Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Reentrancy in ReflectToken._transfer(address,address,uint256) (contracts/reflect/ReflectToken.sol#607-646):
External calls:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
- _swapRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/reflect/ReflectToken.sol#715-725)
External calls sending eth:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
State variables written after the call(s):
- _updateBalances(from,to,amount,reflection,balance,tax + liq + brn + mrk + ref) (contracts/reflect/ReflectToken.sol#634)
- _balances[from] = balanceFrom - amount (contracts/reflect/ReflectToken.sol#666)
- _balances[to] += transferAmount (contracts/reflect/ReflectToken.sol#678)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- _balances[recipient] += amount (contracts/reflect/ReflectToken.sol#599)
- _takeLiquidity(liqAmount,reflection,balance) (contracts/reflect/ReflectToken.sol#645)
- _balances[address(this)] += amount (contracts/reflect/ReflectToken.sol#521)
- _updateBalances(from,to,amount,reflection,balance,tax + liq + brn + mrk + ref) (contracts/reflect/ReflectToken.sol#634)
- _reflections[from] = balanceFrom_scope_0 - rAmount (contracts/reflect/ReflectToken.sol#675)
- _reflections[to] += rTransferAmount (contracts/reflect/ReflectToken.sol#682)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- _reflections[recipient] += rAmount (contracts/reflect/ReflectToken.sol#604)
- _takeLiquidity(liqAmount,reflection,balance) (contracts/reflect/ReflectToken.sol#645)
- _reflections[address(this)] += rAmount (contracts/reflect/ReflectToken.sol#526)
- _updateBalances(from,to,amount,reflection,balance,tax + liq + brn + mrk + ref) (contracts/reflect/ReflectToken.sol#634)
- _totalRatedBalance += amount (contracts/reflect/ReflectToken.sol#667)
- _totalRatedBalance -= transferAmount (contracts/reflect/ReflectToken.sol#679)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- _totalRatedBalance -= brn (contracts/reflect/ReflectToken.sol#564)
- _totalRatedBalance -= amount (contracts/reflect/ReflectToken.sol#600)
- _takeLiquidity(liqAmount,reflection,balance) (contracts/reflect/ReflectToken.sol#645)
- _totalRatedBalance -= amount (contracts/reflect/ReflectToken.sol#522)
- _updateBalances(from,to,amount,reflection,balance,tax + liq + brn + mrk + ref) (contracts/reflect/ReflectToken.sol#634)
- _totalRatedReflection += rAmount (contracts/reflect/ReflectToken.sol#668)
- _totalRatedReflection -= rTransferAmount (contracts/reflect/ReflectToken.sol#680)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- _totalRatedReflection -= tax * reflect / reflectBalance (contracts/reflect/ReflectToken.sol#559)
- _totalRatedReflection -= brn * reflect / reflectBalance (contracts/reflect/ReflectToken.sol#565)
- _totalRatedReflection -= rAmount (contracts/reflect/ReflectToken.sol#601)
- _takeLiquidity(liqAmount,reflection,balance) (contracts/reflect/ReflectToken.sol#645)
- _totalRatedReflection -= rAmount (contracts/reflect/ReflectToken.sol#523)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- _totalSupply -= brn (contracts/reflect/ReflectToken.sol#563)
Apply the check-effects-interactions pattern.
Additional information: link
ReflectToken._reflectFee(address,uint256,uint256,uint256,uint256,uint256,uint256,uint256).mrk_ (contracts/reflect/ReflectToken.sol#569) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
ReflectToken._addLiquidity(uint256,uint256,IUniswapV2Router02) (contracts/reflect/ReflectToken.sol#728-746) ignores return value by _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
Ensure that all the return values of the function calls are used.
Additional information: link
ReflectToken.constructor(string,string,uint8,bool[4],uint256[9],address[4],address)._factory (contracts/reflect/ReflectToken.sol#140) lacks a zero-check on :
- factory = _factory (contracts/reflect/ReflectToken.sol#204)
ReflectToken.recoverLockedTokens(address,address).receiver (contracts/reflect/ReflectToken.sol#752) lacks a zero-check on :
- (success) = receiver.call{value: balance}() (contracts/reflect/ReflectToken.sol#760)
Check that the address is not zero.
Additional information: link
Reentrancy in ReflectToken._swapAndLiquify(uint256) (contracts/reflect/ReflectToken.sol#688-704):
External calls:
- result = _swapTokensForBNB(half,_swapRouter) (contracts/reflect/ReflectToken.sol#693)
- _swapRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/reflect/ReflectToken.sol#715-725)
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
External calls sending eth:
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
State variables written after the call(s):
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- _allowances[owner_][spender] = amount (contracts/reflect/ReflectToken.sol#294)
Reentrancy in ReflectToken._transfer(address,address,uint256) (contracts/reflect/ReflectToken.sol#607-646):
External calls:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
- _swapRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/reflect/ReflectToken.sol#715-725)
External calls sending eth:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
State variables written after the call(s):
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- totalFees += tax (contracts/reflect/ReflectToken.sol#560)
Reentrancy in ReflectToken.constructor(string,string,uint8,bool[4],uint256[9],address[4],address) (contracts/reflect/ReflectToken.sol#133-231):
External calls:
- _swapPair = IUniswapV2Factory(IUniswapV2Router02(addresses_[1]).factory()).createPair(address(this),_weth) (contracts/reflect/ReflectToken.sol#209-211)
State variables written after the call(s):
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- _balances[account] = currentBalance (contracts/reflect/ReflectToken.sol#364)
- transferOwnership(addresses_[0]) (contracts/reflect/ReflectToken.sol#217)
- _owner = newOwner (@openzeppelin/contracts/access/Ownable.sol#68)
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- _reflections[account] = 0 (contracts/reflect/ReflectToken.sol#368)
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- _totalRatedBalance -= currentBalance (contracts/reflect/ReflectToken.sol#365)
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- _totalRatedReflection -= currentReflection (contracts/reflect/ReflectToken.sol#366)
- excludeFromFee(addresses_[0]) (contracts/reflect/ReflectToken.sol#215)
- excludedFromFee[account] = true (contracts/reflect/ReflectToken.sol#398)
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- excludedFromReward[account] = true (contracts/reflect/ReflectToken.sol#371)
- _updateSwapPair(_swapPair) (contracts/reflect/ReflectToken.sol#212)
- swapPairs[pair] = true (contracts/reflect/ReflectToken.sol#502)
- swapRouter = IUniswapV2Router02(addresses_[1]) (contracts/reflect/ReflectToken.sol#213)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in ReflectToken._swapAndLiquify(uint256) (contracts/reflect/ReflectToken.sol#688-704):
External calls:
- result = _swapTokensForBNB(half,_swapRouter) (contracts/reflect/ReflectToken.sol#693)
- _swapRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/reflect/ReflectToken.sol#715-725)
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
External calls sending eth:
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
Event emitted after the call(s):
- Approval(owner_,spender,amount) (contracts/reflect/ReflectToken.sol#295)
- result = _addLiquidity(amount,balance,_swapRouter) (contracts/reflect/ReflectToken.sol#698)
- LiquidityAdded(amount,balance) (contracts/reflect/ReflectToken.sol#703)
Reentrancy in ReflectToken._transfer(address,address,uint256) (contracts/reflect/ReflectToken.sol#607-646):
External calls:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
- _swapRouter.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (contracts/reflect/ReflectToken.sol#715-725)
External calls sending eth:
- _swapAndLiquify(_liqThreshold) (contracts/reflect/ReflectToken.sol#622)
- _swapRouter.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,liquidityAddress,block.timestamp) (contracts/reflect/ReflectToken.sol#734-745)
Event emitted after the call(s):
- Transfer(from,recipient,amount) (contracts/reflect/ReflectToken.sol#596)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- Transfer(from,address(0),brn) (contracts/reflect/ReflectToken.sol#566)
- liqAmount = _reflectFee(from,reflection,balance,tax,liq,brn,mrk,ref) (contracts/reflect/ReflectToken.sol#635-644)
- Transfer(from,to,transferAmount) (contracts/reflect/ReflectToken.sol#685)
- _updateBalances(from,to,amount,reflection,balance,tax + liq + brn + mrk + ref) (contracts/reflect/ReflectToken.sol#634)
Reentrancy in ReflectToken.constructor(string,string,uint8,bool[4],uint256[9],address[4],address) (contracts/reflect/ReflectToken.sol#133-231):
External calls:
- _swapPair = IUniswapV2Factory(IUniswapV2Router02(addresses_[1]).factory()).createPair(address(this),_weth) (contracts/reflect/ReflectToken.sol#209-211)
Event emitted after the call(s):
- ExcludedFromFee(account) (contracts/reflect/ReflectToken.sol#400)
- excludeFromFee(addresses_[0]) (contracts/reflect/ReflectToken.sol#215)
- ExcludedFromReward(account) (contracts/reflect/ReflectToken.sol#373)
- excludeFromReward(_swapPair) (contracts/reflect/ReflectToken.sol#214)
- OwnershipTransferred(oldOwner,newOwner) (@openzeppelin/contracts/access/Ownable.sol#69)
- transferOwnership(addresses_[0]) (contracts/reflect/ReflectToken.sol#217)
- SwapPairUpdated(pair) (contracts/reflect/ReflectToken.sol#504)
- _updateSwapPair(_swapPair) (contracts/reflect/ReflectToken.sol#212)
- Transfer(address(0),addresses_[0],feesAndLimits_[0]) (contracts/reflect/ReflectToken.sol#218)
- UpdateFees(feesAndLimits_[1],feesAndLimits_[2],feesAndLimits_[3],feesAndLimits_[4],feesAndLimits_[5]) (contracts/reflect/ReflectToken.sol#219-225)
- UpdateLiqStatus(flags_[3]) (contracts/reflect/ReflectToken.sol#228)
- UpdateLiqThreshold(feesAndLimits_[7]) (contracts/reflect/ReflectToken.sol#227)
- UpdateLiquidityAddress(addresses_[2]) (contracts/reflect/ReflectToken.sol#229)
- UpdateMarketingAddress(addresses_[3]) (contracts/reflect/ReflectToken.sol#230)
- UpdateTxLimit(feesAndLimits_[8]) (contracts/reflect/ReflectToken.sol#226)
Reentrancy in ReflectToken.recoverLockedTokens(address,address) (contracts/reflect/ReflectToken.sol#752-768):
External calls:
- IERC20(token).safeTransfer(receiver,balance) (contracts/reflect/ReflectToken.sol#765)
Event emitted after the call(s):
- RecoveredLockedTokens(token,receiver,balance) (contracts/reflect/ReflectToken.sol#767)
Apply the check-effects-interactions pattern.
Additional information: link
Address.isContract(address) (@openzeppelin/contracts/utils/Address.sol#26-36) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#32-34)
Address._verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#189-209) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#201-204)
Do not use evm assembly.
Additional information: link
Different versions of Solidity is used:
- Version used: ['0.8.4', '>=0.5.0', '>=0.6.2', '^0.8.0']
- ^0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#3)
- ^0.8.0 (@openzeppelin/contracts/utils/Address.sol#3)
- ^0.8.0 (@openzeppelin/contracts/utils/Context.sol#3)
- >=0.5.0 (@uniswap/v2-core/contracts/interfaces/IUniswapV2Factory.sol#1)
- >=0.6.2 (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router01.sol#1)
- >=0.6.2 (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router02.sol#1)
- 0.8.4 (contracts/ITokenConstructorFactory.sol#23)
- 0.8.4 (contracts/reflect/ReflectToken.sol#23)
Use one Solidity version.
Additional information: link
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#79-81) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#108-114) is never used and should be removed
Address.functionDelegateCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#168-170) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#178-187) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#141-143) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#151-160) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#54-59) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-22) is never used and should be removed
SafeERC20.safeApprove(IERC20,address,uint256) (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#44-57) is never used and should be removed
SafeERC20.safeDecreaseAllowance(IERC20,address,uint256) (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#68-79) is never used and should be removed
SafeERC20.safeIncreaseAllowance(IERC20,address,uint256) (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#59-66) is never used and should be removed
SafeERC20.safeTransferFrom(IERC20,address,address,uint256) (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#28-35) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version^0.8.0 (@openzeppelin/contracts/access/Ownable.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Address.sol#3) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Context.sol#3) allows old versions
Pragma version>=0.5.0 (@uniswap/v2-core/contracts/interfaces/IUniswapV2Factory.sol#1) allows old versions
Pragma version>=0.6.2 (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router01.sol#1) allows old versions
Pragma version>=0.6.2 (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router02.sol#1) allows old versions
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#54-59):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#57)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#122-133):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#131)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#151-160):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#158)
Low level call in Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#178-187):
- (success,returndata) = target.delegatecall(data) (@openzeppelin/contracts/utils/Address.sol#185)
Low level call in ReflectToken.recoverLockedTokens(address,address) (contracts/reflect/ReflectToken.sol#752-768):
- (success) = receiver.call{value: balance}() (contracts/reflect/ReflectToken.sol#760)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Router01.WETH() (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router01.sol#5) is not in mixedCase
Function ReflectToken._getRate() (contracts/reflect/ReflectToken.sol#507-515) is not in mixedCase
Variable ReflectToken.BRN_ENABLED (contracts/reflect/ReflectToken.sol#52) is not in mixedCase
Variable ReflectToken.MRK_ENABLED (contracts/reflect/ReflectToken.sol#53) is not in mixedCase
Variable ReflectToken.REF_ENABLED (contracts/reflect/ReflectToken.sol#54) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router01.sol#10) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router01.sol#11)
Variable ReflectToken._totalRatedBalance (contracts/reflect/ReflectToken.sol#46) is too similar to ReflectToken._getRate().totalRatedBalance_ (contracts/reflect/ReflectToken.sol#508)
Prevent variables from having similar names.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (@openzeppelin/contracts/access/Ownable.sol#53-55)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts