Smart Finance is a decentralized platform powered by Artificial Intelligence.
Defi Services, P2P marketplace, auto-trading with LOSS Insurance and much more
Too many vulnerabilities (Unchecked transfer, Reentrancy vulnerability, etc.). High risk of a scam. DYOR & manual audit are advised.
SmartFinance.addLiquidity(uint256,uint256) (#3125-3138) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- swapAndSendDividends(sellTokens) (#3005)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#3143-3146)
- dividendTracker.distributeCAKEDividends(dividends) (#3149)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
State variables written after the call(s):
- super._transfer(from,address(this),fees) (#3024)
- _balances[sender] = senderBalance - amount (#379)
- _balances[recipient] += amount (#381)
- super._transfer(from,to,amount) (#3027)
- _balances[sender] = senderBalance - amount (#379)
- _balances[recipient] += amount (#381)
- swapping = false (#3007)
Apply the check-effects-interactions pattern.
Additional information: link
ERC20Upgradeable.__gap (#1697) shadows:
- ContextUpgradeable.__gap (#1332)
OwnableUpgradeable.__gap (#1778) shadows:
- ContextUpgradeable.__gap (#1332)
Remove the state variable shadowing.
Additional information: link
SmartFinance.swapAndSendToFee(uint256) (#3054-3064) ignores return value by IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Unable to verify that contract auditor is trusted: Certik, Quantstamp, Hacken, Solidity, Paladinsec, Openzeppelin, Verichains
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
SafeMathInt.MAX_INT256 (#1847) is never used in SafeMathInt (#1845-1902)
OwnableUpgradeable.__gap (#1778) is never used in BABYTOKENDividendTracker (#2278-2542)
Remove unused state variables.
Additional information: link
Reentrancy in DividendPayingToken._withdrawDividendOfUser(address) (#2141-2167):
External calls:
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (#2151-2154)
State variables written after the call(s):
- withdrawnDividends[user] = withdrawnDividends[user].sub(_withdrawableDividend) (#2157-2159)
Reentrancy in SmartFinance.updateDividendTracker(address) (#2728-2751):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (#2743)
- newDividendTracker.excludeFromDividends(address(this)) (#2744)
- newDividendTracker.excludeFromDividends(owner()) (#2745)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (#2746)
State variables written after the call(s):
- dividendTracker = newDividendTracker (#2750)
Apply the check-effects-interactions pattern.
Additional information: link
SmartFinance._transfer(address,address,uint256).claims (#3039) is a local variable never initialized
SmartFinance._transfer(address,address,uint256).lastProcessedIndex (#3040) is a local variable never initialized
SmartFinance._transfer(address,address,uint256).iterations (#3038) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
SmartFinance.claim() (#2956-2958) ignores return value by dividendTracker.processAccount(address(msg.sender),false) (#2957)
SmartFinance._transfer(address,address,uint256) (#2968-3052) ignores return value by dividendTracker.process(gas) (#3037-3050)
SmartFinance.addLiquidity(uint256,uint256) (#3125-3138) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Ensure that all the return values of the function calls are used.
Additional information: link
DividendPayingToken.__DividendPayingToken_init(address,string,string)._name (#2112) shadows:
- ERC20Upgradeable._name (#1378) (state variable)
DividendPayingToken.__DividendPayingToken_init(address,string,string)._symbol (#2113) shadows:
- ERC20Upgradeable._symbol (#1379) (state variable)
DividendPayingToken.dividendOf(address)._owner (#2172) shadows:
- OwnableUpgradeable._owner (#1722) (state variable)
DividendPayingToken.withdrawableDividendOf(address)._owner (#2179) shadows:
- OwnableUpgradeable._owner (#1722) (state variable)
DividendPayingToken.withdrawnDividendOf(address)._owner (#2191) shadows:
- OwnableUpgradeable._owner (#1722) (state variable)
DividendPayingToken.accumulativeDividendOf(address)._owner (#2205) shadows:
- OwnableUpgradeable._owner (#1722) (state variable)
Rename the local variables that shadow another component.
Additional information: link
SmartFinance.setSwapTokensAtAmount(uint256) (#2724-2726) should emit an event for:
- swapTokensAtAmount = amount (#2725)
SmartFinance.setTokenRewardsFee(uint256) (#2790-2794) should emit an event for:
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (#2792)
SmartFinance.setLiquiditFee(uint256) (#2796-2800) should emit an event for:
- liquidityFee = value (#2797)
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (#2798)
SmartFinance.setMarketingFee(uint256) (#2802-2806) should emit an event for:
- marketingFee = value (#2803)
- totalFees = tokenRewardsFee.add(liquidityFee).add(marketingFee) (#2804)
Emit an event for critical parameter changes.
Additional information: link
SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256)._uniswapV2Pair (#2695-2696) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (#2698)
SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256).serviceFeeReceiver_ (#2665) lacks a zero-check on :
- address(serviceFeeReceiver_).transfer(serviceFee_) (#2719)
SmartFinance.updateUniswapV2Router(address)._uniswapV2Pair (#2760-2761) lacks a zero-check on :
- uniswapV2Pair = _uniswapV2Pair (#2762)
SmartFinance.setMarketingWallet(address).wallet (#2786) lacks a zero-check on :
- _marketingWalletAddress = wallet (#2787)
Check that the address is not zero.
Additional information: link
Variable 'SmartFinance._transfer(address,address,uint256).lastProcessedIndex (#3040)' in SmartFinance._transfer(address,address,uint256) (#2968-3052) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#3042-3049)
Variable 'SmartFinance._transfer(address,address,uint256).claims (#3039)' in SmartFinance._transfer(address,address,uint256) (#2968-3052) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#3042-3049)
Variable 'SmartFinance._transfer(address,address,uint256).iterations (#3038)' in SmartFinance._transfer(address,address,uint256) (#2968-3052) potentially used before declaration: ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#3042-3049)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.
Additional information: link
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
State variables written after the call(s):
- swapAndLiquify(swapTokens) (#3002)
- _allowances[owner][spender] = amount (#458)
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- swapAndSendDividends(sellTokens) (#3005)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#3143-3146)
- dividendTracker.distributeCAKEDividends(dividends) (#3149)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
State variables written after the call(s):
- swapAndSendDividends(sellTokens) (#3005)
- _allowances[owner][spender] = amount (#458)
Reentrancy in SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256) (#2658-2720):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (#2688-2691)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#2695-2696)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (#2698)
- uniswapV2Router = _uniswapV2Router (#2697)
Reentrancy in SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256) (#2658-2720):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (#2688-2691)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#2695-2696)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#2699)
- dividendTracker.excludeFromDividends(pair) (#2828)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (#2702)
- dividendTracker.excludeFromDividends(address(this)) (#2703)
- dividendTracker.excludeFromDividends(owner()) (#2704)
- dividendTracker.excludeFromDividends(address(0xdead)) (#2705)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (#2706)
State variables written after the call(s):
- _mint(owner(),totalSupply_) (#2715)
- _balances[account] += amount (#403)
- excludeFromFees(owner(),true) (#2708)
- _isExcludedFromFees[account] = excluded (#2770)
- excludeFromFees(_marketingWalletAddress,true) (#2709)
- _isExcludedFromFees[account] = excluded (#2770)
- excludeFromFees(address(this),true) (#2710)
- _isExcludedFromFees[account] = excluded (#2770)
- _mint(owner(),totalSupply_) (#2715)
- _totalSupply += amount (#402)
Reentrancy in BABYTOKENDividendTracker.processAccount(address,bool) (#2527-2541):
External calls:
- amount = _withdrawDividendOfUser(account) (#2532)
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (#2151-2154)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (#2535)
Reentrancy in SmartFinance.swapAndLiquify(uint256) (#3066-3087):
External calls:
- swapTokensForEth(half) (#3078)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- addLiquidity(otherHalf,newBalance) (#3084)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#3084)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
State variables written after the call(s):
- addLiquidity(otherHalf,newBalance) (#3084)
- _allowances[owner][spender] = amount (#458)
Reentrancy in SmartFinance.updateUniswapV2Router(address) (#2753-2763):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(uniswapV2Router.factory()).createPair(address(this),uniswapV2Router.WETH()) (#2760-2761)
State variables written after the call(s):
- uniswapV2Pair = _uniswapV2Pair (#2762)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in SmartFinance._setAutomatedMarketMakerPair(address,bool) (#2820-2832):
External calls:
- dividendTracker.excludeFromDividends(pair) (#2828)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (#2831)
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#459)
- swapAndLiquify(swapTokens) (#3002)
- SwapAndLiquify(half,newBalance,otherHalf) (#3086)
- swapAndLiquify(swapTokens) (#3002)
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- swapAndSendDividends(sellTokens) (#3005)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#3143-3146)
- dividendTracker.distributeCAKEDividends(dividends) (#3149)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#459)
- swapAndSendDividends(sellTokens) (#3005)
- SendDividends(tokens,dividends) (#3150)
- swapAndSendDividends(sellTokens) (#3005)
- Transfer(sender,recipient,amount) (#383)
- super._transfer(from,to,amount) (#3027)
- Transfer(sender,recipient,amount) (#383)
- super._transfer(from,address(this),fees) (#3024)
Reentrancy in SmartFinance._transfer(address,address,uint256) (#2968-3052):
External calls:
- swapAndSendToFee(marketingTokens) (#2997)
- IERC20(rewardToken).transfer(_marketingWalletAddress,newBalance) (#3063)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- swapAndSendDividends(sellTokens) (#3005)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#3143-3146)
- dividendTracker.distributeCAKEDividends(dividends) (#3149)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- dividendTracker.setBalance(address(from),balanceOf(from)) (#3029-3031)
- dividendTracker.setBalance(address(to),balanceOf(to)) (#3032)
- dividendTracker.process(gas) (#3037-3050)
External calls sending eth:
- swapAndLiquify(swapTokens) (#3002)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,true,gas,tx.origin) (#3042-3049)
Reentrancy in SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256) (#2658-2720):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (#2688-2691)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#2695-2696)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#2699)
- dividendTracker.excludeFromDividends(pair) (#2828)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(pair,value) (#2831)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#2699)
Reentrancy in SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256) (#2658-2720):
External calls:
- dividendTracker.initialize(rewardToken,minimumTokenBalanceForDividends_) (#2688-2691)
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#2695-2696)
- _setAutomatedMarketMakerPair(_uniswapV2Pair,true) (#2699)
- dividendTracker.excludeFromDividends(pair) (#2828)
- dividendTracker.excludeFromDividends(address(dividendTracker)) (#2702)
- dividendTracker.excludeFromDividends(address(this)) (#2703)
- dividendTracker.excludeFromDividends(owner()) (#2704)
- dividendTracker.excludeFromDividends(address(0xdead)) (#2705)
- dividendTracker.excludeFromDividends(address(_uniswapV2Router)) (#2706)
Event emitted after the call(s):
- ExcludeFromFees(account,excluded) (#2772)
- excludeFromFees(address(this),true) (#2710)
- ExcludeFromFees(account,excluded) (#2772)
- excludeFromFees(owner(),true) (#2708)
- ExcludeFromFees(account,excluded) (#2772)
- excludeFromFees(_marketingWalletAddress,true) (#2709)
- TokenCreated(owner(),address(this),TokenType.baby,VERSION) (#2717)
- Transfer(address(0),account,amount) (#404)
- _mint(owner(),totalSupply_) (#2715)
Reentrancy in BABYTOKENDividendTracker.processAccount(address,bool) (#2527-2541):
External calls:
- amount = _withdrawDividendOfUser(account) (#2532)
- success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (#2151-2154)
Event emitted after the call(s):
- Claim(account,amount,automatic) (#2536)
Reentrancy in SmartFinance.processDividendTracker(uint256) (#2940-2954):
External calls:
- (iterations,claims,lastProcessedIndex) = dividendTracker.process(gas) (#2941-2945)
Event emitted after the call(s):
- ProcessedDividendTracker(iterations,claims,lastProcessedIndex,false,gas,tx.origin) (#2946-2953)
Reentrancy in SmartFinance.swapAndLiquify(uint256) (#3066-3087):
External calls:
- swapTokensForEth(half) (#3078)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3098-3104)
- addLiquidity(otherHalf,newBalance) (#3084)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
External calls sending eth:
- addLiquidity(otherHalf,newBalance) (#3084)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,address(0),block.timestamp) (#3130-3137)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#459)
- addLiquidity(otherHalf,newBalance) (#3084)
- SwapAndLiquify(half,newBalance,otherHalf) (#3086)
Reentrancy in SmartFinance.swapAndSendDividends(uint256) (#3140-3152):
External calls:
- swapTokensForCake(tokens) (#3141)
- uniswapV2Router.swapExactTokensForTokensSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#3116-3122)
- success = IERC20(rewardToken).transfer(address(dividendTracker),dividends) (#3143-3146)
- dividendTracker.distributeCAKEDividends(dividends) (#3149)
Event emitted after the call(s):
- SendDividends(tokens,dividends) (#3150)
Reentrancy in SmartFinance.updateDividendTracker(address) (#2728-2751):
External calls:
- newDividendTracker.excludeFromDividends(address(newDividendTracker)) (#2743)
- newDividendTracker.excludeFromDividends(address(this)) (#2744)
- newDividendTracker.excludeFromDividends(owner()) (#2745)
- newDividendTracker.excludeFromDividends(address(uniswapV2Router)) (#2746)
Event emitted after the call(s):
- UpdateDividendTracker(newAddress,address(dividendTracker)) (#2748)
Apply the check-effects-interactions pattern.
Additional information: link
BABYTOKENDividendTracker.getAccount(address) (#2376-2423) uses timestamp for comparisons
Dangerous comparisons:
- nextClaimTime > block.timestamp (#2420-2422)
BABYTOKENDividendTracker.canAutoClaim(uint256) (#2448-2454) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > block.timestamp (#2449)
- block.timestamp.sub(lastClaimTime) >= claimWait (#2453)
Avoid relying on block.timestamp.
Additional information: link
Clones.clone(address) (#831-840) uses assembly
- INLINE ASM (#832-838)
Clones.cloneDeterministic(address,bytes32) (#849-858) uses assembly
- INLINE ASM (#850-856)
Clones.predictDeterministicAddress(address,bytes32,address) (#863-878) uses assembly
- INLINE ASM (#868-877)
Do not use evm assembly.
Additional information: link
Clones.cloneDeterministic(address,bytes32) (#849-858) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32) (#883-889) is never used and should be removed
Clones.predictDeterministicAddress(address,bytes32,address) (#863-878) is never used and should be removed
Context._msgData() (#140-142) is never used and should be removed
ContextUpgradeable.__Context_init() (#1319-1321) is never used and should be removed
ContextUpgradeable._msgData() (#1329-1331) is never used and should be removed
DividendPayingToken._transfer(address,address,uint256) (#2224-2239) is never used and should be removed
ERC20._burn(address,uint256) (#420-435) is never used and should be removed
ERC20Upgradeable._transfer(address,address,uint256) (#1562-1582) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#768-777) is never used and should be removed
SafeMath.mod(uint256,uint256) (#728-730) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#794-803) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (#745-754) is never used and should be removed
SafeMath.tryAdd(uint256,uint256) (#599-605) is never used and should be removed
SafeMath.tryDiv(uint256,uint256) (#641-646) is never used and should be removed
SafeMath.tryMod(uint256,uint256) (#653-658) is never used and should be removed
SafeMath.tryMul(uint256,uint256) (#624-634) is never used and should be removed
SafeMath.trySub(uint256,uint256) (#612-617) is never used and should be removed
SafeMathInt.abs(int256) (#1893-1896) is never used and should be removed
SafeMathInt.div(int256,int256) (#1864-1870) is never used and should be removed
SafeMathInt.mul(int256,int256) (#1852-1859) is never used and should be removed
Remove unused functions.
Additional information: link
Function IUniswapV2Router01.WETH() (#935) is not in mixedCase
Function ContextUpgradeable.__Context_init() (#1319-1321) is not in mixedCase
Function ContextUpgradeable.__Context_init_unchained() (#1323-1324) is not in mixedCase
Variable ContextUpgradeable.__gap (#1332) is not in mixedCase
Function ERC20Upgradeable.__ERC20_init(string,string) (#1390-1393) is not in mixedCase
Function ERC20Upgradeable.__ERC20_init_unchained(string,string) (#1395-1398) is not in mixedCase
Variable ERC20Upgradeable.__gap (#1697) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init() (#1729-1732) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init_unchained() (#1734-1736) is not in mixedCase
Variable OwnableUpgradeable.__gap (#1778) is not in mixedCase
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#1801) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#1802) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#1819) is not in mixedCase
Function DividendPayingToken.__DividendPayingToken_init(address,string,string) (#2110-2118) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._rewardToken (#2111) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._name (#2112) is not in mixedCase
Parameter DividendPayingToken.__DividendPayingToken_init(address,string,string)._symbol (#2113) is not in mixedCase
Parameter DividendPayingToken.dividendOf(address)._owner (#2172) is not in mixedCase
Parameter DividendPayingToken.withdrawableDividendOf(address)._owner (#2179) is not in mixedCase
Parameter DividendPayingToken.withdrawnDividendOf(address)._owner (#2191) is not in mixedCase
Parameter DividendPayingToken.accumulativeDividendOf(address)._owner (#2205) is not in mixedCase
Constant DividendPayingToken.magnitude (#2090) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter BABYTOKENDividendTracker.getAccount(address)._account (#2376) is not in mixedCase
Variable SmartFinance._marketingWalletAddress (#2605) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#940) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#941)
Variable DividendPayingToken.__DividendPayingToken_init(address,string,string)._rewardToken (#2111) is too similar to BABYTOKENDividendTracker.initialize(address,uint256).rewardToken_ (#2303)
Variable DividendPayingToken._withdrawDividendOfUser(address)._withdrawableDividend (#2145) is too similar to BABYTOKENDividendTracker.getAccount(address).withdrawableDividends (#2383)
Variable ERC20._totalSupply (#185) is too similar to SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256).totalSupply_ (#2661)
Prevent variables from having similar names.
Additional information: link
Clones.clone(address) (#831-840) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#834)
Clones.clone(address) (#831-840) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_clone_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (#836)
Clones.cloneDeterministic(address,bytes32) (#849-858) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#852)
Clones.cloneDeterministic(address,bytes32) (#849-858) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_cloneDeterministic_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000) (#854)
Clones.predictDeterministicAddress(address,bytes32,address) (#863-878) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0,0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000) (#870)
Clones.predictDeterministicAddress(address,bytes32,address) (#863-878) uses literals with too many digits:
- mstore(uint256,uint256)(ptr_predictDeterministicAddress_asm_0 + 0x28,0x5af43d82803e903d91602b57fd5bf3ff00000000000000000000000000000000) (#872)
SmartFinance.constructor(string,string,uint256,address[4],uint256[3],uint256,address,uint256) (#2658-2720) uses literals with too many digits:
- gasForProcessing = 300000 (#2683)
SmartFinance.updateGasForProcessing(uint256) (#2834-2845) uses literals with too many digits:
- require(bool,string)(newValue >= 200000 && newValue <= 500000,BABYTOKEN: gasForProcessing must be between 200,000 and 500,000) (#2835-2838)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
name() should be declared external:
- ERC20.name() (#207-209)
symbol() should be declared external:
- ERC20.symbol() (#215-217)
decimals() should be declared external:
- ERC20.decimals() (#232-234)
totalSupply() should be declared external:
- ERC20.totalSupply() (#239-241)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#258-261)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (#266-268)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#277-280)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#295-309)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#323-326)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#342-350)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#557-559)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#565-568)
name() should be declared external:
- ERC20Upgradeable.name() (#1403-1405)
symbol() should be declared external:
- ERC20Upgradeable.symbol() (#1411-1413)
decimals() should be declared external:
- ERC20Upgradeable.decimals() (#1428-1430)
transfer(address,uint256) should be declared external:
- ERC20Upgradeable.transfer(address,uint256) (#1454-1457)
allowance(address,address) should be declared external:
- ERC20Upgradeable.allowance(address,address) (#1462-1464)
approve(address,uint256) should be declared external:
- ERC20Upgradeable.approve(address,uint256) (#1473-1476)
transferFrom(address,address,uint256) should be declared external:
- ERC20Upgradeable.transferFrom(address,address,uint256) (#1491-1505)
increaseAllowance(address,uint256) should be declared external:
- ERC20Upgradeable.increaseAllowance(address,uint256) (#1519-1522)
decreaseAllowance(address,uint256) should be declared external:
- ERC20Upgradeable.decreaseAllowance(address,uint256) (#1538-1546)
renounceOwnership() should be declared external:
- OwnableUpgradeable.renounceOwnership() (#1760-1762)
transferOwnership(address) should be declared external:
- OwnableUpgradeable.transferOwnership(address) (#1768-1771)
get(IterableMapping.Map,address) should be declared external:
- IterableMapping.get(IterableMapping.Map,address) (#1935-1937)
getIndexOfKey(IterableMapping.Map,address) should be declared external:
- IterableMapping.getIndexOfKey(IterableMapping.Map,address) (#1939-1948)
getKeyAtIndex(IterableMapping.Map,uint256) should be declared external:
- IterableMapping.getKeyAtIndex(IterableMapping.Map,uint256) (#1950-1956)
size(IterableMapping.Map) should be declared external:
- IterableMapping.size(IterableMapping.Map) (#1958-1960)
distributeCAKEDividends(uint256) should be declared external:
- DividendPayingToken.distributeCAKEDividends(uint256) (#2120-2131)
withdrawDividend() should be declared external:
- BABYTOKENDividendTracker.withdrawDividend() (#2323-2328)
- DividendPayingToken.withdrawDividend() (#2135-2137)
dividendOf(address) should be declared external:
- DividendPayingToken.dividendOf(address) (#2172-2174)
withdrawnDividendOf(address) should be declared external:
- DividendPayingToken.withdrawnDividendOf(address) (#2191-2198)
isExcludedFromDividends(address) should be declared external:
- BABYTOKENDividendTracker.isExcludedFromDividends(address) (#2340-2346)
getAccountAtIndex(uint256) should be declared external:
- BABYTOKENDividendTracker.getAccountAtIndex(uint256) (#2425-2446)
process(uint256) should be declared external:
- BABYTOKENDividendTracker.process(uint256) (#2473-2525)
updateDividendTracker(address) should be declared external:
- SmartFinance.updateDividendTracker(address) (#2728-2751)
updateUniswapV2Router(address) should be declared external:
- SmartFinance.updateUniswapV2Router(address) (#2753-2763)
excludeMultipleAccountsFromFees(address[],bool) should be declared external:
- SmartFinance.excludeMultipleAccountsFromFees(address[],bool) (#2775-2784)
setAutomatedMarketMakerPair(address,bool) should be declared external:
- SmartFinance.setAutomatedMarketMakerPair(address,bool) (#2808-2818)
updateGasForProcessing(uint256) should be declared external:
- SmartFinance.updateGasForProcessing(uint256) (#2834-2845)
isExcludedFromFees(address) should be declared external:
- SmartFinance.isExcludedFromFees(address) (#2874-2876)
withdrawableDividendOf(address) should be declared external:
- SmartFinance.withdrawableDividendOf(address) (#2878-2884)
dividendTokenBalanceOf(address) should be declared external:
- SmartFinance.dividendTokenBalanceOf(address) (#2886-2892)
isExcludedFromDividends(address) should be declared external:
- SmartFinance.isExcludedFromDividends(address) (#2898-2904)
Use the external attribute for functions never called from the contract.
Additional information: link
DividendPayingToken._withdrawDividendOfUser(address) (#2141-2167) has external calls inside a loop: success = IERC20(rewardToken).transfer(user,_withdrawableDividend) (#2151-2154)
Favor pull over push strategy for external calls.
Additional information: link
Young tokens have high risks of price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Alexa traffic rank is relatively low
Additional information: link
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Unable to find Youtube account