Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
BA2Token.swapEthForToken(uint256,address) (#1066-1084) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.swapExactETHForTokens{value: ethAmount}(0,path,receiver,block.timestamp) (#1076-1081)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
BA2Token._transfer(address,address,uint256) (#831-871) uses a dangerous strict equality:
- shouldSetInviter = balanceOf(to) == 0 && inviter[to] == address(0) && from != uniswapV2Pair (#850-852)
BA2Token.setShare(address) (#910-919) uses a dangerous strict equality:
- IERC20(uniswapV2Pair).balanceOf(shareholder) == 0 (#912)
BA2Token.setShare(address) (#910-919) uses a dangerous strict equality:
- IERC20(uniswapV2Pair).balanceOf(shareholder) == 0 (#915)
Don't use strict equality to determine if an account has enough Ether or tokens.
Additional information: link
Ownable._previousOwner (#93) is never used in BA2Token (#588-1138)
Ownable._lockTime (#94) is never used in BA2Token (#588-1138)
Remove unused state variables.
Additional information: link
BA2Token._takeInviterFee(address,address,uint256) (#974-1013) performs a multiplication on the result of a division:
-_tOwned[address(this)] = _tOwned[address(this)].add(tAmount.div(10000).mul(_inviterFee)) (#986)
BA2Token._takeInviterFee(address,address,uint256) (#974-1013) performs a multiplication on the result of a division:
-Transfer(sender,address(this),tAmount.div(10000).mul(_inviterFee)) (#987)
BA2Token._takeInviterFee(address,address,uint256) (#974-1013) performs a multiplication on the result of a division:
-_tOwned[address(this)] = _tOwned[address(this)].add(tAmount.div(10000).mul(_inviterFee.sub(accurRate))) (#1011)
BA2Token._takeInviterFee(address,address,uint256) (#974-1013) performs a multiplication on the result of a division:
-Transfer(sender,address(this),tAmount.div(10000).mul(_inviterFee.sub(accurRate))) (#1012)
BA2Token._takeInviterFee(address,address,uint256) (#974-1013) performs a multiplication on the result of a division:
-curTAmount = tAmount.div(10000).mul(rate) (#1007)
BA2Token._transferStandard(address,address,uint256) (#1108-1136) performs a multiplication on the result of a division:
-_takeburnAndMarketFee(sender,tAmount.div(10000).mul(_burnAndMarketFee)) (#1116)
BA2Token._transferStandard(address,address,uint256) (#1108-1136) performs a multiplication on the result of a division:
-_takeLPFee(sender,tAmount.div(10000).mul(_LPFee.add(_satFee))) (#1119)
BA2Token._transferStandard(address,address,uint256) (#1108-1136) performs a multiplication on the result of a division:
-_takesatFee(sender,recipient,tAmount.div(10000).mul(_satFee)) (#1125)
BA2Token._transferStandard(address,address,uint256) (#1108-1136) performs a multiplication on the result of a division:
-_tOwned[recipient] = _tOwned[recipient].add(tAmount.div(10000).mul(recipientRate)) (#1132-1134)
BA2Token._transferStandard(address,address,uint256) (#1108-1136) performs a multiplication on the result of a division:
-Transfer(sender,recipient,tAmount.div(10000).mul(recipientRate)) (#1135)
Consider ordering multiplication before division.
Additional information: link
Reentrancy in BA2Token._tokenTransfer(address,address,uint256,bool) (#934-945):
External calls:
- _transferStandard(sender,recipient,amount) (#942)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
State variables written after the call(s):
- restoreAllFee() (#944)
- _LPFee = _previousLPFee (#814)
- restoreAllFee() (#944)
- _burnAndMarketFee = _previousburnAndMarketFee (#813)
- restoreAllFee() (#944)
- _inviterFee = _previousInviterFee (#815)
- restoreAllFee() (#944)
- _satFee = _previousatFee (#816)
Reentrancy in BA2Token._transfer(address,address,uint256) (#831-871):
External calls:
- _tokenTransfer(from,to,amount,takeFee) (#855)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
State variables written after the call(s):
- process(distributorGas) (#868)
- _tOwned[address(this)] = _tOwned[address(this)].sub(amount) (#906)
- _tOwned[shareholder] = _tOwned[shareholder].add(amount) (#907)
- inviter[to] = from (#858)
Reentrancy in BA2Token._transferStandard(address,address,uint256) (#1108-1136):
External calls:
- _takesatFee(sender,recipient,tAmount.div(10000).mul(_satFee)) (#1125)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
State variables written after the call(s):
- _tOwned[recipient] = _tOwned[recipient].add(tAmount.div(10000).mul(recipientRate)) (#1132-1134)
Apply the check-effects-interactions pattern.
Additional information: link
BA2Token.swapTokensForEth(uint256) (#1046-1064) ignores return value by uniswapV2Router.swapExactTokensForETH(tokenAmount,0,path,address(this),block.timestamp) (#1055-1061)
BA2Token.swapEthForToken(uint256,address) (#1066-1084) ignores return value by uniswapV2Router.swapExactETHForTokens{value: ethAmount}(0,path,receiver,block.timestamp) (#1076-1081)
BA2Token.swapThisTokenForToken(uint256,address) (#1086-1106) ignores return value by uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
Ensure that all the return values of the function calls are used.
Additional information: link
BA2Token.allowance(address,address).owner (#707) shadows:
- Ownable.owner() (#104-106) (function)
BA2Token._approve(address,address,uint256).owner (#820) shadows:
- Ownable.owner() (#104-106) (function)
Rename the local variables that shadow another component.
Additional information: link
Reentrancy in BA2Token._transfer(address,address,uint256) (#831-871):
External calls:
- _tokenTransfer(from,to,amount,takeFee) (#855)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
State variables written after the call(s):
- LPFeefenhong = block.timestamp (#869)
- setShare(fromAddress) (#862)
- _updated[shareholder] = false (#926)
- _updated[shareholder] = true (#917)
- setShare(toAddress) (#863)
- _updated[shareholder] = false (#926)
- _updated[shareholder] = true (#917)
- process(distributorGas) (#868)
- currentIndex = 0 (#884)
- currentIndex ++ (#889)
- currentIndex ++ (#898)
- fromAddress = from (#860)
- fromAddress = from (#865)
- setShare(fromAddress) (#862)
- shareholderIndexes[shareholder] = shareholders.length (#921)
- shareholderIndexes[shareholders[shareholders.length - 1]] = shareholderIndexes[shareholder] (#930)
- setShare(toAddress) (#863)
- shareholderIndexes[shareholder] = shareholders.length (#921)
- shareholderIndexes[shareholders[shareholders.length - 1]] = shareholderIndexes[shareholder] (#930)
- setShare(fromAddress) (#862)
- shareholders[shareholderIndexes[shareholder]] = shareholders[shareholders.length - 1] (#929)
- shareholders.push(shareholder) (#922)
- shareholders.pop() (#931)
- setShare(toAddress) (#863)
- shareholders[shareholderIndexes[shareholder]] = shareholders[shareholders.length - 1] (#929)
- shareholders.push(shareholder) (#922)
- shareholders.pop() (#931)
- toAddress = to (#861)
- toAddress = to (#866)
Reentrancy in BA2Token.constructor(string,string,address) (#648-676):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#659-660)
State variables written after the call(s):
- _isExcludedFromFee[msg.sender] = true (#666)
- _isExcludedFromFee[address(this)] = true (#667)
- isDividendExempt[address(this)] = true (#668)
- isDividendExempt[address(0)] = true (#669)
- uniswapV2Router = _uniswapV2Router (#663)
Reentrancy in BA2Token.transferFrom(address,address,uint256) (#732-747):
External calls:
- _transfer(sender,recipient,amount) (#737)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
State variables written after the call(s):
- _approve(sender,msg.sender,_allowances[sender][msg.sender].sub(amount,ERC20: transfer amount exceeds allowance)) (#738-745)
- _allowances[owner][spender] = amount (#827)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in BA2Token._transfer(address,address,uint256) (#831-871):
External calls:
- _tokenTransfer(from,to,amount,takeFee) (#855)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
Event emitted after the call(s):
- Transfer(address(this),shareholder,amount) (#908)
- process(distributorGas) (#868)
Reentrancy in BA2Token._transferStandard(address,address,uint256) (#1108-1136):
External calls:
- _takesatFee(sender,recipient,tAmount.div(10000).mul(_satFee)) (#1125)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
Event emitted after the call(s):
- Transfer(sender,recipient,tAmount.div(10000).mul(recipientRate)) (#1135)
Reentrancy in BA2Token.constructor(string,string,address) (#648-676):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#659-660)
Event emitted after the call(s):
- Transfer(address(0),msg.sender,_tTotal) (#675)
Reentrancy in BA2Token.transferFrom(address,address,uint256) (#732-747):
External calls:
- _transfer(sender,recipient,amount) (#737)
- uniswapV2Router.swapExactTokensForTokens(thisTokenAmount,0,path,receiver,block.timestamp) (#1097-1103)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#828)
- _approve(sender,msg.sender,_allowances[sender][msg.sender].sub(amount,ERC20: transfer amount exceeds allowance)) (#738-745)
Apply the check-effects-interactions pattern.
Additional information: link
BA2Token._transfer(address,address,uint256) (#831-871) uses timestamp for comparisons
Dangerous comparisons:
- _tOwned[address(this)] >= 1 * 10 ** 4 * 10 ** 18 && from != address(this) && LPFeefenhong.add(minPeriod) <= block.timestamp (#867)
Avoid relying on block.timestamp.
Additional information: link
BA2Token.swapEthForToken(uint256,address) (#1066-1084) is never used and should be removed
BA2Token.swapTokensForEth(uint256) (#1046-1064) is never used and should be removed
Remove unused functions.
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#306) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#308) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#339) is not in mixedCase
Function IUniswapV2Router01.WETH() (#385) is not in mixedCase
Constant BA2Token.MarketAddr (#598) is not in UPPER_CASE_WITH_UNDERSCORES
Variable BA2Token._burnAndMarketFee (#607) is not in mixedCase
Variable BA2Token._burnFee (#610) is not in mixedCase
Variable BA2Token._LPFee (#612) is not in mixedCase
Variable BA2Token._marketingFee (#615) is not in mixedCase
Variable BA2Token._satFee (#617) is not in mixedCase
Variable BA2Token._inviterFee (#620) is not in mixedCase
Variable BA2Token.LPFeefenhong (#626) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#390) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#391)
Prevent variables from having similar names.
Additional information: link
BA2Token.slitherConstructorVariables() (#588-1138) uses literals with too many digits:
- distributorGas = 500000 (#624)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
BA2Token._burnFee (#610) should be constant
BA2Token._decimals (#605) should be constant
BA2Token._marketingFee (#615) should be constant
BA2Token._tTotal (#623) should be constant
BA2Token.distributorGas (#624) should be constant
BA2Token.minPeriod (#625) should be constant
BA2Token.sat (#597) should be constant
Ownable._lockTime (#94) should be constant
Ownable._previousOwner (#93) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#113-116)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#118-122)
name() should be declared external:
- BA2Token.name() (#678-680)
symbol() should be declared external:
- BA2Token.symbol() (#682-684)
decimals() should be declared external:
- BA2Token.decimals() (#686-688)
totalSupply() should be declared external:
- BA2Token.totalSupply() (#690-692)
transfer(address,uint256) should be declared external:
- BA2Token.transfer(address,uint256) (#698-705)
allowance(address,address) should be declared external:
- BA2Token.allowance(address,address) (#707-714)
approve(address,uint256) should be declared external:
- BA2Token.approve(address,uint256) (#716-730)
transferFrom(address,address,uint256) should be declared external:
- BA2Token.transferFrom(address,address,uint256) (#732-747)
increaseAllowance(address,uint256) should be declared external:
- BA2Token.increaseAllowance(address,uint256) (#749-760)
decreaseAllowance(address,uint256) should be declared external:
- BA2Token.decreaseAllowance(address,uint256) (#762-776)
totalFees() should be declared external:
- BA2Token.totalFees() (#778-780)
isExcludedFromFee(address) should be declared external:
- BA2Token.isExcludedFromFee(address) (#782-784)
excludeFromFee(address) should be declared external:
- BA2Token.excludeFromFee(address) (#785-787)
includeInFee(address) should be declared external:
- BA2Token.includeInFee(address) (#789-791)
transferContracts() should be declared external:
- BA2Token.transferContracts() (#793-795)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts