Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
SWtigerbro.addLiquidity(uint256,uint256) (#774-787) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in SWtigerbro._transfer(address,address,uint256) (#672-721):
External calls:
- swapAndLiquify(contractTokenBalance) (#705)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#705)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#708)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#716)
- finalAmount = takeFee(sender,recipient,amount) (#710-711)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#801)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
SWtigerbro.addLiquidity(uint256,uint256) (#774-787) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
Ensure that all the return values of the function calls are used.
Additional information: link
SWtigerbro.allowance(address,address).owner (#527) shadows:
- Ownable.owner() (#156-158) (function)
SWtigerbro._approve(address,address,uint256).owner (#550) shadows:
- Ownable.owner() (#156-158) (function)
Rename the local variables that shadow another component.
Additional information: link
SWtigerbro.setBuyTaxes(uint256,uint256,uint256) (#570-576) should emit an event for:
- _buyLiquidityFee = newLiquidityTax (#571)
- _buyMarketingFee = newMarketingTax (#572)
- _buyTeamFee = newTeamTax (#573)
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#575)
SWtigerbro.setSellTaxes(uint256,uint256,uint256) (#578-584) should emit an event for:
- _sellLiquidityFee = newLiquidityTax (#579)
- _sellMarketingFee = newMarketingTax (#580)
- _sellTeamFee = newTeamTax (#581)
- _totalTaxIfSelling = _sellLiquidityFee.add(_sellMarketingFee).add(_sellTeamFee) (#583)
SWtigerbro.setDistributionSettings(uint256,uint256,uint256) (#586-592) should emit an event for:
- _liquidityShare = newLiquidityShare (#587)
- _teamShare = newTeamShare (#589)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#591)
SWtigerbro.setMaxTxAmount(uint256) (#594-596) should emit an event for:
- _maxTxAmount = maxTxAmount (#595)
SWtigerbro.setWalletLimit(uint256) (#606-608) should emit an event for:
- _walletMax = newLimit (#607)
SWtigerbro.setNumTokensBeforeSwap(uint256) (#610-612) should emit an event for:
- minimumTokensBeforeSwap = newLimit (#611)
SWtigerbro.UPfeeTXtime(uint256) (#816-818) should emit an event for:
- feeTXtime = _feeTXtime (#817)
SWtigerbro.UPendtime(uint256) (#820-822) should emit an event for:
- endtime = _endtime (#821)
Emit an event for critical parameter changes.
Additional information: link
SWtigerbro.setMarketingWalletAddress(address).newAddress (#614) lacks a zero-check on :
- marketingWalletAddress = address(newAddress) (#615)
SWtigerbro.setTeamWalletAddress(address).newAddress (#618) lacks a zero-check on :
- teamWalletAddress = address(newAddress) (#619)
Check that the address is not zero.
Additional information: link
Reentrancy in SWtigerbro.changeRouterVersion(address) (#639-656):
External calls:
- newPairAddress = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#647-648)
State variables written after the call(s):
- isMarketPair[address(uniswapPair)] = true (#655)
- isWalletLimitExempt[address(uniswapPair)] = true (#654)
- uniswapPair = newPairAddress (#651)
- uniswapV2Router = _uniswapV2Router (#652)
Reentrancy in SWtigerbro.constructor() (#477-505):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#481-482)
State variables written after the call(s):
- _allowances[address(this)][address(uniswapV2Router)] = _totalSupply (#485)
- _balances[_msgSender()] = _totalSupply (#503)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#492)
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#490)
- _totalTaxIfSelling = _sellLiquidityFee.add(_sellMarketingFee).add(_sellTeamFee) (#491)
- isExcludedFromFee[owner()] = true (#487)
- isExcludedFromFee[address(this)] = true (#488)
- isMarketPair[address(uniswapPair)] = true (#501)
- isTxLimitExempt[owner()] = true (#498)
- isTxLimitExempt[address(this)] = true (#499)
- isWalletLimitExempt[owner()] = true (#494)
- isWalletLimitExempt[address(uniswapPair)] = true (#495)
- isWalletLimitExempt[address(this)] = true (#496)
- uniswapV2Router = _uniswapV2Router (#484)
Reentrancy in SWtigerbro.swapAndLiquify(uint256) (#730-752):
External calls:
- swapTokensForEth(tokensForSwap) (#735)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#745)
- recipient.transfer(amount) (#636)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#748)
- recipient.transfer(amount) (#636)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- _allowances[owner][spender] = amount (#554)
Reentrancy in SWtigerbro.transferFrom(address,address,uint256) (#666-670):
External calls:
- _transfer(sender,recipient,amount) (#667)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
External calls sending eth:
- _transfer(sender,recipient,amount) (#667)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#668)
- _allowances[owner][spender] = amount (#554)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in SWtigerbro._transfer(address,address,uint256) (#672-721):
External calls:
- swapAndLiquify(contractTokenBalance) (#705)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#705)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#802)
- finalAmount = takeFee(sender,recipient,amount) (#710-711)
- Transfer(sender,recipient,finalAmount) (#718)
Reentrancy in SWtigerbro.constructor() (#477-505):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#481-482)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_totalSupply) (#504)
Reentrancy in SWtigerbro.swapAndLiquify(uint256) (#730-752):
External calls:
- swapTokensForEth(tokensForSwap) (#735)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#745)
- recipient.transfer(amount) (#636)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#748)
- recipient.transfer(amount) (#636)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#555)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
Reentrancy in SWtigerbro.swapTokensForEth(uint256) (#754-772):
External calls:
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
Event emitted after the call(s):
- SwapTokensForETH(tokenAmount,path) (#771)
Reentrancy in SWtigerbro.transferFrom(address,address,uint256) (#666-670):
External calls:
- _transfer(sender,recipient,amount) (#667)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#763-769)
External calls sending eth:
- _transfer(sender,recipient,amount) (#667)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#555)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#668)
Apply the check-effects-interactions pattern.
Additional information: link
Ownable.unlock() (#191-196) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp > _lockTime,Contract is locked until 1.5 days) (#193)
SWtigerbro._transfer(address,address,uint256) (#672-721) uses timestamp for comparisons
Dangerous comparisons:
- endtime == 0 (#677)
- endtime > block.timestamp (#680)
Avoid relying on block.timestamp.
Additional information: link
Address.isContract(address) (#87-96) uses assembly
- INLINE ASM (#94)
Address._functionCallWithValue(address,bytes,uint256,string) (#123-140) uses assembly
- INLINE ASM (#132-135)
Do not use evm assembly.
Additional information: link
Address._functionCallWithValue(address,bytes,uint256,string) (#123-140) is never used and should be removed
Address.functionCall(address,bytes) (#106-108) is never used and should be removed
Address.functionCall(address,bytes,string) (#110-112) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#114-116) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#118-121) is never used and should be removed
Address.isContract(address) (#87-96) is never used and should be removed
Address.sendValue(address,uint256) (#98-104) is never used and should be removed
Context._msgData() (#14-17) is never used and should be removed
SafeMath.mod(uint256,uint256) (#75-77) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#79-82) is never used and should be removed
Remove unused functions.
Additional information: link
SWtigerbro._liquidityShare (#431) is set pre-construction with a non-constant function or state variable:
- _buyLiquidityFee.add(_sellLiquidityFee)
SWtigerbro._marketingShare (#432) is set pre-construction with a non-constant function or state variable:
- _buyMarketingFee.add(_sellMarketingFee)
SWtigerbro._teamShare (#433) is set pre-construction with a non-constant function or state variable:
- _buyTeamFee.add(_sellTeamFee)
SWtigerbro._totalSupply (#439) is set pre-construction with a non-constant function or state variable:
- 10 * 10 ** 16 * 10 ** _decimals
SWtigerbro._maxTxAmount (#440) is set pre-construction with a non-constant function or state variable:
- _totalSupply.div(20)
SWtigerbro._walletMax (#441) is set pre-construction with a non-constant function or state variable:
- _totalSupply.div(50)
SWtigerbro.minimumTokensBeforeSwap (#442) is set pre-construction with a non-constant function or state variable:
- _totalSupply.div(10000)
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#98-104):
- (success) = recipient.call{value: amount}() (#102)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#123-140):
- (success,returndata) = target.call{value: weiValue}(data) (#126)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#230) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#231) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#247) is not in mixedCase
Function IUniswapV2Router01.WETH() (#266) is not in mixedCase
Parameter SWtigerbro.setSwapAndLiquifyEnabled(bool)._enabled (#622) is not in mixedCase
Parameter SWtigerbro.setblocklist(address)._account (#808) is not in mixedCase
Function SWtigerbro.UPfeeTXtime(uint256) (#816-818) is not in mixedCase
Parameter SWtigerbro.UPfeeTXtime(uint256)._feeTXtime (#816) is not in mixedCase
Function SWtigerbro.UPendtime(uint256) (#820-822) is not in mixedCase
Parameter SWtigerbro.UPendtime(uint256)._endtime (#820) is not in mixedCase
Variable SWtigerbro._balances (#412) is not in mixedCase
Variable SWtigerbro._buyLiquidityFee (#423) is not in mixedCase
Variable SWtigerbro._buyMarketingFee (#424) is not in mixedCase
Variable SWtigerbro._buyTeamFee (#425) is not in mixedCase
Variable SWtigerbro._sellLiquidityFee (#427) is not in mixedCase
Variable SWtigerbro._sellMarketingFee (#428) is not in mixedCase
Variable SWtigerbro._sellTeamFee (#429) is not in mixedCase
Variable SWtigerbro._liquidityShare (#431) is not in mixedCase
Variable SWtigerbro._marketingShare (#432) is not in mixedCase
Variable SWtigerbro._teamShare (#433) is not in mixedCase
Variable SWtigerbro._totalTaxIfBuying (#435) is not in mixedCase
Variable SWtigerbro._totalTaxIfSelling (#436) is not in mixedCase
Variable SWtigerbro._totalDistributionShares (#437) is not in mixedCase
Variable SWtigerbro._maxTxAmount (#440) is not in mixedCase
Variable SWtigerbro._walletMax (#441) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#15)" inContext (#8-18)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Reentrancy in SWtigerbro._transfer(address,address,uint256) (#672-721):
External calls:
- swapAndLiquify(contractTokenBalance) (#705)
- recipient.transfer(amount) (#636)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#705)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#708)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#716)
- finalAmount = takeFee(sender,recipient,amount) (#710-711)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#801)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#802)
- finalAmount = takeFee(sender,recipient,amount) (#710-711)
- Transfer(sender,recipient,finalAmount) (#718)
Reentrancy in SWtigerbro.swapAndLiquify(uint256) (#730-752):
External calls:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#745)
- recipient.transfer(amount) (#636)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#748)
- recipient.transfer(amount) (#636)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#745)
- recipient.transfer(amount) (#636)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#748)
- recipient.transfer(amount) (#636)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
- _allowances[owner][spender] = amount (#554)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#555)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#751)
Reentrancy in SWtigerbro.transferFrom(address,address,uint256) (#666-670):
External calls:
- _transfer(sender,recipient,amount) (#667)
- recipient.transfer(amount) (#636)
External calls sending eth:
- _transfer(sender,recipient,amount) (#667)
- recipient.transfer(amount) (#636)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#779-786)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#668)
- _allowances[owner][spender] = amount (#554)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#555)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#668)
Apply the check-effects-interactions pattern.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#271) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#272)
Prevent variables from having similar names.
Additional information: link
SWtigerbro.slitherConstructorVariables() (#399-824) uses literals with too many digits:
- deadAddress = 0x000000000000000000000000000000000000dEaD (#410)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
SWtigerbro._decimals (#406) should be constant
SWtigerbro._name (#404) should be constant
SWtigerbro._symbol (#405) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
waiveOwnership() should be declared external:
- Ownable.waiveOwnership() (#165-168)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#170-174)
getUnlockTime() should be declared external:
- Ownable.getUnlockTime() (#176-178)
getTime() should be declared external:
- Ownable.getTime() (#180-182)
lock(uint256) should be declared external:
- Ownable.lock(uint256) (#184-189)
unlock() should be declared external:
- Ownable.unlock() (#191-196)
name() should be declared external:
- SWtigerbro.name() (#507-509)
symbol() should be declared external:
- SWtigerbro.symbol() (#511-513)
decimals() should be declared external:
- SWtigerbro.decimals() (#515-517)
totalSupply() should be declared external:
- SWtigerbro.totalSupply() (#519-521)
allowance(address,address) should be declared external:
- SWtigerbro.allowance(address,address) (#527-529)
increaseAllowance(address,uint256) should be declared external:
- SWtigerbro.increaseAllowance(address,uint256) (#531-534)
decreaseAllowance(address,uint256) should be declared external:
- SWtigerbro.decreaseAllowance(address,uint256) (#536-539)
minimumTokensBeforeSwapAmount() should be declared external:
- SWtigerbro.minimumTokensBeforeSwapAmount() (#541-543)
approve(address,uint256) should be declared external:
- SWtigerbro.approve(address,uint256) (#545-548)
setMarketPairStatus(address,bool) should be declared external:
- SWtigerbro.setMarketPairStatus(address,bool) (#558-560)
setIsExcludedFromFee(address,bool) should be declared external:
- SWtigerbro.setIsExcludedFromFee(address,bool) (#566-568)
setSwapAndLiquifyEnabled(bool) should be declared external:
- SWtigerbro.setSwapAndLiquifyEnabled(bool) (#622-625)
setSwapAndLiquifyByLimitOnly(bool) should be declared external:
- SWtigerbro.setSwapAndLiquifyByLimitOnly(bool) (#627-629)
getCirculatingSupply() should be declared external:
- SWtigerbro.getCirculatingSupply() (#631-633)
changeRouterVersion(address) should be declared external:
- SWtigerbro.changeRouterVersion(address) (#639-656)
transfer(address,uint256) should be declared external:
- SWtigerbro.transfer(address,uint256) (#661-664)
transferFrom(address,address,uint256) should be declared external:
- SWtigerbro.transferFrom(address,address,uint256) (#666-670)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Twitter account
Telegram account has relatively few subscribers
Unable to find Blog account (Reddit or Medium)
Unable to find Youtube account
Unable to find Discord account