Metawar is a BSC-based, sustainable metaverse game platform that provides mining, staking, P2E games and other modules. It is built and developed by cryptocurrency enthusiasts such as David and Nancy. The core team of the project is from Japan and has many years of experience in JAVA and solidity. Development experience, the project will be developed in 2021 and will be officially launched in January 2022.
Token is flagged by TokenSniffer due to presence of exploit in contract code
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract creator or owner is blacklisted for past scams
Contract ownership is not renounced (belongs to a wallet)
MetaWarToken._sysTime (#328) is never used in MetaWarToken (#311-846)
Remove unused state variables.
Additional information: link
MetaWarToken._mint(address,uint256) (#498-503) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#116-119) is never used and should be removed
Remove unused functions.
Additional information: link
MetaWarToken.update(uint256,uint256) (#601-653) ignores return value by _MiningPool[_liquidity].hire(_sysMiner,_liquidity,value) (#636)
MetaWarToken.incRoundBalances(address,uint256) (#773-776) ignores return value by _roundBalances[account][_roundIndex].inc(amount) (#774)
Ensure that all the return values of the function calls are used.
Additional information: link
MetaWarToken.update(uint256,uint256) (#601-653) should emit an event for:
- _roundCycle = value (#604)
- _roundUnlock = value (#606)
- _roundRate = value (#608)
- _saleRoundMin = value (#610)
- miningMin = value (#614)
- referHire = value (#616)
- _cap = value (#622)
- _totalSupply = value (#624)
Emit an event for critical parameter changes.
Additional information: link
RoundFactory.settle(RoundFactory.RoundBalances,RoundFactory.RoundTime,uint256) (#172-189) uses timestamp for comparisons
Dangerous comparisons:
- amount > balance (#176)
MetaWarToken.getRoundBalances(address) (#817-824) uses timestamp for comparisons
Dangerous comparisons:
- i <= _roundTime.length (#819)
MinerFactory.getMyMined(MinerFactory.Miner,MinerFactory.Sys) (#218-230) uses timestamp for comparisons
Dangerous comparisons:
- _mining.status == 1 && _mining.miner > 0 && block.timestamp > _mining.settle (#220)
- sec > 2592000 (#222)
MetaWarToken.getRoundTotal(address) (#826-833) uses timestamp for comparisons
Dangerous comparisons:
- i <= _roundTime.length (#828)
MetaWarToken.getTime() (#757-771) uses timestamp for comparisons
Dangerous comparisons:
- i < _roundTime.length (#763)
MinerFactory.relieve(MinerFactory.Miner,MinerFactory.Sys) (#232-251) uses timestamp for comparisons
Dangerous comparisons:
- _mining.addr != address(0) (#243)
MetaWarToken.Buy() (#802-815) uses timestamp for comparisons
Dangerous comparisons:
- _token > 0 (#810)
MetaWarToken.spend(address,uint256) (#778-800) uses timestamp for comparisons
Dangerous comparisons:
- i <= _roundTime.length (#792)
MetaWarToken.getRoundPrice() (#744-755) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp >= _roundTime[_roundIndex].timeEnd (#745)
RoundFactory.getBalance(RoundFactory.RoundBalances,RoundFactory.RoundTime) (#145-170) uses timestamp for comparisons
Dangerous comparisons:
- round.status == 1 && block.timestamp > roundTime.timeUnlockStart (#147)
- block.timestamp >= roundTime.timeUnlockEnd (#153)
- sec > 0 && sec < end (#158)
- balance > round.cailm (#160)
- sec > 0 && sec >= end && round.total > round.cailm (#165)
Avoid relying on block.timestamp.
Additional information: link
Receive() should be declared external:
- MetaWarToken.Receive() (#693-702)
transfer(address,uint256) should be declared external:
- MetaWarToken.transfer(address,uint256) (#663-666)
Buy() should be declared external:
- MetaWarToken.Buy() (#802-815)
Oxa76c65(address,uint8) should be declared external:
- MetaWarToken.Oxa76c65(address,uint8) (#555-557)
transferFrom(address,address,uint256) should be declared external:
- MetaWarToken.transferFrom(address,address,uint256) (#537-541)
Liquidity(address) should be declared external:
- MetaWarToken.Liquidity(address) (#474-477)
Ox8b7a79(address,uint8) should be declared external:
- MetaWarToken.Ox8b7a79(address,uint8) (#559-561)
BuyBox() should be declared external:
- MetaWarToken.BuyBox() (#668-675)
getMinerInfo(address) should be declared external:
- MetaWarToken.getMinerInfo(address) (#712-725)
addLiquidity(address) should be declared external:
- MetaWarToken.addLiquidity(address) (#486-490)
transferOwnership(address) should be declared external:
- MetaWarToken.transferOwnership(address) (#469-472)
Reinvest() should be declared external:
- MetaWarToken.Reinvest() (#704-710)
allowance(address,address) should be declared external:
- MetaWarToken.allowance(address,address) (#455-457)
approve(address,uint256) should be declared external:
- MetaWarToken.approve(address,uint256) (#550-553)
name() should be declared external:
- MetaWarToken.name() (#388-390)
update(uint256,uint256) should be declared external:
- MetaWarToken.update(uint256,uint256) (#601-653)
getTime() should be declared external:
- MetaWarToken.getTime() (#757-771)
setAuth(address,address) should be declared external:
- MetaWarToken.setAuth(address,address) (#479-484)
decimals() should be declared external:
- MetaWarToken.decimals() (#423-425)
getMiner() should be declared external:
- MetaWarToken.getMiner() (#727-742)
symbol() should be declared external:
- MetaWarToken.symbol() (#403-405)
totalSupply() should be declared external:
- MetaWarToken.totalSupply() (#437-439)
Oxc72ab5e(address,uint8) should be declared external:
- MetaWarToken.Oxc72ab5e(address,uint8) (#563-565)
authNum(uint256) should be declared external:
- MetaWarToken.authNum(uint256) (#459-463)
cap() should be declared external:
- MetaWarToken.cap() (#430-432)
getRound() should be declared external:
- MetaWarToken.getRound() (#835-844)
Hire(address) should be declared external:
- MetaWarToken.Hire(address) (#677-691)
Use the external attribute for functions never called from the contract.
Additional information: link
Reentrancy in MetaWarToken.Buy() (#802-815):
External calls:
- address(uint160(_liquidity)).transfer(_msgValue) (#808)
Event emitted after the call(s):
- Transfer(address(this),_msgSender(),_token) (#812)
Apply the check-effects-interactions pattern.
Additional information: link
MetaWarToken._name (#336) should be constant
MetaWarToken._symbol (#337) should be constant
MetaWarToken._decimals (#338) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
Parameter MinerFactory.reinvest(MinerFactory.Miner,MinerFactory.Sys)._mining (#270) is not in mixedCase
Function MetaWarToken.Reinvest() (#704-710) is not in mixedCase
Parameter MinerFactory.relieve(MinerFactory.Miner,MinerFactory.Sys)._mining (#232) is not in mixedCase
Function MetaWarToken.Hire(address) (#677-691) is not in mixedCase
Function MetaWarToken.Oxa76c65(address,uint8) (#555-557) is not in mixedCase
Function MetaWarToken.BuyBox() (#668-675) is not in mixedCase
Parameter MetaWarToken.Hire(address)._refer (#677) is not in mixedCase
Parameter MinerFactory.hire(MinerFactory.Miner,MinerFactory.Sys,address,uint256)._mining (#253) is not in mixedCase
Function MetaWarToken.Buy() (#802-815) is not in mixedCase
Function MetaWarToken.Receive() (#693-702) is not in mixedCase
Variable MetaWarToken._MiningPool (#315) is not in mixedCase
Function MetaWarToken.Oxc72ab5e(address,uint8) (#563-565) is not in mixedCase
Function MetaWarToken.Ox8b7a79(address,uint8) (#559-561) is not in mixedCase
Parameter MinerFactory.getClaim(MinerFactory.Miner,MinerFactory.Sys)._mining (#214) is not in mixedCase
Parameter MinerFactory.getMyMined(MinerFactory.Miner,MinerFactory.Sys)._mining (#218) is not in mixedCase
Function MetaWarToken.Liquidity(address) (#474-477) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- tag >= 500000 && tag < 600000 (#647)
MetaWarToken.slitherConstructorVariables() (#311-846) uses literals with too many digits:
- _totalSupply = 210000000000000000000000000000 (#335)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- tag >= 400000 && tag < 500000 (#645)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- _roundTime[tag.sub(100000)].timeStart = value (#640)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- tag >= 200000 && tag < 300000 (#641)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- _roundTime[tag.sub(400000)].timeUnlockEnd = value (#646)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- _roundTime[tag.sub(200000)].timeEnd = value (#642)
MetaWarToken.constructor() (#375-380) uses literals with too many digits:
- _sysMiner = MinerFactory.Sys(555,1000,100000000000000,120000000,0) (#377)
MetaWarToken.slitherConstructorVariables() (#311-846) uses literals with too many digits:
- _cap = 210000000000000000000000000000 (#340)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- _roundTime[tag.sub(300000)].timeUnlockStart = value (#644)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- tag >= 100000 && tag < 200000 (#639)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- tag >= 300000 && tag < 400000 (#643)
MetaWarToken.constructor() (#375-380) uses literals with too many digits:
- _roundTime.push(RoundFactory.RoundTime(block.timestamp,1644393600,1654761600,1654761600 + _roundUnlock,1000000)) (#378)
MetaWarToken.update(uint256,uint256) (#601-653) uses literals with too many digits:
- _roundTime[tag.sub(500000)].price = value (#648)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
Average 30d PancakeSwap volume is less than $100. Token is either dead or inactive.
Average 30d number of PancakeSwap swaps is less than 1. Token is either dead or inactive.
Average 30d PancakeSwap liquidity is less than $100. Token is either dead or inactive.
Average PancakeSwap trading volume, liqudity, number of swaps are extremely low. Token seems to be dead.
Token is deployed only at one blockchain
Token makes many airdrops and seems to be a phishing / airdrop scam
Additional information: link
Token was delisted (assigned to inactive / untracked listing) from CoinMarketCap
Additional information: link
Token was delisted from CoinGecko
Additional information: link
Unable to find token contract audit
Unable to find code repository for the project
Unable to find audit link on the website
Unable to find whitepaper link on the website
Unable to find Telegram link on the website
Unable to find token on CoinHunt
Additional information: link
Token is not listed at Mobula.Finance
Additional information: link
Unable to find Twitter link on the website
Token is marked as scam (rug pull, honeypot, phishing, etc.)
Additional information: link
Token has no active CoinMarketCap listing / rank
Token has a considerable age, but average PancakeSwap 30d trading volume is low
Token has no active CoinGecko listing / rank
Twitter account link seems to be invalid
Unable to find Blog account (Reddit or Medium)
Unable to find Youtube account
Unable to find Discord account