Unbanking shipping. Nexum platform is a fintech platform built to securely and efficiently provide funding to traders in the shipping and oil industry. NEXM is a utility token that traders and other maritime ecosystem participants must use to receive funding and obtain access to services offered by the platform.
Nexum incentivizes the adoption of blockchain technology and crypto payments by the maritime ecosystem members. Shipping is a fragmented and opaque industry that naturally lends itself to crypto applications. Its multijurisdictional and multicurrency nature provides a fertile environment for token utilization that will make cross-border payments and remittances quick and efficient.
Our vision is Nexum Token to form the backbone of tokenization in shipping transactions. We aim by using blockchain technology and big data clusters to derive performance and credit-risk-related assessments on a per vessel/ship-manager basis. Our data-driven approach will also allow us to analyze and predict trade flows and world economic activity on a macro level.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
ERC1967Upgrade._upgradeToAndCall(address,bytes,bool) (#484-493) ignores return value by Address.functionDelegateCall(newImplementation,data) (#491)
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#500-528) ignores return value by Address.functionDelegateCall(newImplementation,data) (#510)
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#500-528) ignores return value by Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (#518-521)
ERC1967Upgrade._upgradeBeaconToAndCall(address,bytes,bool) (#603-613) ignores return value by Address.functionDelegateCall(IBeacon(newBeacon).implementation(),data) (#611)
Ensure that all the return values of the function calls are used.
Additional information: link
Reentrancy in ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#500-528):
External calls:
- Address.functionDelegateCall(newImplementation,data) (#510)
- Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (#518-521)
Event emitted after the call(s):
- Upgraded(newImplementation) (#476)
- _upgradeTo(newImplementation) (#526)
Apply the check-effects-interactions pattern.
Additional information: link
StorageSlot.getAddressSlot(bytes32) (#58-62) uses assembly
- INLINE ASM (#59-61)
StorageSlot.getBooleanSlot(bytes32) (#67-71) uses assembly
- INLINE ASM (#68-70)
StorageSlot.getBytes32Slot(bytes32) (#76-80) uses assembly
- INLINE ASM (#77-79)
StorageSlot.getUint256Slot(bytes32) (#85-89) uses assembly
- INLINE ASM (#86-88)
Address.isContract(address) (#120-130) uses assembly
- INLINE ASM (#126-128)
Address.verifyCallResult(bool,bytes,string) (#289-309) uses assembly
- INLINE ASM (#301-304)
Proxy._delegate(address) (#335-358) uses assembly
- INLINE ASM (#336-357)
Do not use evm assembly.
Additional information: link
Different versions of Solidity is used:
- Version used: ['^0.8.0', '^0.8.2']
- ^0.8.0 (#10)
- ^0.8.0 (#97)
- ^0.8.0 (#317)
- ^0.8.0 (#406)
- ^0.8.2 (#425)
- ^0.8.0 (#621)
- ^0.8.0 (#685)
Use one Solidity version.
Additional information: link
Address.functionCall(address,bytes) (#173-175) is never used and should be removed
Address.functionCall(address,bytes,string) (#183-189) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#202-208) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#216-227) is never used and should be removed
Address.functionStaticCall(address,bytes) (#235-237) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#245-254) is never used and should be removed
Address.sendValue(address,uint256) (#148-153) is never used and should be removed
BeaconProxy._beacon() (#654-656) is never used and should be removed
BeaconProxy._setBeacon(address,bytes) (#675-677) is never used and should be removed
ERC1967Upgrade._changeAdmin(address) (#562-565) is never used and should be removed
ERC1967Upgrade._getAdmin() (#545-547) is never used and should be removed
ERC1967Upgrade._getImplementation() (#457-459) is never used and should be removed
ERC1967Upgrade._setAdmin(address) (#552-555) is never used and should be removed
ERC1967Upgrade._setImplementation(address) (#464-467) is never used and should be removed
ERC1967Upgrade._upgradeTo(address) (#474-477) is never used and should be removed
ERC1967Upgrade._upgradeToAndCall(address,bytes,bool) (#484-493) is never used and should be removed
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (#500-528) is never used and should be removed
Proxy._implementation() (#364) is never used and should be removed
StorageSlot.getBooleanSlot(bytes32) (#67-71) is never used and should be removed
StorageSlot.getBytes32Slot(bytes32) (#76-80) is never used and should be removed
StorageSlot.getUint256Slot(bytes32) (#85-89) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (#10) allows old versions
Pragma version^0.8.0 (#97) allows old versions
Pragma version^0.8.0 (#317) allows old versions
Pragma version^0.8.0 (#406) allows old versions
Pragma version^0.8.2 (#425) allows old versions
Pragma version^0.8.0 (#621) allows old versions
Pragma version^0.8.0 (#685) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#148-153):
- (success) = recipient.call{value: amount}() (#151)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#216-227):
- (success,returndata) = target.call{value: value}(data) (#225)
Low level call in Address.functionStaticCall(address,bytes,string) (#245-254):
- (success,returndata) = target.staticcall(data) (#252)
Low level call in Address.functionDelegateCall(address,bytes,string) (#272-281):
- (success,returndata) = target.delegatecall(data) (#279)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Contract name (Nexum Coin (Wormhole)) contains non-alphanumeric characters.
Not a direct threat, but may indicate unreliable intentions of developer. Non-alphanumeric chars (,.;!#*&") are extremely rare among low risk tokens.
Contract ownership is semi-renounced (passed to a contract)
BscScan page for the token does not contain additional info: website, socials, description, etc.
Additional information: link
Unable to find token contract audit
Unable to find KYC or doxxing proof
Unable to find audit link on the website
Token is not listed at Mobula.Finance
Additional information: link
Unable to find token on CoinHunt
Additional information: link
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Unable to find Youtube account
Unable to find Discord account