Scallop is an innovative fintech decentralized ecosystem built to offer users a faster and more efficient way to securely manage crypto and fiat currencies in a single place. Scallop is a robust platform that combines decentralized financial services with banking features such as bank accounts, cards, remittance and much more - to promote the general usage of crypto in daily life. Scallop’s mission is to bring digital assets into mainstream use and accelerate the transition to a more equitable and decentralised ecosystem.
The Scallop token, SCLP, will be an ERC-20 and BEP token and will be an integral within the Scallop ecosystem. It has several native use cases such as receiving trading bonus payments, staking, payment of transaction fees, etc.
Scallop offers traditional banking services with a strong cryptocurrency and DeFi integration for both individuals and institutions. It’s the only banking service to directly connect banking accounts to hardware or digital wallets and as such facilitate seamless crypto to fiat (and vice versa transactions.
Included in Scallop suite of ten ‘X’ products is: -
Scallop Pay - Payment Gateway for businesses to set up on/off ramp from crypto to fiat and vice versa, to receive payments from customers
Scallop Cards - Pay for any goods or services online or in-store using digital assets
Scallop Chain - World’s first regulated blockchain that will overlay the entire Scallop banking ecosystem. It can power cross-chain financial applications and allows institutional partners to design and deploy secure custody services, interest-bearing savings accounts, debit cards, and a fiat on-ramp to cryptocurrencies.
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract ownership is semi-renounced (passed to a contract)
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#79-81) is never used and should be removed
Address.functionCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#89-95) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#108-114) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#122-133) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#141-143) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#151-160) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#54-59) is never used and should be removed
ERC1967Upgrade._getBeacon() (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#160-162) is never used and should be removed
ERC1967Upgrade._setBeacon(address) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#167-174) is never used and should be removed
ERC1967Upgrade._upgradeBeaconToAndCall(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#182-192) is never used and should be removed
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#79-107) is never used and should be removed
Proxy._implementation() (@openzeppelin/contracts/proxy/Proxy.sol#50) is never used and should be removed
StorageSlot.getBooleanSlot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#60-64) is never used and should be removed
StorageSlot.getBytes32Slot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#69-73) is never used and should be removed
StorageSlot.getUint256Slot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#78-82) is never used and should be removed
TransparentUpgradeableProxy._admin() (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#113-115) is never used and should be removed
Remove unused functions.
Additional information: link
Reentrancy in ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#79-107):
External calls:
- Address.functionDelegateCall(newImplementation,data) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#89)
- Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#97-100)
Event emitted after the call(s):
- Upgraded(newImplementation) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#55)
- _upgradeTo(newImplementation) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#105)
Reentrancy in TransparentUpgradeableProxy.constructor(address,address,bytes) (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#33-40):
External calls:
- ERC1967Proxy(_logic,_data) (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#37)
- Address.functionDelegateCall(newImplementation,data) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#70)
- (success,returndata) = target.delegatecall(data) (@openzeppelin/contracts/utils/Address.sol#185)
Event emitted after the call(s):
- AdminChanged(_getAdmin(),newAdmin) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#142)
- _changeAdmin(admin_) (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#39)
Apply the check-effects-interactions pattern.
Additional information: link
Pragma version^0.8.0 (@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/proxy/Proxy.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/proxy/beacon/IBeacon.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Address.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/StorageSlot.sol#3) allows old versions
Pragma version^0.8.0 (contracts/ScallopProxy.sol#3) allows old versions
solc-0.8.0 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#54-59):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#57)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#122-133):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#131)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#151-160):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#158)
Low level call in Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#178-187):
- (success,returndata) = target.delegatecall(data) (@openzeppelin/contracts/utils/Address.sol#185)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
ERC1967Upgrade._upgradeToAndCall(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#63-72) ignores return value by Address.functionDelegateCall(newImplementation,data) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#70)
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#79-107) ignores return value by Address.functionDelegateCall(newImplementation,data) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#89)
ERC1967Upgrade._upgradeToAndCallSecure(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#79-107) ignores return value by Address.functionDelegateCall(newImplementation,abi.encodeWithSignature(upgradeTo(address),oldImplementation)) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#97-100)
ERC1967Upgrade._upgradeBeaconToAndCall(address,bytes,bool) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#182-192) ignores return value by Address.functionDelegateCall(IBeacon(newBeacon).implementation(),data) (@openzeppelin/contracts/proxy/ERC1967/ERC1967Upgrade.sol#190)
Ensure that all the return values of the function calls are used.
Additional information: link
Modifier TransparentUpgradeableProxy.ifAdmin() (@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol#45-51) does not always execute _; or revert
All the paths in a modifier must execute _ or revert.
Additional information: link
Proxy._delegate(address) (@openzeppelin/contracts/proxy/Proxy.sol#21-44) uses assembly
- INLINE ASM (@openzeppelin/contracts/proxy/Proxy.sol#22-43)
Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-36) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#32-34)
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#189-209) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#201-204)
StorageSlot.getAddressSlot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#51-55) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/StorageSlot.sol#52-54)
StorageSlot.getBooleanSlot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#60-64) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/StorageSlot.sol#61-63)
StorageSlot.getBytes32Slot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#69-73) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/StorageSlot.sol#70-72)
StorageSlot.getUint256Slot(bytes32) (@openzeppelin/contracts/utils/StorageSlot.sol#78-82) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/StorageSlot.sol#79-81)
Do not use evm assembly.
Additional information: link
Unable to find token contract audit
Unable to find KYC or doxxing proof
Unable to find audit link on the website
Unable to find token on CoinHunt
Additional information: link
Unable to find code repository for the project
Young tokens have high risks of price dump / death
Unable to find Youtube account
Unable to find Discord account