Nerve Token Logo

NRV [Nerve] Token

About NRV

Listings

Token 3 years
CoinGecko 3 years
CoinMarketCap 3 years

Website

white paper

Nerve Finance is a stableswap AMM built on Binance Smart Chain designed to allow trading stablecoins and pegged synthetic assets quickly with minimal slippage and low fees. $NRV is the governance token of the Nerve Finance protocol.

Social

Laser Scorebeta Last Audit: 19 August 2022

report
Token seems to be (relatively) fine. It still become a scam, but probability is moderate.

Anti-Scam

Links


Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)

NerveToken._writeCheckpoint(address,uint32,uint256,uint256) (contracts/NerveToken/NerveToken.sol#226-244) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (contracts/NerveToken/NerveToken.sol#236)
Don't use strict equality to determine if an account has enough Ether or tokens.

Additional information: link

Different versions of Solidity is used:
- Version used: ['0.6.12', '>=0.6.0<0.8.0', '>=0.6.2<0.8.0']
- >=0.6.0<0.8.0 (@openzeppelin/contracts/GSN/Context.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/access/AccessControl.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/math/SafeMath.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3)
- >=0.6.2<0.8.0 (@openzeppelin/contracts/utils/Address.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/utils/EnumerableSet.sol#3)
- 0.6.12 (contracts/NerveToken/NerveToken.sol#3)
Use one Solidity version.

Additional information: link

AccessControl._setRoleAdmin(bytes32,bytes32) (@openzeppelin/contracts/access/AccessControl.sol#201-204) is never used and should be removed
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#147-164) is never used and should be removed
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#79-81) is never used and should be removed
Address.functionCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#89-91) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#104-106) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#114-121) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#129-131) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#139-145) is never used and should be removed
Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-35) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#53-59) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/GSN/Context.sol#20-23) is never used and should be removed
ERC20._setupDecimals(uint8) (@openzeppelin/contracts/token/ERC20/ERC20.sol#287-289) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#147-149) is never used and should be removed
EnumerableSet.add(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#256-258) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes32Set,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#185-187) is never used and should be removed
EnumerableSet.at(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#294-296) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#164-166) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#273-275) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes32Set) (@openzeppelin/contracts/utils/EnumerableSet.sol#171-173) is never used and should be removed
EnumerableSet.length(EnumerableSet.UintSet) (@openzeppelin/contracts/utils/EnumerableSet.sol#280-282) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#157-159) is never used and should be removed
EnumerableSet.remove(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#266-268) is never used and should be removed
SafeMath.div(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#103-105) is never used and should be removed
SafeMath.div(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#119-125) is never used and should be removed
SafeMath.mod(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#139-141) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#155-158) is never used and should be removed
SafeMath.mul(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#77-89) is never used and should be removed
Remove unused functions.

Additional information: link

NerveToken.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (contracts/NerveToken/NerveToken.sol#92-133) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,NRV::delegateBySig: signature expired) (contracts/NerveToken/NerveToken.sol#131)
Avoid relying on block.timestamp.

Additional information: link

Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-35) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#33)
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#147-164) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#156-159)
NerveToken.getChainId() (contracts/NerveToken/NerveToken.sol#251-255) uses assembly
- INLINE ASM (contracts/NerveToken/NerveToken.sol#253)
Do not use evm assembly.

Additional information: link

Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/GSN/Context.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/access/AccessControl.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/math/SafeMath.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3) is too complex
Pragma version>=0.6.2<0.8.0 (@openzeppelin/contracts/utils/Address.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/utils/EnumerableSet.sol#3) is too complex
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.

Additional information: link

Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#53-59):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#57)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#114-121):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#119)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#139-145):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#143)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Parameter NerveToken.mint(address,uint256)._to (contracts/NerveToken/NerveToken.sol#20) is not in mixedCase
Parameter NerveToken.mint(address,uint256)._amount (contracts/NerveToken/NerveToken.sol#20) is not in mixedCase
Variable NerveToken._delegates (contracts/NerveToken/NerveToken.sol#34) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Redundant expression "this (@openzeppelin/contracts/GSN/Context.sol#21)" inContext (@openzeppelin/contracts/GSN/Context.sol#15-24)
Remove redundant statements if they congest code but offer no value.

Additional information: link

getRoleMemberCount(bytes32) should be declared external:
- AccessControl.getRoleMemberCount(bytes32) (@openzeppelin/contracts/access/AccessControl.sol#95-97)
getRoleMember(bytes32,uint256) should be declared external:
- AccessControl.getRoleMember(bytes32,uint256) (@openzeppelin/contracts/access/AccessControl.sol#111-113)
getRoleAdmin(bytes32) should be declared external:
- AccessControl.getRoleAdmin(bytes32) (@openzeppelin/contracts/access/AccessControl.sol#121-123)
grantRole(bytes32,address) should be declared external:
- AccessControl.grantRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#135-139)
revokeRole(bytes32,address) should be declared external:
- AccessControl.revokeRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#150-154)
renounceRole(bytes32,address) should be declared external:
- AccessControl.renounceRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#170-174)
owner() should be declared external:
- Ownable.owner() (@openzeppelin/contracts/access/Ownable.sol#35-37)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (@openzeppelin/contracts/access/Ownable.sol#54-57)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (@openzeppelin/contracts/access/Ownable.sol#63-67)
symbol() should be declared external:
- ERC20.symbol() (@openzeppelin/contracts/token/ERC20/ERC20.sol#72-74)
decimals() should be declared external:
- ERC20.decimals() (@openzeppelin/contracts/token/ERC20/ERC20.sol#89-91)
totalSupply() should be declared external:
- ERC20.totalSupply() (@openzeppelin/contracts/token/ERC20/ERC20.sol#96-98)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#115-118)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#134-137)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#152-156)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#170-173)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#189-192)
burn(uint256) should be declared external:
- ERC20Burnable.burn(uint256) (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#21-23)
burnFrom(address,uint256) should be declared external:
- ERC20Burnable.burnFrom(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#36-41)
mint(address,uint256) should be declared external:
- NerveToken.mint(address,uint256) (contracts/NerveToken/NerveToken.sol#20-25)
Use the external attribute for functions never called from the contract.

Additional information: link


Contract ownership is semi-renounced (passed to a contract)

Holders:


Token is deployed only at one blockchain


Twitter account seems to be suspended

Additional information: link


Unable to find Youtube account


Unable to find token contract audit


Unable to find audit link on the website


Unable to find token on CoinHunt

Additional information: link


Unable to find code repository for the project


Token is not listed at Mobula.Finance

Additional information: link


Young tokens have high risks of scam / price dump / death


Token has a considerable age, but social accounts / website are missing or have few users

Price for NRV