BABYTOKENDividendTracker.processAccount(address,bool) (contracts/tokens/BabyTokenDividendTracker.sol#467-481):
External calls:
- amount = _withdrawDividendOfUser(account) (contracts/tokens/BabyTokenDividendTracker.sol#472)
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (contracts/tokens/BabyTokenDividendTracker.sol#143)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (contracts/tokens/BabyTokenDividendTracker.sol#475)
Reentrancy in BABYTOKEN.swapAndLiquify(uint256) (contracts/tokens/BabyToken.sol#435-456):
External calls:
- swapTokensForEth(half) (contracts/tokens/BabyToken.sol#447)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/tokens/BabyToken.sol#467-473)
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (contracts/tokens/BabyToken.sol#453)
- _allowances[owner][spender] = amount (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#282)
Reentrancy in BABYTOKEN.updateUniswapV2Router(address) (contracts/tokens/BabyToken.sol#164-176):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(uniswapV2Router.factory()).createPair(address(this),uniswapV2Router.WETH()) (contracts/tokens/BabyToken.sol#171-174)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (contracts/tokens/BabyToken.sol#175)
Apply the check-effects-interactions pattern.
Additional information: link
BABYTOKENDividendTracker.getAccount(address) (contracts/tokens/BabyTokenDividendTracker.sol#324-366) uses timestamp for comparisons
Dangerous comparisons:
- nextClaimTime > block.timestamp (contracts/tokens/BabyTokenDividendTracker.sol#363-365)
BABYTOKENDividendTracker.canAutoClaim(uint256) (contracts/tokens/BabyTokenDividendTracker.sol#391-397) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > block.timestamp (contracts/tokens/BabyTokenDividendTracker.sol#392)
- block.timestamp.sub(lastClaimTime) >= claimWait (contracts/tokens/BabyTokenDividendTracker.sol#396)
Avoid relying on block.timestamp.
Additional information: link
AddressUpgradeable.isContract(address) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#26-35) uses assembly
- INLINE ASM (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#33)
AddressUpgradeable._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#147-164) uses assembly
- INLINE ASM (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#156-159)
Clones.clone(address) (@openzeppelin/contracts/proxy/Clones.sol#24-34) uses assembly
- INLINE ASM (@openzeppelin/contracts/proxy/Clones.sol#26-32)
Clones.cloneDeterministic(address,bytes32) (@openzeppelin/contracts/proxy/Clones.sol#43-53) uses assembly
- INLINE ASM (@openzeppelin/contracts/proxy/Clones.sol#45-51)
Clones.predictDeterministicAddress(address,bytes32,address) (@openzeppelin/contracts/proxy/Clones.sol#58-70) uses assembly
- INLINE ASM (@openzeppelin/contracts/proxy/Clones.sol#60-69)
Do not use evm assembly.
Additional information: link
Different versions of Solidity is used:
- Version used: ['>=0.4.24<0.8.0', '>=0.5.0', '>=0.6.0<0.8.0', '>=0.6.2', '>=0.6.2<0.8.0', '^0.7.0', '^0.7.6']
- >=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#3)
- >=0.4.24<0.8.0 (@openzeppelin/contracts-upgradeable/proxy/Initializable.sol#4)
- >=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol#3)
- >=0.6.2<0.8.0 (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#3)
- ^0.7.0 (@openzeppelin/contracts/access/Ownable.sol#3)
- ^0.7.0 (@openzeppelin/contracts/math/SafeMath.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/proxy/Clones.sol#3)
- ^0.7.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3)
- ^0.7.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/utils/Context.sol#3)
- >=0.5.0 (contracts/antibot/IPinkAntiBot.sol#2)
- >=0.5.0 (contracts/interfaces/IAntiBotBabyToken.sol#2)
- >=0.5.0 (contracts/interfaces/IBabyToken.sol#2)
- >=0.5.0 (contracts/interfaces/IUniswapV2Factory.sol#2)
- >=0.5.0 (contracts/interfaces/IUniswapV2Pair.sol#2)
- >=0.6.2 (contracts/interfaces/IUniswapV2Router02.sol#2)
- ^0.7.6 (contracts/libs/IterableMapping.sol#3)
- ^0.7.6 (contracts/libs/SafeMathInt.sol#2)
- ^0.7.6 (contracts/libs/SafeMathUint.sol#2)
- ^0.7.6 (contracts/tokens/BabyToken.sol#3)
- ^0.7.6 (contracts/tokens/BabyTokenDividendTracker.sol#3)
Use one Solidity version.
Additional information: link
AddressUpgradeable._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#147-164) is never used and should be removed
AddressUpgradeable.functionCall(address,bytes) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#79-81) is never used and should be removed
AddressUpgradeable.functionCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#89-91) is never used and should be removed
AddressUpgradeable.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#104-106) is never used and should be removed
AddressUpgradeable.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#114-121) is never used and should be removed
AddressUpgradeable.functionStaticCall(address,bytes) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#129-131) is never used and should be removed
AddressUpgradeable.functionStaticCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#139-145) is never used and should be removed
AddressUpgradeable.sendValue(address,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#53-59) is never used and should be removed
Clones.cloneDeterministic(address,bytes32) (@openzeppelin/contracts/proxy/Clones.sol#43-53) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32) (@openzeppelin/contracts/proxy/Clones.sol#75-77) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32,address) (@openzeppelin/contracts/proxy/Clones.sol#58-70) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-23) is never used and should be removed
ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#17-19) is never used and should be removed
ContextUpgradeable._msgData() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#27-30) is never used and should be removed
DividendPayingToken._transfer(address,address,uint256) (contracts/tokens/BabyTokenDividendTracker.sol#196-206) is never used and should be removed
ERC20._burn(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#249-257) is never used and should be removed
ERC20._mint(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#228-236) is never used and should be removed
ERC20._setupDecimals(uint8) (@openzeppelin/contracts/token/ERC20/ERC20.sol#287-289) is never used and should be removed
ERC20Upgradeable._setupDecimals(uint8) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#293-295) is never used and should be removed
SafeMath.div(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#135-138) is never used and should be removed
SafeMath.div(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#190-193) is never used and should be removed
SafeMath.mod(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#152-155) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#210-213) is never used and should be removed
SafeMath.mul(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#116-121) is never used and should be removed
SafeMath.sub(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#101-104) is never used and should be removed
SafeMath.tryAdd(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#24-28) is never used and should be removed
SafeMath.tryDiv(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#60-63) is never used and should be removed
SafeMath.tryMod(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#70-73) is never used and should be removed
SafeMath.tryMul(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#45-53) is never used and should be removed
SafeMath.trySub(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#35-38) is never used and should be removed
SafeMathInt.abs(int256) (contracts/libs/SafeMathInt.sol#56-59) is never used and should be removed
SafeMathInt.div(int256,int256) (contracts/libs/SafeMathInt.sol#27-33) is never used and should be removed
SafeMathInt.mul(int256,int256) (contracts/libs/SafeMathInt.sol#15-22) is never used and should be removed
SafeMathUpgradeable.div(uint256,uint256,string) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#190-193) is never used and should be removed
SafeMathUpgradeable.mod(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#152-155) is never used and should be removed
SafeMathUpgradeable.mod(uint256,uint256,string) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#210-213) is never used and should be removed
SafeMathUpgradeable.tryAdd(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#24-28) is never used and should be removed
SafeMathUpgradeable.tryDiv(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#60-63) is never used and should be removed
SafeMathUpgradeable.tryMod(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#70-73) is never used and should be removed
SafeMathUpgradeable.tryMul(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#45-53) is never used and should be removed
SafeMathUpgradeable.trySub(uint256,uint256) (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#35-38) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/math/SafeMathUpgradeable.sol#3) is too complex
Pragma version>=0.4.24<0.8.0 (@openzeppelin/contracts-upgradeable/proxy/Initializable.sol#4) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol#3) is too complex
Pragma version>=0.6.2<0.8.0 (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#3) is too complex
Pragma version^0.7.0 (@openzeppelin/contracts/access/Ownable.sol#3) allows old versions
Pragma version^0.7.0 (@openzeppelin/contracts/math/SafeMath.sol#3) allows old versions
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/proxy/Clones.sol#3) is too complex
Pragma version^0.7.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3) allows old versions
Pragma version^0.7.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3) allows old versions
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/utils/Context.sol#3) is too complex
Pragma version>=0.5.0 (contracts/antibot/IPinkAntiBot.sol#2) allows old versions
Pragma version>=0.5.0 (contracts/interfaces/IAntiBotBabyToken.sol#2) allows old versions
Pragma version>=0.5.0 (contracts/interfaces/IBabyToken.sol#2) allows old versions
Pragma version>=0.5.0 (contracts/interfaces/IUniswapV2Factory.sol#2) allows old versions
Pragma version>=0.5.0 (contracts/interfaces/IUniswapV2Pair.sol#2) allows old versions
Pragma version>=0.6.2 (contracts/interfaces/IUniswapV2Router02.sol#2) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function OwnableUpgradeable.__Ownable_init() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#27-30) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init_unchained() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#32-36) is not in mixedCase
Variable OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#74) is not in mixedCase
Function ERC20Upgradeable.__ERC20_init(string,string) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#56-59) is not in mixedCase
Function ERC20Upgradeable.__ERC20_init_unchained(string,string) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#61-65) is not in mixedCase
Variable ERC20Upgradeable.__gap (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#312) is not in mixedCase
Function ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#17-19) is not in mixedCase
Function ContextUpgradeable.__Context_init_unchained() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#21-22) is not in mixedCase
Variable ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#31) is not in mixedCase
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (contracts/interfaces/IUniswapV2Pair.sol#19) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (contracts/interfaces/IUniswapV2Pair.sol#20) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (contracts/interfaces/IUniswapV2Pair.sol#37) is not in mixedCase
Function IUniswapV2Router01.WETH() (contracts/interfaces/IUniswapV2Router02.sol#7) is not in mixedCase
Variable BABYTOKEN._isBlacklisted (contracts/tokens/BabyToken.sol#29) is not in mixedCase
Variable BABYTOKEN._marketingWalletAddress (contracts/tokens/BabyToken.sol#36) is not in mixedCase
Function DividendPayingToken.__DividendPayingToken_init(address,string,string) (contracts/tokens/BabyTokenDividendTracker.sol#107-115) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._rewardToken (contracts/tokens/BabyTokenDividendTracker.sol#108) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._name (contracts/tokens/BabyTokenDividendTracker.sol#109) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._symbol (contracts/tokens/BabyTokenDividendTracker.sol#110) is not in mixedCase
Parameter DividendPayingToken.dividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#159) is not in mixedCase
Parameter DividendPayingToken.withdrawableDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#166) is not in mixedCase
Parameter DividendPayingToken.withdrawnDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#173) is not in mixedCase
Parameter DividendPayingToken.accumulativeDividendOf(address)._owner (contracts/tokens/BabyTokenDividendTracker.sol#182) is not in mixedCase
Constant DividendPayingToken.magnitude (contracts/tokens/BabyTokenDividendTracker.sol#87) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter BABYTOKENDividendTracker.getAccount(address)._account (contracts/tokens/BabyTokenDividendTracker.sol#324) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Clones.clone(address) (@openzeppelin/contracts/proxy/Clones.sol#24-34) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#28)
Clones.clone(address) (@openzeppelin/contracts/proxy/Clones.sol#24-34) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#30)
Clones.cloneDeterministic(address,bytes32) (@openzeppelin/contracts/proxy/Clones.sol#43-53) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#47)
Clones.cloneDeterministic(address,bytes32) (@openzeppelin/contracts/proxy/Clones.sol#43-53) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#49)
Clones.predictDeterministicAddress(address,bytes32,address) (@openzeppelin/contracts/proxy/Clones.sol#58-70) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#62)
Clones.predictDeterministicAddress(address,bytes32,address) (@openzeppelin/contracts/proxy/Clones.sol#58-70) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf3ff00000000000000000000000000000000) (@openzeppelin/contracts/proxy/Clones.sol#64)
BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256) (contracts/tokens/BabyToken.sol#76-133) uses literals with too many digits:
- gasForProcessing = 300000 (contracts/tokens/BabyToken.sol#99)
BABYTOKEN.updateGasForProcessing(uint256) (contracts/tokens/BabyToken.sol#245-256) uses literals with too many digits:
- require(bool,string)(newValue >= 200000 && newValue <= 500000,BABYTOKEN: gasForProcessing must be between 200,000 and 500,000) (contracts/tokens/BabyToken.sol#246-249)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SafeMathInt.MAX_INT256 (contracts/libs/SafeMathInt.sol#10) is never used in SafeMathInt (contracts/libs/SafeMathInt.sol#8-67)
OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#74) is never used in BABYTOKEN (contracts/tokens/BabyToken.sol#15-519)
OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#74) is never used in BABYTOKENDividendTracker (contracts/tokens/BabyTokenDividendTracker.sol#245-482)
Remove unused state variables.
Additional information: link
renounceOwnership() should be declared external:
- OwnableUpgradeable.renounceOwnership() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#60-63)
name() should be declared external:
- ERC20Upgradeable.name() (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#70-72)
symbol() should be declared external:
- ERC20Upgradeable.symbol() (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#78-80)
decimals() should be declared external:
- ERC20Upgradeable.decimals() (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#95-97)
transfer(address,uint256) should be declared external:
- ERC20Upgradeable.transfer(address,uint256) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#121-124)
allowance(address,address) should be declared external:
- ERC20Upgradeable.allowance(address,address) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#129-131)
approve(address,uint256) should be declared external:
- ERC20Upgradeable.approve(address,uint256) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#140-143)
transferFrom(address,address,uint256) should be declared external:
- ERC20Upgradeable.transferFrom(address,address,uint256) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#158-162)
increaseAllowance(address,uint256) should be declared external:
- ERC20Upgradeable.increaseAllowance(address,uint256) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#176-179)
decreaseAllowance(address,uint256) should be declared external:
- ERC20Upgradeable.decreaseAllowance(address,uint256) (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#195-198)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (@openzeppelin/contracts/access/Ownable.sol#54-57)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (@openzeppelin/contracts/access/Ownable.sol#63-67)
name() should be declared external:
- ERC20.name() (@openzeppelin/contracts/token/ERC20/ERC20.sol#64-66)
symbol() should be declared external:
- ERC20.symbol() (@openzeppelin/contracts/token/ERC20/ERC20.sol#72-74)
decimals() should be declared external:
- ERC20.decimals() (@openzeppelin/contracts/token/ERC20/ERC20.sol#89-91)
totalSupply() should be declared external:
- ERC20.totalSupply() (@openzeppelin/contracts/token/ERC20/ERC20.sol#96-98)
balanceOf(address) should be declared external:
- ERC20.balanceOf(address) (@openzeppelin/contracts/token/ERC20/ERC20.sol#103-105)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#115-118)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (@openzeppelin/contracts/token/ERC20/ERC20.sol#123-125)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#134-137)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#152-156)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#170-173)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#189-192)
get(IterableMapping.Map,address) should be declared external:
- IterableMapping.get(IterableMapping.Map,address) (contracts/libs/IterableMapping.sol#14-16)
getIndexOfKey(IterableMapping.Map,address) should be declared external:
- IterableMapping.getIndexOfKey(IterableMapping.Map,address) (contracts/libs/IterableMapping.sol#18-23)
getKeyAtIndex(IterableMapping.Map,uint256) should be declared external:
- IterableMapping.getKeyAtIndex(IterableMapping.Map,uint256) (contracts/libs/IterableMapping.sol#25-27)
size(IterableMapping.Map) should be declared external:
- IterableMapping.size(IterableMapping.Map) (contracts/libs/IterableMapping.sol#31-33)
updateDividendTracker(address) should be declared external:
- BABYTOKEN.updateDividendTracker(address) (contracts/tokens/BabyToken.sol#141-162)
updateUniswapV2Router(address) should be declared external:
- BABYTOKEN.updateUniswapV2Router(address) (contracts/tokens/BabyToken.sol#164-176)
excludeMultipleAccountsFromFees(address[],bool) should be declared external:
- BABYTOKEN.excludeMultipleAccountsFromFees(address[],bool) (contracts/tokens/BabyToken.sol#188-197)
setAutomatedMarketMakerPair(address,bool) should be declared external:
- BABYTOKEN.setAutomatedMarketMakerPair(address,bool) (contracts/tokens/BabyToken.sol#218-225)
updateGasForProcessing(uint256) should be declared external:
- BABYTOKEN.updateGasForProcessing(uint256) (contracts/tokens/BabyToken.sol#245-256)
isExcludedFromFees(address) should be declared external:
- BABYTOKEN.isExcludedFromFees(address) (contracts/tokens/BabyToken.sol#270-272)
withdrawableDividendOf(address) should be declared external:
- BABYTOKEN.withdrawableDividendOf(address) (contracts/tokens/BabyToken.sol#274-276)
dividendTokenBalanceOf(address) should be declared external:
- BABYTOKEN.dividendTokenBalanceOf(address) (contracts/tokens/BabyToken.sol#278-280)
distributeCAKEDividends(uint256) should be declared external:
- DividendPayingToken.distributeCAKEDividends(uint256) (contracts/tokens/BabyTokenDividendTracker.sol#117-128)
withdrawDividend() should be declared external:
- BABYTOKENDividendTracker.withdrawDividend() (contracts/tokens/BabyTokenDividendTracker.sol#286-291)
- DividendPayingToken.withdrawDividend() (contracts/tokens/BabyTokenDividendTracker.sol#132-134)
dividendOf(address) should be declared external:
- DividendPayingToken.dividendOf(address) (contracts/tokens/BabyTokenDividendTracker.sol#159-161)
withdrawnDividendOf(address) should be declared external:
- DividendPayingToken.withdrawnDividendOf(address) (contracts/tokens/BabyTokenDividendTracker.sol#173-175)
getAccountAtIndex(uint256) should be declared external:
- BABYTOKENDividendTracker.getAccountAtIndex(uint256) (contracts/tokens/BabyTokenDividendTracker.sol#368-389)
process(uint256) should be declared external:
- BABYTOKENDividendTracker.process(uint256) (contracts/tokens/BabyTokenDividendTracker.sol#413-465)
Use the external attribute for functions never called from the contract.
Additional information: link
DividendPayingToken._withdrawDividendOfUser(address) (contracts/tokens/BabyTokenDividendTracker.sol#138-154) has external calls inside a loop: success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (contracts/tokens/BabyTokenDividendTracker.sol#143)
Favor pull over push strategy for external calls.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (contracts/interfaces/IUniswapV2Router02.sol#12) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (contracts/interfaces/IUniswapV2Router02.sol#13)
Variable ERC20Upgradeable._totalSupply (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#41) is too similar to BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256).totalSupply_ (contracts/tokens/BabyToken.sol#81)
Variable ERC20Upgradeable._totalSupply (@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol#41) is too similar to IBabyToken.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256).totalSupply_ (contracts/interfaces/IBabyToken.sol#10)
Variable DividendPayingToken.__DividendPayingToken_init(address,string,string)._rewardToken (contracts/tokens/BabyTokenDividendTracker.sol#108) is too similar to BABYTOKENDividendTracker.initialize(address,uint256).rewardToken_ (contracts/tokens/BabyTokenDividendTracker.sol#265)
Variable DividendPayingToken._withdrawDividendOfUser(address)._withdrawableDividend (contracts/tokens/BabyTokenDividendTracker.sol#139) is too similar to BABYTOKENDividendTracker.getAccount(address).withdrawableDividends (contracts/tokens/BabyTokenDividendTracker.sol#331)
Prevent variables from having similar names.
Additional information: link
Reentrancy in DividendPayingToken._withdrawDividendOfUser(address) (contracts/tokens/BabyTokenDividendTracker.sol#138-154):
External calls:
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (contracts/tokens/BabyTokenDividendTracker.sol#143)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (contracts/tokens/BabyTokenDividendTracker.sol#146)
Reentrancy in BABYTOKEN.updateDividendTracker(address) (contracts/tokens/BabyToken.sol#141-162):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (contracts/tokens/BabyToken.sol#154)
- newDividendTracker.excludeFromDividends(address(this)) (contracts/tokens/BabyToken.sol#155)
- newDividendTracker.excludeFromDividends(owner()) (contracts/tokens/BabyToken.sol#156)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (contracts/tokens/BabyToken.sol#157)
State variables written after the call(s):
- dividendTracker = newDividendTracker (contracts/tokens/BabyToken.sol#161)
Apply the check-effects-interactions pattern.
Additional information: link
BABYTOKEN._transfer(address,address,uint256).lastProcessedIndex (contracts/tokens/BabyToken.sol#413) is a local variable never initialized
BABYTOKEN._transfer(address,address,uint256).iterations (contracts/tokens/BabyToken.sol#411) is a local variable never initialized
BABYTOKEN._transfer(address,address,uint256).claims (contracts/tokens/BabyToken.sol#412) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
BABYTOKEN.claim() (contracts/tokens/BabyToken.sol#334-336) ignores return value by dividendTracker.processAccount(msg.sender,false) (contracts/tokens/BabyToken.sol#335)
BABYTOKEN._transfer(address,address,uint256) (contracts/tokens/BabyToken.sol#346-425) ignores return value by dividendTracker.process(gas) (contracts/tokens/BabyToken.sol#410-423)
BABYTOKEN.addLiquidity(uint256,uint256) (contracts/tokens/BabyToken.sol#494-507) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (contracts/tokens/BabyToken.sol#499-506)
Ensure that all the return values of the function calls are used.
Additional information: link
BABYTOKEN.initialize(address[4],address,string,string,uint256,uint256,uint256,uint256,uint256)._uniswapV2Pair (contracts/tokens/BabyToken.sol#108-111) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (contracts/tokens/BabyToken.sol#113)
BABYTOKEN.updateUniswapV2Router(address)._uniswapV2Pair (contracts/tokens/BabyToken.sol#171-174) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (contracts/tokens/BabyToken.sol#175)
BABYTOKEN.setMarketingWallet(address).wallet (contracts/tokens/BabyToken.sol#199) lacks a zero-check on :
- _marketingWalletAddress = wallet (contracts/tokens/BabyToken.sol#200)
Check that the address is not zero.
Additional information: link
Low level call in AddressUpgradeable.sendValue(address,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#53-59):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#57)
Low level call in AddressUpgradeable.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#114-121):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#119)
Low level call in AddressUpgradeable.functionStaticCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#139-145):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#143)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Redundant expression "this (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#28)" inContextUpgradeable (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#16-32)
Redundant expression "this (@openzeppelin/contracts/utils/Context.sol#21)" inContext (@openzeppelin/contracts/utils/Context.sol#15-24)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Contract has 15% buy tax and 16% sell tax.
Taxes are suspiciously high (over 10%) and contract ownership is not renounced. Token has a high risk of becoming a honeypot.
Swap operations require suspiciously high gas. Contract logic is complex and may disguise some form of scam.
Token is deployed only at one blockchain
Token has a considerable age, but we're still unable to find its website
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Young tokens have high risks of price dump / death
Unable to find Blog account (Reddit or Medium)
Unable to find Youtube account
Unable to find Discord account