SGs31 [SEA Games #31] Token

Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)

Reentrancy in SeaGames31._transfer(address,address,uint256) (#555-591):
External calls:
- swapAndSendToFee(sellTokens) (#577)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
External calls sending eth:
- swapAndSendToFee(sellTokens) (#577)
- address(_marketingWallet).transfer(ethToSend) (#598)
State variables written after the call(s):
- _tOwned[from] -= amount (#581)
- transferAmount = _getValues(amount,from) (#586)
- _tOwned[address(this)] += marketingFee + liquidityFee (#537)
- _tOwned[to] += transferAmount (#589)
- swapping = false (#578)
Apply the check-effects-interactions pattern.

Additional information: link

SeaGames31.allowance(address,address).owner (#496) shadows:
- Ownable.owner() (#175-177) (function)
SeaGames31._approve(address,address,uint256).owner (#547) shadows:
- Ownable.owner() (#175-177) (function)
Rename the local variables that shadow another component.

Additional information: link

Reentrancy in SeaGames31.constructor() (#453-469):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#458)
State variables written after the call(s):
- _isExcludedFromFee[owner()] = true (#464)
- _isExcludedFromFee[address(this)] = true (#465)
- _isExcludedFromFee[_marketingWallet] = true (#466)
- uniswapV2Pair = _uniswapV2Pair (#461)
- uniswapV2Router = _uniswapV2Router (#460)
Reentrancy in SeaGames31.swapAndLiquify() (#601-613):
External calls:
- newBalance = swapTokensForEth(half) (#606)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
- addLiquidity(otherHalf,newBalance) (#610)
- (ethFromLiquidity) = uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#640-647)
- (success) = recipient.call{value: amount}() (#113)
- address(_marketingWallet).sendValue(ethAmount - ethFromLiquidity) (#650)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#610)
- (ethFromLiquidity) = uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#640-647)
- (success) = recipient.call{value: amount}() (#113)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (#610)
- _allowances[owner][spender] = amount (#551)
Reentrancy in SeaGames31.transferFrom(address,address,uint256) (#505-509):
External calls:
- _transfer(sender,recipient,amount) (#506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
External calls sending eth:
- _transfer(sender,recipient,amount) (#506)
- address(_marketingWallet).transfer(ethToSend) (#598)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()] - amount) (#507)
- _allowances[owner][spender] = amount (#551)
Apply the check-effects-interactions pattern.

Additional information: link

Reentrancy in SeaGames31._transfer(address,address,uint256) (#555-591):
External calls:
- swapAndSendToFee(sellTokens) (#577)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
External calls sending eth:
- swapAndSendToFee(sellTokens) (#577)
- address(_marketingWallet).transfer(ethToSend) (#598)
Event emitted after the call(s):
- Transfer(from,address(this),marketingFee + liquidityFee) (#538)
- transferAmount = _getValues(amount,from) (#586)
- Transfer(from,to,transferAmount) (#590)
Reentrancy in SeaGames31.constructor() (#453-469):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#458)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_tTotal) (#468)
Reentrancy in SeaGames31.swapAndLiquify() (#601-613):
External calls:
- newBalance = swapTokensForEth(half) (#606)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
- addLiquidity(otherHalf,newBalance) (#610)
- (ethFromLiquidity) = uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#640-647)
- (success) = recipient.call{value: amount}() (#113)
- address(_marketingWallet).sendValue(ethAmount - ethFromLiquidity) (#650)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#610)
- (ethFromLiquidity) = uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#640-647)
- (success) = recipient.call{value: amount}() (#113)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#552)
- addLiquidity(otherHalf,newBalance) (#610)
- SwapAndLiquify(half,newBalance,otherHalf) (#611)
Reentrancy in SeaGames31.transferFrom(address,address,uint256) (#505-509):
External calls:
- _transfer(sender,recipient,amount) (#506)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#625-631)
External calls sending eth:
- _transfer(sender,recipient,amount) (#506)
- address(_marketingWallet).transfer(ethToSend) (#598)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#552)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()] - amount) (#507)
Apply the check-effects-interactions pattern.

Additional information: link

SeaGames31._transfer(address,address,uint256) (#555-591) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(_lastBuy[to] + _buyCooldown < block.timestamp,Must wait til after coooldown to buy) (#569)
SeaGames31.addLiquidity(uint256,uint256) (#635-651) uses timestamp for comparisons
Dangerous comparisons:
- ethAmount - ethFromLiquidity > 0 (#649)
Avoid relying on block.timestamp.

Additional information: link

Address.isContract(address) (#98-107) uses assembly
- INLINE ASM (#105)
Address._functionCallWithValue(address,bytes,uint256,string) (#134-155) uses assembly
- INLINE ASM (#147-150)
Do not use evm assembly.

Additional information: link

Address._functionCallWithValue(address,bytes,uint256,string) (#134-155) is never used and should be removed
Address.functionCall(address,bytes) (#117-119) is never used and should be removed
Address.functionCall(address,bytes,string) (#121-123) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#125-127) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#129-132) is never used and should be removed
Address.isContract(address) (#98-107) is never used and should be removed
Address.sendValue(address,uint256) (#109-115) is never used and should be removed
Context._msgData() (#86-89) is never used and should be removed
SafeMath.add(uint256,uint256) (#27-32) is never used and should be removed
SafeMath.div(uint256,uint256) (#59-61) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#63-69) is never used and should be removed
SafeMath.mod(uint256,uint256) (#71-73) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#75-78) is never used and should be removed
SafeMath.mul(uint256,uint256) (#45-57) is never used and should be removed
SafeMath.sub(uint256,uint256) (#34-36) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (#38-43) is never used and should be removed
SeaGames31.addLiquidity(uint256,uint256) (#635-651) is never used and should be removed
SeaGames31.swapAndLiquify() (#601-613) is never used and should be removed
Remove unused functions.

Additional information: link

Low level call in Address.sendValue(address,uint256) (#109-115):
- (success) = recipient.call{value: amount}() (#113)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#134-155):
- (success,returndata) = target.call{value: weiValue}(data) (#138)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#246) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#247) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#264) is not in mixedCase
Function IUniswapV2Router01.WETH() (#286) is not in mixedCase
Variable SeaGames31._maxTxAmount (#436) is not in mixedCase
Constant SeaGames31._name (#438) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SeaGames31._symbol (#439) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SeaGames31._decimals (#440) is not in UPPER_CASE_WITH_UNDERSCORES
Variable SeaGames31._marketingFee (#442) is not in mixedCase
Variable SeaGames31._liquidityFee (#443) is not in mixedCase
Variable SeaGames31._marketingWallet (#444) is not in mixedCase
Variable SeaGames31._buyCooldown (#446) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Redundant expression "this (#87)" inContext (#81-90)
Remove redundant statements if they congest code but offer no value.

Additional information: link

Reentrancy in SeaGames31._transfer(address,address,uint256) (#555-591):
External calls:
- swapAndSendToFee(sellTokens) (#577)
- address(_marketingWallet).transfer(ethToSend) (#598)
State variables written after the call(s):
- _tOwned[from] -= amount (#581)
- transferAmount = _getValues(amount,from) (#586)
- _tOwned[address(this)] += marketingFee + liquidityFee (#537)
- _tOwned[to] += transferAmount (#589)
- swapping = false (#578)
Event emitted after the call(s):
- Transfer(from,address(this),marketingFee + liquidityFee) (#538)
- transferAmount = _getValues(amount,from) (#586)
- Transfer(from,to,transferAmount) (#590)
Reentrancy in SeaGames31.transferFrom(address,address,uint256) (#505-509):
External calls:
- _transfer(sender,recipient,amount) (#506)
- address(_marketingWallet).transfer(ethToSend) (#598)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()] - amount) (#507)
- _allowances[owner][spender] = amount (#551)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#552)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()] - amount) (#507)
Apply the check-effects-interactions pattern.

Additional information: link

Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#291) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#292)
Prevent variables from having similar names.

Additional information: link

Address.sendValue(address,uint256) (#109-115) uses literals with too many digits:
- recipient = address(0x000000000000000000000000000000000000dEaD) (#111)
SeaGames31.slitherConstructorVariables() (#423-653) uses literals with too many digits:
- _tTotal = 1000000000000000 * 10 ** 9 (#435)
SeaGames31.slitherConstructorVariables() (#423-653) uses literals with too many digits:
- _maxTxAmount = 1000000000000000 * 10 ** 9 (#436)
Use: Ether suffix, Time suffix, or The scientific notation

Additional information: link

SeaGames31._buyCooldown (#446) should be constant
SeaGames31._liquidityFee (#443) should be constant
SeaGames31._marketingFee (#442) should be constant
SeaGames31._marketingWallet (#444) should be constant
SeaGames31._maxTxAmount (#436) should be constant
SeaGames31._tTotal (#435) should be constant
Add the constant attributes to state variables that never change.

Additional information: link

renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#194-197)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#203-207)
name() should be declared external:
- SeaGames31.name() (#471-473)
symbol() should be declared external:
- SeaGames31.symbol() (#475-477)
decimals() should be declared external:
- SeaGames31.decimals() (#479-481)
totalSupply() should be declared external:
- SeaGames31.totalSupply() (#483-485)
transfer(address,uint256) should be declared external:
- SeaGames31.transfer(address,uint256) (#491-494)
allowance(address,address) should be declared external:
- SeaGames31.allowance(address,address) (#496-498)
approve(address,uint256) should be declared external:
- SeaGames31.approve(address,uint256) (#500-503)
transferFrom(address,address,uint256) should be declared external:
- SeaGames31.transferFrom(address,address,uint256) (#505-509)
increaseAllowance(address,uint256) should be declared external:
- SeaGames31.increaseAllowance(address,uint256) (#511-514)
decreaseAllowance(address,uint256) should be declared external:
- SeaGames31.decreaseAllowance(address,uint256) (#516-519)
excludeFromFee(address) should be declared external:
- SeaGames31.excludeFromFee(address) (#521-523)
includeInFee(address) should be declared external:
- SeaGames31.includeInFee(address) (#525-527)
isExcludedFromFee(address) should be declared external:
- SeaGames31.isExcludedFromFee(address) (#543-545)
Use the external attribute for functions never called from the contract.

Additional information: link

Contract name (SEA Games #31) contains non-alphanumeric characters.
Not a direct threat, but may indicate unreliable intentions of developer. Non-alphanumeric chars (,.;!#*&") are extremely rare among low risk tokens.

Average 30d PancakeSwap liquidity is less than $100. Token is either dead or inactive.

Average 30d PancakeSwap volume is less than $100. Token is either dead or inactive.

Number of Binance Smart Chain (BSC) token holders is less than 100. Token is either dead or inactive. Ignore for presale.

Contract has 3% buy tax and 4% sell tax.
Taxes are low but contract ownership is not renounced. Token has a high risk of becoming a honeypot.

Average 30d number of PancakeSwap swaps is low.

Token is deployed only at one blockchain

Token has only one trading pair

Unable to find website, listings and other project-related information

Young tokens have high risks of scam / price dump / death

Token has no active CoinGecko listing / rank

Token has no active CoinMarketCap listing / rank