Popular Tokens

Reflection Inu Token Logo

RFI [Reflection Inu] Token

ALERT: rug pull scam

About RFI

Listings

Not Found
Token 4 years

Website

Not Found

Description

Not Found

Social

Not Found

Contract

BscScan Logo
0xcfbb24c737a5a3815ed6b6884de5bb5d78f4be27

Laser Scorebeta Last Audit: 25 June 2022

report
Token seems to be a scam (type: rug pull scam).

Anti-Scam

TokenSniffer logo
StaySAFU logo
StaySAFU logo
Moonarch logo
Honeypot logo

Links

Code Search

RFI.swapBack() (#412-461) sends eth to arbitrary user
Dangerous calls:
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
Ensure that an arbitrary user cannot withdraw unauthorized funds.

Additional information: link

Reentrancy in RFI._transferFrom(address,address,uint256) (#330-358):
External calls:
- swapBack() (#347)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#423-429)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
External calls sending eth:
- swapBack() (#347)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
State variables written after the call(s):
- _rOwned[sender] = _rOwned[sender].sub(proportionAmount,Insufficient Balance) (#351)
- _rOwned[recipient] = _rOwned[recipient].add(proportionReceived) (#354)
- proportionReceived = takeFeeInProportions(sender,recipient,proportionAmount) (#353)
- _rOwned[address(this)] = _rOwned[address(this)].add(_proportionToContract) (#393)
- proportionReceived = takeFeeInProportions(sender,recipient,proportionAmount) (#353)
- _totalProportion = _totalProportion.sub(proportionReflected) (#389)
Reentrancy in RFI.swapBack() (#412-461):
External calls:
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#423-429)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
External calls sending eth:
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
State variables written after the call(s):
- swapThreshold = largeSwapThreshold (#456)
- swapThreshold = smallSwapThreshold (#458)
Apply the check-effects-interactions pattern.

Additional information: link


Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)

RFI.swapBack().tmpSuccess (#437) is written in both
(tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
(tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
Fix or remove the writes.

Additional information: link


Contract ownership is not renounced (belongs to a wallet)


Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.

RFI.takeFeeInProportions(address,address,uint256) (#384-398) performs a multiplication on the result of a division:
-proportionFeeAmount = proportionAmount.mul(getTotalFee(receiver == pair)).div(feeDenominator) (#385)
-proportionReflected = proportionFeeAmount.mul(reflectionFee).div(totalFee) (#388)
Consider ordering multiplication before division.

Additional information: link

RFI.manage_blacklist(address[],bool).i (#492) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.

Additional information: link

RFI.swapBack() (#412-461) ignores return value by router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
Ensure that all the return values of the function calls are used.

Additional information: link

RFI.setSwapBackSettings(bool,uint256,uint256,bool) (#463-469) should emit an event for:
- smallSwapThreshold = _amountS (#466)
- largeSwapThreshold = _amountL (#467)
- swapThreshold = smallSwapThreshold (#468)
RFI.changeFees(uint256,uint256,uint256,uint256) (#471-478) should emit an event for:
- liquidityFee = _liquidityFee (#472)
- reflectionFee = _reflectionFee (#473)
- marketingFee = _marketingFee (#474)
- devFee = _devFee (#475)
- totalFee = liquidityFee.add(reflectionFee).add(marketingFee).add(devFee) (#476)
RFI.setTxLimit(uint256,uint256) (#497-499) should emit an event for:
- _maxTxAmount = _totalSupply.mul(percent).div(denominator) (#498)
Emit an event for critical parameter changes.

Additional information: link

RFI.setFeeReceivers(address,address)._marketingFeeReceiver (#513) lacks a zero-check on :
- marketingFeeReceiver = _marketingFeeReceiver (#514)
RFI.setFeeReceivers(address,address)._liquidityReceiver (#513) lacks a zero-check on :
- autoLiquidityReceiver = _liquidityReceiver (#515)
Check that the address is not zero.

Additional information: link

Reentrancy in RFI.constructor() (#268-286):
External calls:
- pair = IDEXFactory(router.factory()).createPair(WBNB,address(this)) (#272)
State variables written after the call(s):
- _allowances[address(this)][address(router)] = type()(uint256).max (#273)
- _allowances[address(this)][deployer] = type()(uint256).max (#274)
- _rOwned[deployer] = _totalSupply (#284)
- autoLiquidityReceiver = 0xAa3C92f615a80eea38Bd09a4781bBE7497e739E7 (#280)
- devFeeReceiver = 0x125118e4664F781D05bc15BdDce4E08f76863007 (#282)
- isFeeExempt[deployer] = true (#279)
- isTxLimitExempt[address(this)] = true (#276)
- isTxLimitExempt[address(router)] = true (#277)
- isTxLimitExempt[deployer] = true (#278)
- marketingFeeReceiver = 0xAa3C92f615a80eea38Bd09a4781bBE7497e739E7 (#281)
Apply the check-effects-interactions pattern.

Additional information: link

Reentrancy in RFI._transferFrom(address,address,uint256) (#330-358):
External calls:
- swapBack() (#347)
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#423-429)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
External calls sending eth:
- swapBack() (#347)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
Event emitted after the call(s):
- Reflect(proportionReflected,_totalProportion) (#396)
- proportionReceived = takeFeeInProportions(sender,recipient,proportionAmount) (#353)
- Transfer(sender,address(this),tokenFromReflection(_proportionToContract)) (#395)
- proportionReceived = takeFeeInProportions(sender,recipient,proportionAmount) (#353)
- Transfer(sender,recipient,tokenFromReflection(proportionReceived)) (#356)
Reentrancy in RFI.constructor() (#268-286):
External calls:
- pair = IDEXFactory(router.factory()).createPair(WBNB,address(this)) (#272)
Event emitted after the call(s):
- Transfer(address(0),deployer,_totalSupply) (#285)
Reentrancy in RFI.swapBack() (#412-461):
External calls:
- router.swapExactTokensForETHSupportingFeeOnTransferTokens(amountToSwap,0,path,address(this),block.timestamp) (#423-429)
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
External calls sending eth:
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
- router.addLiquidityETH{value: amountADALiquidity}(address(this),amountToLiquify,0,0,autoLiquidityReceiver,block.timestamp) (#443-450)
Event emitted after the call(s):
- AutoLiquify(amountADALiquidity,amountToLiquify) (#451)
Apply the check-effects-interactions pattern.

Additional information: link

Context._msgData() (#124-127) is never used and should be removed
Remove unused functions.

Additional information: link

RFI._maxWalletSize (#226) is set pre-construction with a non-constant function or state variable:
- (_totalSupply * 3) / 100
RFI._maxTxAmount (#227) is set pre-construction with a non-constant function or state variable:
- (_totalSupply * 3) / 100
RFI._totalProportion (#231) is set pre-construction with a non-constant function or state variable:
- _totalSupply
RFI.totalFee (#244) is set pre-construction with a non-constant function or state variable:
- liquidityFee + devFee + marketingFee + reflectionFee
RFI.smallSwapThreshold (#261) is set pre-construction with a non-constant function or state variable:
- _totalSupply.mul(413945130).div(100_000_000_000)
RFI.largeSwapThreshold (#262) is set pre-construction with a non-constant function or state variable:
- _totalSupply.mul(669493726).div(100_000_000_000)
RFI.swapThreshold (#264) is set pre-construction with a non-constant function or state variable:
- smallSwapThreshold
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.

Additional information: link

Pragma version^0.8.13 (#7) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.13 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.

Additional information: link

Low level call in RFI.clearBalance() (#400-403):
- (success) = address(autoLiquidityReceiver).call{gas: 30000,value: address(this).balance}() (#401)
Low level call in RFI.swapBack() (#412-461):
- (tmpSuccess,None) = address(marketingFeeReceiver).call{gas: 30000,value: amountADAMarketing}() (#438)
- (tmpSuccess,None) = address(devFeeReceiver).call{gas: 30000,value: amountADADev}() (#439)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Function IDEXRouter.WETH() (#141) is not in mixedCase
Parameter RFI.setSwapBackSettings(bool,uint256,uint256,bool)._enabled (#463) is not in mixedCase
Parameter RFI.setSwapBackSettings(bool,uint256,uint256,bool)._amountS (#463) is not in mixedCase
Parameter RFI.setSwapBackSettings(bool,uint256,uint256,bool)._amountL (#463) is not in mixedCase
Parameter RFI.setSwapBackSettings(bool,uint256,uint256,bool)._alternate (#463) is not in mixedCase
Parameter RFI.changeFees(uint256,uint256,uint256,uint256)._liquidityFee (#471) is not in mixedCase
Parameter RFI.changeFees(uint256,uint256,uint256,uint256)._reflectionFee (#471) is not in mixedCase
Parameter RFI.changeFees(uint256,uint256,uint256,uint256)._marketingFee (#471) is not in mixedCase
Parameter RFI.changeFees(uint256,uint256,uint256,uint256)._devFee (#471) is not in mixedCase
Parameter RFI.tradingStatus(bool)._status (#480) is not in mixedCase
Function RFI.enable_blacklist(bool) (#484-486) is not in mixedCase
Parameter RFI.enable_blacklist(bool)._status (#484) is not in mixedCase
Function RFI.manage_blacklist(address[],bool) (#488-495) is not in mixedCase
Parameter RFI.setFeeReceivers(address,address)._marketingFeeReceiver (#513) is not in mixedCase
Parameter RFI.setFeeReceivers(address,address)._liquidityReceiver (#513) is not in mixedCase
Variable RFI._name (#221) is not in mixedCase
Variable RFI._symbol (#222) is not in mixedCase
Constant RFI._decimals (#223) is not in UPPER_CASE_WITH_UNDERSCORES
Variable RFI._totalSupply (#225) is not in mixedCase
Variable RFI._maxWalletSize (#226) is not in mixedCase
Variable RFI._maxTxAmount (#227) is not in mixedCase
Variable RFI._rOwned (#230) is not in mixedCase
Variable RFI._totalProportion (#231) is not in mixedCase
Variable RFI._allowances (#233) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Redundant expression "this (#125)" inContext (#119-128)
Remove redundant statements if they congest code but offer no value.

Additional information: link

RFI.slitherConstructorConstantVariables() (#213-525) uses literals with too many digits:
- DEAD = 0x000000000000000000000000000000000000dEaD (#218)
RFI.slitherConstructorConstantVariables() (#213-525) uses literals with too many digits:
- ZERO = 0x0000000000000000000000000000000000000000 (#219)
Use: Ether suffix, Time suffix, or The scientific notation

Additional information: link

RFI.targetLiquidity (#251) is never used in RFI (#213-525)
RFI.targetLiquidityDenominator (#252) is never used in RFI (#213-525)
Remove unused state variables.

Additional information: link

RFI._name (#221) should be constant
RFI._symbol (#222) should be constant
RFI._totalSupply (#225) should be constant
RFI.feeDenominator (#245) should be constant
RFI.targetLiquidity (#251) should be constant
RFI.targetLiquidityDenominator (#252) should be constant
Add the constant attributes to state variables that never change.

Additional information: link

renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#197-200)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#206-210)
tradingStatus(bool) should be declared external:
- RFI.tradingStatus(bool) (#480-482)
enable_blacklist(bool) should be declared external:
- RFI.enable_blacklist(bool) (#484-486)
manage_blacklist(address[],bool) should be declared external:
- RFI.manage_blacklist(address[],bool) (#488-495)
getCirculatingSupply() should be declared external:
- RFI.getCirculatingSupply() (#518-520)
Use the external attribute for functions never called from the contract.

Additional information: link

Holders:
Link to contract code of Reflection Inu logo


Token seems to be untradeable: there is no PancakeSwap trading pair and no trading volumes. Ignore for presale.


Unable to find Telegram and Twitter accounts


Unable to find website, listings and other project-related information


Young tokens have high risks of scam / price dump / death


Token has no active CoinGecko listing / rank


Token has no active CoinMarketCap listing / rank

Price for RFI

DEX.Guru logo
DEXTools logo
Coinbrain logo
PancakeSwap logo
Poocoin logo