RACA [Radio Caca V2] Token

RACAV2Token.transferRACAByOwner(address,uint256) (#1007-1010) ignores return value by this.transfer(_to,_amount) (#1009)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.

Additional information: link

RACAV2Token._writeCheckpoint(address,uint32,uint256,uint256) (#1044-1062) uses a dangerous strict equality:
- nCheckpoints > 0 && checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber (#1054)
Don't use strict equality to determine if an account has enough Ether or tokens.

Additional information: link

Ownable.nominatePotentialOwner(address).newOwner (#253) lacks a zero-check on :
- _potentialOwner = newOwner (#254)
Check that the address is not zero.

Additional information: link

RACAV2Token.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (#905-946) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= expiry,delegateBySig: signature expired) (#944)
Avoid relying on block.timestamp.

Additional information: link

Redundant expression "this (#176)" inContext (#170-179)
Remove redundant statements if they congest code but offer no value.

Additional information: link

Address.isContract(address) (#287-296) uses assembly
- INLINE ASM (#294)
RACAV2Token.getChainId() (#1069-1073) uses assembly
- INLINE ASM (#1071)
Address._verifyCallResult(bool,bytes,string) (#408-425) uses assembly
- INLINE ASM (#417-420)
Do not use evm assembly.

Additional information: link

RACAV2Token.constructor() (#843-848) uses literals with too many digits:
- racaInAdvance = 500000 * 10 ** 6 * 10 ** 18 (#845)
Use: Ether suffix, Time suffix, or The scientific notation

Additional information: link

Low level call in Address.sendValue(address,uint256) (#314-320):
- (success) = recipient.call{value: amount}() (#318)
Low level call in Address.functionStaticCall(address,bytes,string) (#400-406):
- (success,returndata) = target.staticcall(data) (#404)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#375-382):
- (success,returndata) = target.call{value: value}(data) (#380)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

SafeMath.mul(uint256,uint256) (#76-88) is never used and should be removed
Address.sendValue(address,uint256) (#314-320) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#365-367) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#154-157) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#375-382) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#118-124) is never used and should be removed
ERC20._setupDecimals(uint8) (#780-782) is never used and should be removed
Context._msgData() (#175-178) is never used and should be removed
Address.functionStaticCall(address,bytes) (#390-392) is never used and should be removed
SafeMath.mod(uint256,uint256) (#138-140) is never used and should be removed
SafeMath.div(uint256,uint256) (#102-104) is never used and should be removed
Address._verifyCallResult(bool,bytes,string) (#408-425) is never used and should be removed
Address.isContract(address) (#287-296) is never used and should be removed
Address.functionCall(address,bytes,string) (#350-352) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#400-406) is never used and should be removed
Address.functionCall(address,bytes) (#340-342) is never used and should be removed
Remove unused functions.

Additional information: link

Parameter RACAV2Token.mint(address,uint256)._amount (#851) is not in mixedCase
Parameter RACAV2Token.burn(address,uint256)._amount (#857) is not in mixedCase
Parameter RACAV2Token.mint(address,uint256)._to (#851) is not in mixedCase
Variable RACAV2Token._delegates (#825) is not in mixedCase
Parameter RACAV2Token.transferRACAByOwner(address,uint256)._amount (#1007) is not in mixedCase
Parameter RACAV2Token.transferRACAByOwner(address,uint256)._to (#1007) is not in mixedCase
Parameter RACAV2Token.burn(address,uint256)._from (#857) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

potentialOwner() should be declared external:
- Ownable.potentialOwner() (#219-221)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#238-241)
decimals() should be declared external:
- ERC20.decimals() (#582-584)
burn(address,uint256) should be declared external:
- RACAV2Token.burn(address,uint256) (#857-860)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#682-685)
symbol() should be declared external:
- ERC20.symbol() (#565-567)
owner() should be declared external:
- Ownable.owner() (#212-214)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#663-666)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#247-251)
acceptOwnership() should be declared external:
- Ownable.acceptOwnership() (#258-263)
totalSupply() should be declared external:
- ERC20.totalSupply() (#589-591)
nominatePotentialOwner(address) should be declared external:
- Ownable.nominatePotentialOwner(address) (#253-256)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#627-630)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (#616-618)
Use the external attribute for functions never called from the contract.

Additional information: link

Unable to find audit link on the website

Unable to find whitepaper link on the website