SparkLab helps traders to spot opportunities across the #BSC while always keeping an eye on their investments.
SparkLab._swapContractToken(bool) (SparkLab.sol#266-305) sends eth to arbitrary user
Dangerous calls:
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in SparkLab._taxedTransfer(address,address,uint256) (SparkLab.sol#157-196):
External calls:
- _swapContractToken(false) (SparkLab.sol#179)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
External calls sending eth:
- _swapContractToken(false) (SparkLab.sol#179)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
State variables written after the call(s):
- _balances[sender] -= amount (SparkLab.sol#188)
- _balances[address(this)] += contractToken (SparkLab.sol#190)
- _balances[recipient] += taxedAmount (SparkLab.sol#193)
- _circulatingSupply -= tokensToBeBurnt (SparkLab.sol#192)
Apply the check-effects-interactions pattern.
Additional information: link
SparkLab.LiquidityRelease() (SparkLab.sol#403-417) ignores return value by liquidityToken.transfer(msg.sender,amount) (SparkLab.sol#415)
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.
Additional information: link
Too many vulnerabilities (Unchecked transfer, Reentrancy vulnerability, etc.). High risk of a scam. DYOR & manual audit are advised.
SparkLab._swapContractToken(bool).sent (SparkLab.sol#303) is written in both
(sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
sent = true (SparkLab.sol#304)
Fix or remove the writes.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 2: Unchecked transfer + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Combination 3: Reentrancy vulnerabilities + Unchecked transfer vulnerability. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
SparkLab._addLiquidity(uint256,uint256) (SparkLab.sol#323-333) ignores return value by _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
Ensure that all the return values of the function calls are used.
Additional information: link
SparkLab._swapContractToken(bool) (SparkLab.sol#266-305) performs a multiplication on the result of a division:
-tokenToSwap = _balances[_pancakePairAddress] * swapTreshold / 1000 (SparkLab.sol#270)
-tokenForLiquidity = (tokenToSwap * liquidityTax) / totalTax (SparkLab.sol#283-285)
SparkLab._swapContractToken(bool) (SparkLab.sol#266-305) performs a multiplication on the result of a division:
-LiqHalf = tokenForLiquidity / 2 (SparkLab.sol#289)
-liqBNB = (newBNB * LiqHalf) / swapToken (SparkLab.sol#299)
Consider ordering multiplication before division.
Additional information: link
SparkLab.allowance(address,address)._owner (SparkLab.sol#454) shadows:
- Ownable._owner (Libraries.sol#47) (state variable)
SparkLab._approve(address,address,uint256).owner (SparkLab.sol#462) shadows:
- Ownable.owner() (Libraries.sol#63-65) (function)
Rename the local variables that shadow another component.
Additional information: link
SparkLab.setSwapTreshold(uint256) (SparkLab.sol#231-234) should emit an event for:
- swapTreshold = newSwapTresholdPermille (SparkLab.sol#233)
SparkLab.SetOverLiquifiedTreshold(uint256) (SparkLab.sol#237-240) should emit an event for:
- overLiquifyTreshold = newOverLiquifyTresholdPermille (SparkLab.sol#239)
Emit an event for critical parameter changes.
Additional information: link
SparkLab.ChangeMarketingWallet(address).newWallet (SparkLab.sol#97) lacks a zero-check on :
- marketingWallet = newWallet (SparkLab.sol#99)
Check that the address is not zero.
Additional information: link
Reentrancy in SparkLab._swapContractToken(bool) (SparkLab.sol#266-305):
External calls:
- _swapTokenForBNB(swapToken) (SparkLab.sol#294)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
External calls sending eth:
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
State variables written after the call(s):
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
- _allowances[owner][spender] = amount (SparkLab.sol#466)
Reentrancy in SparkLab.constructor() (SparkLab.sol#114-131):
External calls:
- _pancakePairAddress = IPancakeFactory(_pancakeRouter.factory()).createPair(address(this),_pancakeRouter.WETH()) (SparkLab.sol#122)
State variables written after the call(s):
- excludedFromFees[msg.sender] = true (SparkLab.sol#128)
- excludedFromFees[PancakeRouter] = true (SparkLab.sol#129)
- excludedFromFees[address(this)] = true (SparkLab.sol#130)
- isAMM[_pancakePairAddress] = true (SparkLab.sol#123)
- marketingWallet = msg.sender (SparkLab.sol#126)
Reentrancy in SparkLab.transferFrom(address,address,uint256) (SparkLab.sol#470-478):
External calls:
- _transfer(sender,recipient,amount) (SparkLab.sol#471)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
External calls sending eth:
- _transfer(sender,recipient,amount) (SparkLab.sol#471)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
State variables written after the call(s):
- _approve(sender,msg.sender,currentAllowance - amount) (SparkLab.sol#476)
- _allowances[owner][spender] = amount (SparkLab.sol#466)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in SparkLab.LiquidityRelease() (SparkLab.sol#403-417):
External calls:
- liquidityToken.transfer(msg.sender,amount) (SparkLab.sol#415)
Event emitted after the call(s):
- OnReleaseLP() (SparkLab.sol#416)
Reentrancy in SparkLab._swapContractToken(bool) (SparkLab.sol#266-305):
External calls:
- _swapTokenForBNB(swapToken) (SparkLab.sol#294)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
External calls sending eth:
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
Event emitted after the call(s):
- Approval(owner,spender,amount) (SparkLab.sol#467)
- _addLiquidity(LiqHalf,liqBNB) (SparkLab.sol#300)
Reentrancy in SparkLab._taxedTransfer(address,address,uint256) (SparkLab.sol#157-196):
External calls:
- _swapContractToken(false) (SparkLab.sol#179)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
External calls sending eth:
- _swapContractToken(false) (SparkLab.sol#179)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
Event emitted after the call(s):
- Transfer(sender,recipient,taxedAmount) (SparkLab.sol#195)
Reentrancy in SparkLab.transferFrom(address,address,uint256) (SparkLab.sol#470-478):
External calls:
- _transfer(sender,recipient,amount) (SparkLab.sol#471)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- _pancakeRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(amount,0,path,address(this),block.timestamp) (SparkLab.sol#313-320)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
External calls sending eth:
- _transfer(sender,recipient,amount) (SparkLab.sol#471)
- _pancakeRouter.addLiquidityETH{value: bnbamount}(address(this),tokenamount,0,0,address(this),block.timestamp) (SparkLab.sol#325-332)
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
Event emitted after the call(s):
- Approval(owner,spender,amount) (SparkLab.sol#467)
- _approve(sender,msg.sender,currentAllowance - amount) (SparkLab.sol#476)
Apply the check-effects-interactions pattern.
Additional information: link
SparkLab._transfer(address,address,uint256) (SparkLab.sol#142-155) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(LaunchTimestamp > 0,trading not yet enabled) (SparkLab.sol#152)
SparkLab._taxedTransfer(address,address,uint256) (SparkLab.sol#157-196) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(senderBalance >= amount,Transfer exceeds balance) (SparkLab.sol#159)
- block.timestamp < LaunchTimestamp + SellTaxDuration (SparkLab.sol#167)
- block.timestamp < LaunchTimestamp + BuyTaxDuration (SparkLab.sol#173)
SparkLab._feelessTransfer(address,address,uint256) (SparkLab.sol#209-215) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(senderBalance >= amount,Transfer exceeds balance) (SparkLab.sol#211)
SparkLab.isOverLiquified() (SparkLab.sol#259-261) uses timestamp for comparisons
Dangerous comparisons:
- _balances[_pancakePairAddress] > _circulatingSupply * overLiquifyTreshold / 1000 (SparkLab.sol#260)
SparkLab.getLiquidityReleaseTimeInSeconds() (SparkLab.sol#338-342) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp < _liquidityUnlockTime (SparkLab.sol#339)
SparkLab.SetupEnableTrading() (SparkLab.sol#374-378) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(LaunchTimestamp == 0,AlreadyLaunched) (SparkLab.sol#375)
SparkLab._prolongLiquidityLock(uint256) (SparkLab.sol#395-400) uses timestamp for comparisons
Dangerous comparisons:
- require(bool)(newUnlockTime > _liquidityUnlockTime) (SparkLab.sol#397)
SparkLab.LiquidityRelease() (SparkLab.sol#403-417) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= _liquidityUnlockTime,Not yet unlocked) (SparkLab.sol#405)
Avoid relying on block.timestamp.
Additional information: link
Low level call in SparkLab._swapContractToken(bool) (SparkLab.sol#266-305):
- (sent) = marketingWallet.call{value: address(this).balance}() (SparkLab.sol#303)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IPancakeRouter.WETH() (Libraries.sol#42) is not in mixedCase
Function SparkLab.ChangeMarketingWallet(address) (SparkLab.sol#97-100) is not in mixedCase
Function SparkLab.SetOverLiquifiedTreshold(uint256) (SparkLab.sol#237-240) is not in mixedCase
Function SparkLab.SetTaxes(uint256,uint256,uint256,uint256,uint256,uint256) (SparkLab.sol#244-256) is not in mixedCase
Function SparkLab.SetAMM(address,bool) (SparkLab.sol#350-353) is not in mixedCase
Parameter SparkLab.SetAMM(address,bool).AMM (SparkLab.sol#350) is not in mixedCase
Parameter SparkLab.SetAMM(address,bool).Add (SparkLab.sol#350) is not in mixedCase
Function SparkLab.SwitchManualSwap(bool) (SparkLab.sol#357-359) is not in mixedCase
Function SparkLab.SwapContractToken() (SparkLab.sol#361-363) is not in mixedCase
Function SparkLab.ExcludeAccountFromFees(address,bool) (SparkLab.sol#366-370) is not in mixedCase
Function SparkLab.SetupEnableTrading() (SparkLab.sol#374-378) is not in mixedCase
Function SparkLab.LockLiquidityForSeconds(uint256) (SparkLab.sol#391-393) is not in mixedCase
Function SparkLab.LiquidityRelease() (SparkLab.sol#403-417) is not in mixedCase
Parameter SparkLab.allowance(address,address)._owner (SparkLab.sol#454) is not in mixedCase
Constant SparkLab._name (SparkLab.sol#63) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SparkLab._symbol (SparkLab.sol#64) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SparkLab._decimals (SparkLab.sol#65) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SparkLab.InitialSupply (SparkLab.sol#66) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SparkLab.DefaultLiquidityLockTime (SparkLab.sol#68) is not in UPPER_CASE_WITH_UNDERSCORES
Constant SparkLab.PancakeRouter (SparkLab.sol#73) is not in UPPER_CASE_WITH_UNDERSCORES
Variable SparkLab.LaunchTimestamp (SparkLab.sol#373) is not in mixedCase
Variable SparkLab._liquidityUnlockTime (SparkLab.sol#383) is not in mixedCase
Variable SparkLab.LPReleaseLimitedTo20Percent (SparkLab.sol#384) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (Libraries.sol#82-85)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (Libraries.sol#91-95)
ChangeMarketingWallet(address) should be declared external:
- SparkLab.ChangeMarketingWallet(address) (SparkLab.sol#97-100)
setSwapTreshold(uint256) should be declared external:
- SparkLab.setSwapTreshold(uint256) (SparkLab.sol#231-234)
SetOverLiquifiedTreshold(uint256) should be declared external:
- SparkLab.SetOverLiquifiedTreshold(uint256) (SparkLab.sol#237-240)
SetTaxes(uint256,uint256,uint256,uint256,uint256,uint256) should be declared external:
- SparkLab.SetTaxes(uint256,uint256,uint256,uint256,uint256,uint256) (SparkLab.sol#244-256)
getLiquidityReleaseTimeInSeconds() should be declared external:
- SparkLab.getLiquidityReleaseTimeInSeconds() (SparkLab.sol#338-342)
getBurnedTokens() should be declared external:
- SparkLab.getBurnedTokens() (SparkLab.sol#343-345)
SetAMM(address,bool) should be declared external:
- SparkLab.SetAMM(address,bool) (SparkLab.sol#350-353)
SwitchManualSwap(bool) should be declared external:
- SparkLab.SwitchManualSwap(bool) (SparkLab.sol#357-359)
SwapContractToken() should be declared external:
- SparkLab.SwapContractToken() (SparkLab.sol#361-363)
ExcludeAccountFromFees(address,bool) should be declared external:
- SparkLab.ExcludeAccountFromFees(address,bool) (SparkLab.sol#366-370)
SetupEnableTrading() should be declared external:
- SparkLab.SetupEnableTrading() (SparkLab.sol#374-378)
limitLiquidityReleaseTo20Percent() should be declared external:
- SparkLab.limitLiquidityReleaseTo20Percent() (SparkLab.sol#387-389)
LockLiquidityForSeconds(uint256) should be declared external:
- SparkLab.LockLiquidityForSeconds(uint256) (SparkLab.sol#391-393)
LiquidityRelease() should be declared external:
- SparkLab.LiquidityRelease() (SparkLab.sol#403-417)
Use the external attribute for functions never called from the contract.
Additional information: link
Young tokens have high risks of price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Token has relatively low CoinMarketCap rank
Last post in Twitter was more than 30 days ago
Unable to find Youtube account