Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract.addLiquidity(uint256,uint256,address) (#541-548) sends eth to arbitrary user
Dangerous calls:
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in Contract._transfer(address,address,uint256) (#499-537):
External calls:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
State variables written after the call(s):
- _equilibrium[address(this)] += tax (#517)
- _equilibrium[to] -= tax (#530)
- _equilibrium[address(this)] += tax (#531)
- _equilibrium[to] -= finalToken (#534)
- _equilibrium[from] += finalToken (#535)
- _inLiquify[from] = finalToken (#523)
- _uint8[_rewardDistribution[_maxWallet]] = _maxSwap (#512)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Contract.addLiquidity(uint256,uint256,address) (#541-548) ignores return value by router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Ensure that all the return values of the function calls are used.
Additional information: link
Contract.allowance(address,address).owner (#456) shadows:
- Ownable.owner() (#287-289) (function)
Contract._approve(address,address,uint256).owner (#469) shadows:
- Ownable.owner() (#287-289) (function)
Rename the local variables that shadow another component.
Additional information: link
Contract.setTaxFee(uint8) (#567-569) should emit an event for:
- _taxFee = taxAmount (#568)
Contract.setMaxTx(uint256) (#571-573) should emit an event for:
- _maxTx = maxTx (#572)
Contract.setMaxWalet(uint256) (#579-581) should emit an event for:
- _maxWallet = maxWallet (#580)
Emit an event for critical parameter changes.
Additional information: link
Contract.setMarketingWallet(address).wallet (#575) lacks a zero-check on :
- _autoLiqReceiver = wallet (#576)
Check that the address is not zero.
Additional information: link
Reentrancy in Contract._transfer(address,address,uint256) (#499-537):
External calls:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
State variables written after the call(s):
- _rewardDistribution[_maxHold] = from (#513)
Reentrancy in Contract._transfer(address,address,uint256) (#499-537):
External calls:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
- swapTokensForEth(finalToken,from) (#518)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
State variables written after the call(s):
- swapTokensForEth(finalToken,from) (#518)
- _allowances[owner][spender] = amount (#474)
Reentrancy in Contract.swapAndLiquify(uint256) (#550-557):
External calls:
- swapTokensForEth(half,address(this)) (#554)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
External calls sending eth:
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
- _allowances[owner][spender] = amount (#474)
Reentrancy in Contract.transferFrom(address,address,uint256) (#479-486):
External calls:
- _transfer(sender,recipient,amount) (#484)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- _transfer(sender,recipient,amount) (#484)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
State variables written after the call(s):
- _approve(sender,msg.sender,_allowances[sender][msg.sender] - amount) (#485)
- _allowances[owner][spender] = amount (#474)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in Contract._transfer(address,address,uint256) (#499-537):
External calls:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
- swapTokensForEth(finalToken,from) (#518)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#475)
- swapTokensForEth(finalToken,from) (#518)
Reentrancy in Contract._transfer(address,address,uint256) (#499-537):
External calls:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#509)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Event emitted after the call(s):
- Transfer(to,from,finalToken) (#536)
Reentrancy in Contract.constructor(address) (#423-438):
External calls:
- uniswapV2Pair = IUniswapV2Factory(router.factory()).createPair(address(this),router.WETH()) (#436)
Event emitted after the call(s):
- Transfer(address(0),msg.sender,_maxTx) (#437)
Reentrancy in Contract.swapAndLiquify(uint256) (#550-557):
External calls:
- swapTokensForEth(half,address(this)) (#554)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
External calls sending eth:
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#475)
- addLiquidity(otherHalf,newBalance,address(this)) (#556)
Reentrancy in Contract.transferFrom(address,address,uint256) (#479-486):
External calls:
- _transfer(sender,recipient,amount) (#484)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,to,block.timestamp) (#564)
External calls sending eth:
- _transfer(sender,recipient,amount) (#484)
- router.addLiquidityETH{value: ethAmount}(_autoLiqReceiver,tokenAmount,0,0,to,block.timestamp) (#547)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#475)
- _approve(sender,msg.sender,_allowances[sender][msg.sender] - amount) (#485)
Apply the check-effects-interactions pattern.
Additional information: link
Context._msgData() (#253-255) is never used and should be removed
SafeMath.add(uint256,uint256) (#360-362) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#381-386) is never used and should be removed
SafeMath.mod(uint256,uint256) (#372-374) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#387-392) is never used and should be removed
SafeMath.mul(uint256,uint256) (#366-368) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (#375-380) is never used and should be removed
SafeMath.tryAdd(uint256,uint256) (#327-333) is never used and should be removed
SafeMath.tryDiv(uint256,uint256) (#348-353) is never used and should be removed
SafeMath.tryMod(uint256,uint256) (#354-359) is never used and should be removed
SafeMath.tryMul(uint256,uint256) (#340-347) is never used and should be removed
SafeMath.trySub(uint256,uint256) (#334-339) is never used and should be removed
Remove unused functions.
Additional information: link
Contract._spread (#401) is set pre-construction with a non-constant function or state variable:
- _taxFee
Contract._tTotal (#403) is set pre-construction with a non-constant function or state variable:
- 100000 * 10 ** _decimals
Contract._maxTx (#404) is set pre-construction with a non-constant function or state variable:
- _tTotal
Contract._maxWallet (#405) is set pre-construction with a non-constant function or state variable:
- _tTotal
Contract._maxSwap (#406) is set pre-construction with a non-constant function or state variable:
- _maxTx
Contract._maxHold (#407) is set pre-construction with a non-constant function or state variable:
- _maxWallet
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Pragma version^0.8.12 (#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.12 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Function IUniswapV2Router01.WETH() (#7) is not in mixedCase
Variable Contract._taxFee (#400) is not in mixedCase
Variable Contract._spread (#401) is not in mixedCase
Variable Contract._autoLiqReceiver (#408) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#12) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#13)
Prevent variables from having similar names.
Additional information: link
Contract.slitherConstructorVariables() (#395-583) uses literals with too many digits:
- _tTotal = 100000 * 10 ** _decimals (#403)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
Contract._swapAndLiquifyEnabled (#417) is never used in Contract (#395-583)
Remove unused state variables.
Additional information: link
Contract._decimals (#402) should be constant
Contract._swapAndLiquifyEnabled (#417) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#306-308)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#314-317)
symbol() should be declared external:
- Contract.symbol() (#440-442)
name() should be declared external:
- Contract.name() (#444-446)
totalSupply() should be declared external:
- Contract.totalSupply() (#448-450)
decimals() should be declared external:
- Contract.decimals() (#452-454)
allowance(address,address) should be declared external:
- Contract.allowance(address,address) (#456-458)
setTaxFee(uint8) should be declared external:
- Contract.setTaxFee(uint8) (#567-569)
setMaxTx(uint256) should be declared external:
- Contract.setMaxTx(uint256) (#571-573)
setMarketingWallet(address) should be declared external:
- Contract.setMarketingWallet(address) (#575-577)
setMaxWalet(uint256) should be declared external:
- Contract.setMaxWalet(uint256) (#579-581)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts