Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract locking ether found:
Contract SO (#634-933) has payable functions:
- SO.receive() (#720)
But does not have a function to withdraw the ether
Remove the payable attribute or add a withdraw function.
Additional information: link
Contract ownership is not renounced (belongs to a wallet)
SO.setThreshold(uint256) (#731-733) should emit an event for:
- _threshold = value (#732)
SO.setAdvanceLimit(uint256) (#735-737) should emit an event for:
- advanceLimit = limit (#736)
SO.setBurnFee(uint256) (#775) should emit an event for:
- burn = value (#775)
SO.setFundFee(uint256) (#777) should emit an event for:
- pool = value (#777)
SO.setDividendFee(uint256) (#779) should emit an event for:
- technology = value (#779)
SO.setMarketingFee(uint256) (#781) should emit an event for:
- marketing = value (#781)
SO.setTax(uint256) (#783) should emit an event for:
- tax = value (#783)
SO.setResLimit(uint256) (#785) should emit an event for:
- resLimit = value (#785)
SO.setStartTimeForSwap(uint256) (#787) should emit an event for:
- startTimeForSwap = _timestamp (#787)
Emit an event for critical parameter changes.
Additional information: link
SO.setInvertDate(address).b (#727) lacks a zero-check on :
- _invertData = b (#728)
SO.setBurnWallet(address).addr (#741) lacks a zero-check on :
- burnWallet = addr (#743)
SO.setCollectWallet(address).addr (#748) lacks a zero-check on :
- collectWallet = addr (#750)
SO.setPoolWallet(address).addr (#755) lacks a zero-check on :
- poolWallet = addr (#757)
SO.setTechnologyWallet(address).addr (#761) lacks a zero-check on :
- technologyWallet = addr (#763)
SO.setMarketingWallet(address).addr (#767) lacks a zero-check on :
- marketingWallet = addr (#769)
Check that the address is not zero.
Additional information: link
Reentrancy in SO.constructor() (#684-718):
External calls:
- _uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#698-699)
State variables written after the call(s):
- _isExcludedFromFees[address(this)] = true (#711)
- _isExcludedFromFees[msg.sender] = true (#712)
- _isExcludedFromFees[burnWallet] = true (#713)
- _isExcludedFromFees[technologyWallet] = true (#714)
- _isExcludedFromFees[poolWallet] = true (#715)
- _isExcludedFromFees[marketingWallet] = true (#716)
- _isExcludedFromFees[collectWallet] = true (#717)
- burn = 20 (#703)
- marketing = 95 (#706)
- pool = 10 (#704)
- resLimit = 500 (#709)
- shareholder = 5 (#707)
- tax = 20 (#708)
- technology = 10 (#705)
- uniswapV2Pair = IUniswapV2Pair(_uniswapV2Pair) (#701)
- uniswapV2Router = _uniswapV2Router (#700)
Apply the check-effects-interactions pattern.
Additional information: link
SO._transfer(address,address,uint256) (#840-930) uses timestamp for comparisons
Dangerous comparisons:
- startTimeForSwap > block.timestamp && (to == address(uniswapV2Pair) || from == address(uniswapV2Pair)) (#848)
Avoid relying on block.timestamp.
Additional information: link
Address.verifyCallResult(bool,bytes,string) (#225-242) uses assembly
- INLINE ASM (#234-237)
Do not use evm assembly.
Additional information: link
Address.functionCall(address,bytes) (#164-166) is never used and should be removed
Address.functionCall(address,bytes,string) (#168-174) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#175-181) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#183-194) is never used and should be removed
Address.functionDelegateCall(address,bytes) (#210-212) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (#214-223) is never used and should be removed
Address.functionStaticCall(address,bytes) (#196-198) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#200-209) is never used and should be removed
Address.isContract(address) (#155-157) is never used and should be removed
Address.sendValue(address,uint256) (#158-163) is never used and should be removed
Address.verifyCallResult(bool,bytes,string) (#225-242) is never used and should be removed
Context._msgData() (#30-32) is never used and should be removed
ERC20._burn(address,uint256) (#356-371) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#131-140) is never used and should be removed
SafeMath.mod(uint256,uint256) (#116-118) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#142-151) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (#120-129) is never used and should be removed
SafeMath.tryAdd(uint256,uint256) (#63-69) is never used and should be removed
SafeMath.tryDiv(uint256,uint256) (#86-91) is never used and should be removed
SafeMath.tryMod(uint256,uint256) (#93-98) is never used and should be removed
SafeMath.tryMul(uint256,uint256) (#77-84) is never used and should be removed
SafeMath.trySub(uint256,uint256) (#70-75) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (#2) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#158-163):
- (success) = recipient.call{value: amount}() (#161)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#183-194):
- (success,returndata) = target.call{value: value}(data) (#192)
Low level call in Address.functionStaticCall(address,bytes,string) (#200-209):
- (success,returndata) = target.staticcall(data) (#207)
Low level call in Address.functionDelegateCall(address,bytes,string) (#214-223):
- (success,returndata) = target.delegatecall(data) (#221)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#443) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#444) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#461) is not in mixedCase
Function IUniswapV2Router01.WETH() (#481) is not in mixedCase
Function Token._inviter(address) (#625) is not in mixedCase
Function Token._isExcluded(address) (#626) is not in mixedCase
Function SO.__version() (#721) is not in mixedCase
Parameter SO.setPair(address)._pair (#740) is not in mixedCase
Parameter SO.setStartTimeForSwap(uint256)._timestamp (#787) is not in mixedCase
Variable SO._router (#638) is not in mixedCase
Variable SO._rate (#658) is not in mixedCase
Variable SO._threshold (#670) is not in mixedCase
Variable SO._invertData (#680) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#486) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#487)
Prevent variables from having similar names.
Additional information: link
SO.constructor() (#684-718) uses literals with too many digits:
- _mint(msg.sender,91000000 * 1e18) (#685)
SO.constructor() (#684-718) uses literals with too many digits:
- burnWallet = 0x000000000000000000000000000000000000dEaD (#690)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SO.era (#661) should be constant
SO.shareholderWallet (#648) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#51-54)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#55-59)
name() should be declared external:
- ERC20.name() (#258-260)
symbol() should be declared external:
- ERC20.symbol() (#262-264)
decimals() should be declared external:
- ERC20.decimals() (#266-268)
totalSupply() should be declared external:
- ERC20.totalSupply() (#270-272)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#278-282)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#288-292)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#294-303)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#305-309)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#311-320)
__version() should be declared external:
- SO.__version() (#721)
setRate(uint256,uint256) should be declared external:
- SO.setRate(uint256,uint256) (#723-725)
setInvertDate(address) should be declared external:
- SO.setInvertDate(address) (#727-729)
setThreshold(uint256) should be declared external:
- SO.setThreshold(uint256) (#731-733)
setAdvanceLimit(uint256) should be declared external:
- SO.setAdvanceLimit(uint256) (#735-737)
setPair(address) should be declared external:
- SO.setPair(address) (#740)
setBurnWallet(address) should be declared external:
- SO.setBurnWallet(address) (#741-745)
getBurnWallet() should be declared external:
- SO.getBurnWallet() (#746)
setCollectWallet(address) should be declared external:
- SO.setCollectWallet(address) (#748-752)
getCollectWallet() should be declared external:
- SO.getCollectWallet() (#753)
setPoolWallet(address) should be declared external:
- SO.setPoolWallet(address) (#755-759)
getPoolWallet() should be declared external:
- SO.getPoolWallet() (#760)
setTechnologyWallet(address) should be declared external:
- SO.setTechnologyWallet(address) (#761-765)
getTechnologyWallet() should be declared external:
- SO.getTechnologyWallet() (#766)
setMarketingWallet(address) should be declared external:
- SO.setMarketingWallet(address) (#767-771)
getMarketingWallet() should be declared external:
- SO.getMarketingWallet() (#772)
setBurnFee(uint256) should be declared external:
- SO.setBurnFee(uint256) (#775)
getBurnFee() should be declared external:
- SO.getBurnFee() (#776)
setFundFee(uint256) should be declared external:
- SO.setFundFee(uint256) (#777)
getFundFee() should be declared external:
- SO.getFundFee() (#778)
setDividendFee(uint256) should be declared external:
- SO.setDividendFee(uint256) (#779)
getDividendFee() should be declared external:
- SO.getDividendFee() (#780)
setMarketingFee(uint256) should be declared external:
- SO.setMarketingFee(uint256) (#781)
getMarketingFee() should be declared external:
- SO.getMarketingFee() (#782)
setTax(uint256) should be declared external:
- SO.setTax(uint256) (#783)
getTax() should be declared external:
- SO.getTax() (#784)
setResLimit(uint256) should be declared external:
- SO.setResLimit(uint256) (#785)
getResLimit() should be declared external:
- SO.getResLimit() (#786)
setStartTimeForSwap(uint256) should be declared external:
- SO.setStartTimeForSwap(uint256) (#787)
excludeFromFees(address,bool) should be declared external:
- SO.excludeFromFees(address,bool) (#789-793)
listExcludeFromFees(address[],bool) should be declared external:
- SO.listExcludeFromFees(address[],bool) (#795-800)
isExcludedFromFees(address) should be declared external:
- SO.isExcludedFromFees(address) (#802-804)
setBlack(address,bool) should be declared external:
- SO.setBlack(address,bool) (#807-809)
setInAdvance(address,bool) should be declared external:
- SO.setInAdvance(address,bool) (#815-817)
listSetInAdvance(address[],bool) should be declared external:
- SO.listSetInAdvance(address[],bool) (#819-824)
getInvite(address) should be declared external:
- SO.getInvite(address) (#836-838)
Use the external attribute for functions never called from the contract.
Additional information: link
Attempt to swap token was unsuccessful. For some reason it is untradeable. If token is not in presale stage and is not traded outside PancakeSwap, then it's a scam
Additional information: link
Number of Binance Smart Chain (BSC) token holders is low.
Token is deployed only at one blockchain
Unable to find website, listings and other project-related information
Token is marked as scam (rug pull, honeypot, phishing, etc.)
Additional information: link
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts