About NRV
Listings
Website
Nerve Finance is a stableswap AMM built on Binance Smart Chain designed to allow trading stablecoins and pegged synthetic assets quickly with minimal slippage and low fees. $NRV is the governance token of the Nerve Finance protocol.
Social
Laser Scorebeta Last Audit: 19 August 2022
Anti-Scam
Links
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
NerveToken._writeCheckpoint(address,uint32,uint256,uint256) (contracts/NerveToken/NerveToken.sol#226-244) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (contracts/NerveToken/NerveToken.sol#236)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
Different versions of Solidity is used:
- Version used: ['0.6.12', '>=0.6.0<0.8.0', '>=0.6.2<0.8.0']
- >=0.6.0<0.8.0 (@openzeppelin/contracts/GSN/Context.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/access/AccessControl.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/math/SafeMath.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3)
- >=0.6.2<0.8.0 (@openzeppelin/contracts/utils/Address.sol#3)
- >=0.6.0<0.8.0 (@openzeppelin/contracts/utils/EnumerableSet.sol#3)
- 0.6.12 (contracts/NerveToken/NerveToken.sol#3)
Use one Solidity version.
Additional information: link
AccessControl._setRoleAdmin(bytes32,bytes32) (@openzeppelin/contracts/access/AccessControl.sol#201-204) is never used and should be removed
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#147-164) is never used and should be removed
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#79-81) is never used and should be removed
Address.functionCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#89-91) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#104-106) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#114-121) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#129-131) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#139-145) is never used and should be removed
Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-35) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#53-59) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/GSN/Context.sol#20-23) is never used and should be removed
ERC20._setupDecimals(uint8) (@openzeppelin/contracts/token/ERC20/ERC20.sol#287-289) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#147-149) is never used and should be removed
EnumerableSet.add(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#256-258) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes32Set,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#185-187) is never used and should be removed
EnumerableSet.at(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#294-296) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#164-166) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#273-275) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes32Set) (@openzeppelin/contracts/utils/EnumerableSet.sol#171-173) is never used and should be removed
EnumerableSet.length(EnumerableSet.UintSet) (@openzeppelin/contracts/utils/EnumerableSet.sol#280-282) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/EnumerableSet.sol#157-159) is never used and should be removed
EnumerableSet.remove(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/EnumerableSet.sol#266-268) is never used and should be removed
SafeMath.div(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#103-105) is never used and should be removed
SafeMath.div(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#119-125) is never used and should be removed
SafeMath.mod(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#139-141) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (@openzeppelin/contracts/math/SafeMath.sol#155-158) is never used and should be removed
SafeMath.mul(uint256,uint256) (@openzeppelin/contracts/math/SafeMath.sol#77-89) is never used and should be removed
Remove unused functions.
Additional information: link
NerveToken.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (contracts/NerveToken/NerveToken.sol#92-133) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(now <= expiry,NRV::delegateBySig: signature expired) (contracts/NerveToken/NerveToken.sol#131)
Avoid relying on block.timestamp.
Additional information: link
Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-35) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#33)
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#147-164) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#156-159)
NerveToken.getChainId() (contracts/NerveToken/NerveToken.sol#251-255) uses assembly
- INLINE ASM (contracts/NerveToken/NerveToken.sol#253)
Do not use evm assembly.
Additional information: link
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/GSN/Context.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/access/AccessControl.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/math/SafeMath.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3) is too complex
Pragma version>=0.6.2<0.8.0 (@openzeppelin/contracts/utils/Address.sol#3) is too complex
Pragma version>=0.6.0<0.8.0 (@openzeppelin/contracts/utils/EnumerableSet.sol#3) is too complex
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#53-59):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#57)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#114-121):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#119)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#139-145):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#143)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Parameter NerveToken.mint(address,uint256)._to (contracts/NerveToken/NerveToken.sol#20) is not in mixedCase
Parameter NerveToken.mint(address,uint256)._amount (contracts/NerveToken/NerveToken.sol#20) is not in mixedCase
Variable NerveToken._delegates (contracts/NerveToken/NerveToken.sol#34) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (@openzeppelin/contracts/GSN/Context.sol#21)" inContext (@openzeppelin/contracts/GSN/Context.sol#15-24)
Remove redundant statements if they congest code but offer no value.
Additional information: link
getRoleMemberCount(bytes32) should be declared external:
- AccessControl.getRoleMemberCount(bytes32) (@openzeppelin/contracts/access/AccessControl.sol#95-97)
getRoleMember(bytes32,uint256) should be declared external:
- AccessControl.getRoleMember(bytes32,uint256) (@openzeppelin/contracts/access/AccessControl.sol#111-113)
getRoleAdmin(bytes32) should be declared external:
- AccessControl.getRoleAdmin(bytes32) (@openzeppelin/contracts/access/AccessControl.sol#121-123)
grantRole(bytes32,address) should be declared external:
- AccessControl.grantRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#135-139)
revokeRole(bytes32,address) should be declared external:
- AccessControl.revokeRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#150-154)
renounceRole(bytes32,address) should be declared external:
- AccessControl.renounceRole(bytes32,address) (@openzeppelin/contracts/access/AccessControl.sol#170-174)
owner() should be declared external:
- Ownable.owner() (@openzeppelin/contracts/access/Ownable.sol#35-37)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (@openzeppelin/contracts/access/Ownable.sol#54-57)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (@openzeppelin/contracts/access/Ownable.sol#63-67)
symbol() should be declared external:
- ERC20.symbol() (@openzeppelin/contracts/token/ERC20/ERC20.sol#72-74)
decimals() should be declared external:
- ERC20.decimals() (@openzeppelin/contracts/token/ERC20/ERC20.sol#89-91)
totalSupply() should be declared external:
- ERC20.totalSupply() (@openzeppelin/contracts/token/ERC20/ERC20.sol#96-98)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#115-118)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#134-137)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#152-156)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#170-173)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#189-192)
burn(uint256) should be declared external:
- ERC20Burnable.burn(uint256) (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#21-23)
burnFrom(address,uint256) should be declared external:
- ERC20Burnable.burnFrom(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20Burnable.sol#36-41)
mint(address,uint256) should be declared external:
- NerveToken.mint(address,uint256) (contracts/NerveToken/NerveToken.sol#20-25)
Use the external attribute for functions never called from the contract.
Additional information: link
Contract ownership is semi-renounced (passed to a contract)
Token is deployed only at one blockchain
Young tokens have high risks of scam / price dump / death
Token has a considerable age, but social accounts / website are missing or have few users
Price for NRV
LASER DESK beta
Twitter account seems to be suspended
Additional information: link
Unable to find Youtube account