The new era of Proof-of-Stake is here. Get instant access to PoS rewards, DeFi yield, and multichain governance. All through a network of Trusted Nodes.
By holding TNODE tokens, you are able to:
- Participate in the governance of Trusted Node DAO
- Participate in the governance of the PoS networks through the aggregate voting weight of Trusted Node
- Stake them and boost your delegation rewards
- Benefit from the liquid staking functionality, allowing you to do yield stacking
- Participate in yield generating vaults and liquidity pools
Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
AnyswapV5ERC20.depositWithTransferPermit(address,uint256,uint256,uint8,bytes32,bytes32,address) (#347-350) ignores return value by IERC20(underlying).transferWithPermit(target,address(this),value,deadline,v,r,s) (#348)
Ensure that all the return values of the function calls are used.
Additional information: link
AnyswapV5ERC20.initVault(address)._vault (#211) lacks a zero-check on :
- vault = _vault (#213)
- pendingVault = _vault (#214)
AnyswapV5ERC20.setMinter(address)._auth (#221) lacks a zero-check on :
- pendingMinter = _auth (#222)
AnyswapV5ERC20.setVault(address)._vault (#226) lacks a zero-check on :
- pendingVault = _vault (#227)
AnyswapV5ERC20.constructor(string,string,uint8,address,address)._underlying (#306) lacks a zero-check on :
- underlying = _underlying (#310)
AnyswapV5ERC20.constructor(string,string,uint8,address,address)._vault (#306) lacks a zero-check on :
- vault = _vault (#321)
- pendingVault = _vault (#322)
Check that the address is not zero.
Additional information: link
Address.isContract(address) (#103-109) uses assembly
- INLINE ASM (#107)
AnyswapV5ERC20.constructor(string,string,uint8,address,address) (#306-334) uses assembly
- INLINE ASM (#326)
Do not use evm assembly.
Additional information: link
Reentrancy in AnyswapV5ERC20.deposit() (#352-356):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),_amount) (#354)
State variables written after the call(s):
- _deposit(_amount,msg.sender) (#355)
- _totalSupply += amount (#412)
- _deposit(_amount,msg.sender) (#355)
- balanceOf[account] += amount (#413)
Reentrancy in AnyswapV5ERC20.deposit(uint256) (#358-361):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),amount) (#359)
State variables written after the call(s):
- _deposit(amount,msg.sender) (#360)
- _totalSupply += amount (#412)
- _deposit(amount,msg.sender) (#360)
- balanceOf[account] += amount (#413)
Reentrancy in AnyswapV5ERC20.deposit(uint256,address) (#363-366):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),amount) (#364)
State variables written after the call(s):
- _deposit(amount,to) (#365)
- _totalSupply += amount (#412)
- _deposit(amount,to) (#365)
- balanceOf[account] += amount (#413)
Reentrancy in AnyswapV5ERC20.depositWithPermit(address,uint256,uint256,uint8,bytes32,bytes32,address) (#341-345):
External calls:
- IERC20(underlying).permit(target,address(this),value,deadline,v,r,s) (#342)
- IERC20(underlying).safeTransferFrom(target,address(this),value) (#343)
State variables written after the call(s):
- _deposit(value,to) (#344)
- _totalSupply += amount (#412)
- _deposit(value,to) (#344)
- balanceOf[account] += amount (#413)
Reentrancy in AnyswapV5ERC20.depositWithTransferPermit(address,uint256,uint256,uint8,bytes32,bytes32,address) (#347-350):
External calls:
- IERC20(underlying).transferWithPermit(target,address(this),value,deadline,v,r,s) (#348)
State variables written after the call(s):
- _deposit(value,to) (#349)
- _totalSupply += amount (#412)
- _deposit(value,to) (#349)
- balanceOf[account] += amount (#413)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in AnyswapV5ERC20.deposit() (#352-356):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),_amount) (#354)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#414)
- _deposit(_amount,msg.sender) (#355)
Reentrancy in AnyswapV5ERC20.deposit(uint256) (#358-361):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),amount) (#359)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#414)
- _deposit(amount,msg.sender) (#360)
Reentrancy in AnyswapV5ERC20.deposit(uint256,address) (#363-366):
External calls:
- IERC20(underlying).safeTransferFrom(msg.sender,address(this),amount) (#364)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#414)
- _deposit(amount,to) (#365)
Reentrancy in AnyswapV5ERC20.depositWithPermit(address,uint256,uint256,uint8,bytes32,bytes32,address) (#341-345):
External calls:
- IERC20(underlying).permit(target,address(this),value,deadline,v,r,s) (#342)
- IERC20(underlying).safeTransferFrom(target,address(this),value) (#343)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#414)
- _deposit(value,to) (#344)
Reentrancy in AnyswapV5ERC20.depositWithTransferPermit(address,uint256,uint256,uint8,bytes32,bytes32,address) (#347-350):
External calls:
- IERC20(underlying).transferWithPermit(target,address(this),value,deadline,v,r,s) (#348)
Event emitted after the call(s):
- Transfer(address(0),account,amount) (#414)
- _deposit(value,to) (#349)
Apply the check-effects-interactions pattern.
Additional information: link
AnyswapV5ERC20.mpc() (#200-205) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp >= delayVault (#201)
AnyswapV5ERC20.applyVault() (#231-234) uses timestamp for comparisons
Dangerous comparisons:
- require(bool)(block.timestamp >= delayVault) (#232)
AnyswapV5ERC20.applyMinter() (#236-240) uses timestamp for comparisons
Dangerous comparisons:
- require(bool)(block.timestamp >= delayMinter) (#237)
AnyswapV5ERC20.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#469-486) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,AnyswapV3ERC20: Expired permit) (#470)
AnyswapV5ERC20.transferWithPermit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#488-512) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,AnyswapV3ERC20: Expired permit) (#489)
Avoid relying on block.timestamp.
Additional information: link
SafeERC20.safeApprove(IERC20,address,uint256) (#123-128) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version0.8.2 (#31) allows old versions
solc-0.8.2 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in SafeERC20.callOptionalReturn(IERC20,bytes) (#129-140):
- (success,returndata) = address(token).call(data) (#133)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Parameter AnyswapV5ERC20.initVault(address)._vault (#211) is not in mixedCase
Parameter AnyswapV5ERC20.setMinter(address)._auth (#221) is not in mixedCase
Parameter AnyswapV5ERC20.setVault(address)._vault (#226) is not in mixedCase
Parameter AnyswapV5ERC20.revokeMinter(address)._auth (#243) is not in mixedCase
Function AnyswapV5ERC20.Swapin(bytes32,address,uint256) (#279-283) is not in mixedCase
Function AnyswapV5ERC20.Swapout(uint256,address) (#285-291) is not in mixedCase
Variable AnyswapV5ERC20.DOMAIN_SEPARATOR (#153) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
AnyswapV5ERC20.delay (#166) should be constant
AnyswapV5ERC20.delayDelay (#183) should be constant
AnyswapV5ERC20.pendingDelay (#182) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
owner() should be declared external:
- AnyswapV5ERC20.owner() (#196-198)
changeMPCOwner(address) should be declared external:
- AnyswapV5ERC20.changeMPCOwner(address) (#260-266)
Swapin(bytes32,address,uint256) should be declared external:
- AnyswapV5ERC20.Swapin(bytes32,address,uint256) (#279-283)
Swapout(uint256,address) should be declared external:
- AnyswapV5ERC20.Swapout(uint256,address) (#285-291)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find token contract audit
Unable to find audit link on the website
Unable to find token on CoinHunt
Additional information: link
Young tokens have high risks of price dump / death
Young tokens have high risks of scam / price dump / death
Young tokens have high risks of price dump / death
Young tokens have high risks of price dump / death
Token has relatively low CoinGecko rank
Token has relatively low CoinMarketCap rank
Last post in Twitter was more than 30 days ago
Unable to find Youtube account