TRFX [Triflex] Token

AccessControlUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#247) shadows:
- ERC165Upgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#41)
- ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#36)
OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#87) shadows:
- ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#36)
Remove the state variable shadowing.

Additional information: link

MinimalForwarder.execute(MinimalForwarder.ForwardRequest,bytes) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#42-66) sends eth to arbitrary user
Dangerous calls:
- (success,returndata) = req.to.call{gas: req.gas,value: req.value}(abi.encodePacked(req.data,req.from)) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#50-52)
Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409) sends eth to arbitrary user
Dangerous calls:
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
Triflex.addLiquidity(uint256,uint256) (contracts/Triflex.sol#427-438) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
Ensure that an arbitrary user cannot withdraw unauthorized funds.

Additional information: link

Reentrancy in Triflex._transfer(address,address,uint256) (contracts/Triflex.sol#233-304):
External calls:
- swapAndsendEth() (contracts/Triflex.sol#300)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
- _transferStandard(from,to,amount,currenttotalFee) (contracts/Triflex.sol#303)
- onRye.sTPD(currentDividends + calculatedDividends) (contracts/Triflex.sol#324-326)
- ham.sb(address(sender),balanceOf(sender)) (contracts/Triflex.sol#329-331)
- ham.sb(address(recipient),balanceOf(recipient)) (contracts/Triflex.sol#332-334)
External calls sending eth:
- swapAndsendEth() (contracts/Triflex.sol#300)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
State variables written after the call(s):
- _transferStandard(from,to,amount,currenttotalFee) (contracts/Triflex.sol#303)
- _balances[from] = fromBalance - amount (@openzeppelin/contracts/token/ERC20/ERC20.sol#239)
- _balances[to] += amount (@openzeppelin/contracts/token/ERC20/ERC20.sol#241)
Apply the check-effects-interactions pattern.

Additional information: link

Contract ownership is not renounced (belongs to a wallet)

Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.

Triflex.addLiquidity(uint256,uint256) (contracts/Triflex.sol#427-438) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
Ensure that all the return values of the function calls are used.

Additional information: link

Reentrancy in Ham._processAccount(address,bool) (contracts/Ham.sol#236-249):
External calls:
- amount = onRye._withdrawDividendOfUser(account) (contracts/Ham.sol#241)
Event emitted after the call(s):
- Claim(token,account,amount,automatic) (contracts/Ham.sol#245)
Reentrancy in Triflex._transfer(address,address,uint256) (contracts/Triflex.sol#233-304):
External calls:
- swapAndsendEth() (contracts/Triflex.sol#300)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
- _transferStandard(from,to,amount,currenttotalFee) (contracts/Triflex.sol#303)
- onRye.sTPD(currentDividends + calculatedDividends) (contracts/Triflex.sol#324-326)
- ham.sb(address(sender),balanceOf(sender)) (contracts/Triflex.sol#329-331)
- ham.sb(address(recipient),balanceOf(recipient)) (contracts/Triflex.sol#332-334)
External calls sending eth:
- swapAndsendEth() (contracts/Triflex.sol#300)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
Event emitted after the call(s):
- Transfer(from,to,amount) (@openzeppelin/contracts/token/ERC20/ERC20.sol#243)
- _transferStandard(from,to,amount,currenttotalFee) (contracts/Triflex.sol#303)
Reentrancy in Triflex.constructor(address) (contracts/Triflex.sol#104-146):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(_uniswapV2Router.WETH(),address(this)) (contracts/Triflex.sol#126-127)
Event emitted after the call(s):
- ExcludeFromFees(account,isExcluded) (contracts/Triflex.sol#495)
- excludeFromFees(_msgSender(),true) (contracts/Triflex.sol#131)
- ExcludeFromFees(account,isExcluded) (contracts/Triflex.sol#495)
- excludeFromFees(address(this),true) (contracts/Triflex.sol#132)
- Transfer(address(0),account,amount) (@openzeppelin/contracts/token/ERC20/ERC20.sol#264)
- _mint(_msgSender(),TOTAL_SUPPLY) (contracts/Triflex.sol#143)
- Transfer(address(0),_msgSender(),TOTAL_SUPPLY) (contracts/Triflex.sol#145)
Reentrancy in Ham.eFR(address) (contracts/Ham.sol#82-92):
External calls:
- onRye._setBalance(account,0) (contracts/Ham.sol#89)
Event emitted after the call(s):
- ExcludedFromDividends(account) (contracts/Ham.sol#91)
Reentrancy in Triflex.excludeFromRewards(address) (contracts/Triflex.sol#610-614):
External calls:
- ham.eFR(account) (contracts/Triflex.sol#612)
Event emitted after the call(s):
- ExcludeFromRewards(account) (contracts/Triflex.sol#613)
Reentrancy in Triflex.removeRewardAddress(address) (contracts/Triflex.sol#595-608):
External calls:
- onRye.dTA(rewardTokenAddress) (contracts/Triflex.sol#605)
- onRye.dTSS(rewardTokenAddress) (contracts/Triflex.sol#606)
Event emitted after the call(s):
- RewardTokenRemoved(rewardTokenAddress) (contracts/Triflex.sol#607)
Reentrancy in Ham.sb(address,uint256) (contracts/Ham.sol#177-194):
External calls:
- onRye._setBalance(account,newBalance) (contracts/Ham.sol#185)
- onRye._setBalance(account,0) (contracts/Ham.sol#188)
- _processAccount(account,true) (contracts/Ham.sol#192)
- amount = onRye._withdrawDividendOfUser(account) (contracts/Ham.sol#241)
Event emitted after the call(s):
- Claim(token,account,amount,automatic) (contracts/Ham.sol#245)
- _processAccount(account,true) (contracts/Ham.sol#192)
Reentrancy in Triflex.setAutomatedMarketMakerPair(address) (contracts/Triflex.sol#465-471):
External calls:
- ham.eFR(newPair) (contracts/Triflex.sol#468)
Event emitted after the call(s):
- SetAutomatedMarketMakerPair(uniswapV2Pair) (contracts/Triflex.sol#470)
Reentrancy in Triflex.setNewRouter(address) (contracts/Triflex.sol#473-490):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_newRouter.factory()).createPair(address(this),_newRouter.WETH()) (contracts/Triflex.sol#481-484)
Event emitted after the call(s):
- SetNewRouter(newRouter) (contracts/Triflex.sol#489)
Reentrancy in Triflex.setUserRewardToken(address,address) (contracts/Triflex.sol#561-579):
External calls:
- onRye.sUCRT(holder,rewardTokenAddress) (contracts/Triflex.sol#577)
Event emitted after the call(s):
- RewardsTokenChosen(holder,rewardTokenAddress) (contracts/Triflex.sol#578)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
External calls sending eth:
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
Event emitted after the call(s):
- Transfer(address(this),developmentWallet,developmentAllocation) (contracts/Triflex.sol#358-362)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
External calls sending eth:
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
Event emitted after the call(s):
- Transfer(address(this),marketingWallet,marketingAllocation) (contracts/Triflex.sol#373-377)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
External calls sending eth:
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
Event emitted after the call(s):
- Transfer(address(this),address(onRye),rewardETHAllocation) (contracts/Triflex.sol#388-392)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
External calls sending eth:
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
Event emitted after the call(s):
- Approval(owner,spender,amount) (@openzeppelin/contracts/token/ERC20/ERC20.sol#319)
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
External calls sending eth:
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
Event emitted after the call(s):
- Transfer(address(this),marketingWallet,amountETH) (contracts/Triflex.sol#405)
Reentrancy in Triflex.updateClaimWait(uint256) (contracts/Triflex.sol#508-512):
External calls:
- ham.uCW(claimWait) (contracts/Triflex.sol#510)
Event emitted after the call(s):
- UpdateClaimWait(claimWait) (contracts/Triflex.sol#511)
Reentrancy in Triflex.withdrawBNBFromContract(address) (contracts/Triflex.sol#521-528):
External calls:
- (success) = to.call{value: balance}() (contracts/Triflex.sol#525)
Event emitted after the call(s):
- BNBWithdrawn(to,balance) (contracts/Triflex.sol#527)
Reentrancy in Triflex.withdrawStuckTokens(IERC20,address) (contracts/Triflex.sol#514-519):
External calls:
- success = token.transfer(to,balance) (contracts/Triflex.sol#516)
Event emitted after the call(s):
- Transfer(address(this),to,balance) (contracts/Triflex.sol#518)
Apply the check-effects-interactions pattern.

Additional information: link

Triflex.setUserRewardToken(address,address) (contracts/Triflex.sol#561-579) compares to a boolean constant:
-require(bool,string)(rewardAddressWhitelisted[rewardTokenAddress] == true,Tf: not in list) (contracts/Triflex.sol#573-576)
Triflex.addRewardAddress(address,bool) (contracts/Triflex.sol#581-593) compares to a boolean constant:
-require(bool,string)(rewardAddressWhitelisted[rewardTokenAddress] != true,Tf: already in list) (contracts/Triflex.sol#589)
Triflex.removeRewardAddress(address) (contracts/Triflex.sol#595-608) compares to a boolean constant:
-require(bool,string)(rewardAddressWhitelisted[rewardTokenAddress] == true,Tf: Token not found) (contracts/Triflex.sol#600-603)
Remove the equality to the boolean constant.

Additional information: link

Reentrancy in Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207):
External calls:
- addRewardAddress(address(0x7130d2A12B9BCbFAe4f2634d864A1Ee1Ce3Ead9c),true) (contracts/Triflex.sol#201)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
State variables written after the call(s):
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- rewardAddressWhitelisted[rewardTokenAddress] = true (contracts/Triflex.sol#590)
Reentrancy in Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207):
External calls:
- addRewardAddress(address(0x7130d2A12B9BCbFAe4f2634d864A1Ee1Ce3Ead9c),true) (contracts/Triflex.sol#201)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xC001BBe2B87079294C63EcE98BdD0a88D761434e),true) (contracts/Triflex.sol#203)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
State variables written after the call(s):
- addRewardAddress(address(0xC001BBe2B87079294C63EcE98BdD0a88D761434e),true) (contracts/Triflex.sol#203)
- rewardAddressWhitelisted[rewardTokenAddress] = true (contracts/Triflex.sol#590)
Reentrancy in Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207):
External calls:
- addRewardAddress(address(0x7130d2A12B9BCbFAe4f2634d864A1Ee1Ce3Ead9c),true) (contracts/Triflex.sol#201)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xC001BBe2B87079294C63EcE98BdD0a88D761434e),true) (contracts/Triflex.sol#203)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c),true) (contracts/Triflex.sol#204)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
State variables written after the call(s):
- addRewardAddress(address(0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c),true) (contracts/Triflex.sol#204)
- rewardAddressWhitelisted[rewardTokenAddress] = true (contracts/Triflex.sol#590)
Reentrancy in Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207):
External calls:
- addRewardAddress(address(0x7130d2A12B9BCbFAe4f2634d864A1Ee1Ce3Ead9c),true) (contracts/Triflex.sol#201)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xC001BBe2B87079294C63EcE98BdD0a88D761434e),true) (contracts/Triflex.sol#203)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c),true) (contracts/Triflex.sol#204)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xe9e7CEA3DedcA5984780Bafc599bD69ADd087D56),true) (contracts/Triflex.sol#205)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
State variables written after the call(s):
- addRewardAddress(address(0xe9e7CEA3DedcA5984780Bafc599bD69ADd087D56),true) (contracts/Triflex.sol#205)
- rewardAddressWhitelisted[rewardTokenAddress] = true (contracts/Triflex.sol#590)
Reentrancy in Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207):
External calls:
- addRewardAddress(address(0x7130d2A12B9BCbFAe4f2634d864A1Ee1Ce3Ead9c),true) (contracts/Triflex.sol#201)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0x1D2F0da169ceB9fC7B3144628dB156f3F6c60dBE),true) (contracts/Triflex.sol#202)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xC001BBe2B87079294C63EcE98BdD0a88D761434e),true) (contracts/Triflex.sol#203)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c),true) (contracts/Triflex.sol#204)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(0xe9e7CEA3DedcA5984780Bafc599bD69ADd087D56),true) (contracts/Triflex.sol#205)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
- addRewardAddress(address(this),false) (contracts/Triflex.sol#206)
- onRye.sTA(rewardTokenAddress,true) (contracts/Triflex.sol#591)
- onRye.sTSS(rewardTokenAddress,shouldSwap) (contracts/Triflex.sol#592)
State variables written after the call(s):
- addRewardAddress(address(this),false) (contracts/Triflex.sol#206)
- rewardAddressWhitelisted[rewardTokenAddress] = true (contracts/Triflex.sol#590)
Reentrancy in Triflex.setAutomatedMarketMakerPair(address) (contracts/Triflex.sol#465-471):
External calls:
- ham.eFR(newPair) (contracts/Triflex.sol#468)
State variables written after the call(s):
- uniswapV2Pair = newPair (contracts/Triflex.sol#469)
Apply the check-effects-interactions pattern.

Additional information: link

Triflex.swapAndsendEth().amountToLiquify (contracts/Triflex.sol#338) is a local variable never initialized
Triflex.manageSnipers(address[],bool).i (contracts/Triflex.sol#502) is a local variable never initialized
Triflex._transfer(address,address,uint256).currenttotalFee (contracts/Triflex.sol#258) is a local variable never initialized
Triflex.swapAndsendEth().mSuccess_scope_0 (contracts/Triflex.sol#401) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.

Additional information: link

ERC20Permit.constructor(string).name (contracts/ERC20Permit.sol#44) shadows:
- ERC20.name() (@openzeppelin/contracts/token/ERC20/ERC20.sol#62-64) (function)
- IERC20Metadata.name() (@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#17) (function)
Rename the local variables that shadow another component.

Additional information: link

Ham._processAccount(address,bool) (contracts/Ham.sol#236-249) has external calls inside a loop: amount = onRye._withdrawDividendOfUser(account) (contracts/Ham.sol#241)
Ham._processAccount(address,bool) (contracts/Ham.sol#236-249) has external calls inside a loop: token = onRye._userCustomRewardToken(account) (contracts/Ham.sol#243)
Favor pull over push strategy for external calls.

Additional information: link

Variable 'ECDSA.tryRecover(bytes32,bytes).r (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#62)' in ECDSA.tryRecover(bytes32,bytes) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#57-86) potentially used before declaration: r = mload(uint256)(signature + 0x20) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#79)
Variable 'Triflex.swapAndsendEth().mSuccess (contracts/Triflex.sol#369)' in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409) potentially used before declaration: (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
Move all variable declarations prior to any usage of the variable, and ensure that reaching a variable declaration does not depend on some conditional if it is used unconditionally.

Additional information: link

Reentrancy in Ham._processAccount(address,bool) (contracts/Ham.sol#236-249):
External calls:
- amount = onRye._withdrawDividendOfUser(account) (contracts/Ham.sol#241)
State variables written after the call(s):
- lastClaimTimes[account] = block.timestamp (contracts/Ham.sol#244)
Reentrancy in Triflex.constructor(address) (contracts/Triflex.sol#104-146):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(_uniswapV2Router.WETH(),address(this)) (contracts/Triflex.sol#126-127)
State variables written after the call(s):
- _mint(_msgSender(),TOTAL_SUPPLY) (contracts/Triflex.sol#143)
- _balances[account] += amount (@openzeppelin/contracts/token/ERC20/ERC20.sol#263)
- _canTransferBeforeOpenTrading[address(this)] = true (contracts/Triflex.sol#134)
- _canTransferBeforeOpenTrading[_msgSender()] = true (contracts/Triflex.sol#135)
- excludeFromFees(_msgSender(),true) (contracts/Triflex.sol#131)
- _isExcludedFromFee[account] = isExcluded (contracts/Triflex.sol#494)
- excludeFromFees(address(this),true) (contracts/Triflex.sol#132)
- _isExcludedFromFee[account] = isExcluded (contracts/Triflex.sol#494)
- _mint(_msgSender(),TOTAL_SUPPLY) (contracts/Triflex.sol#143)
- _totalSupply += amount (@openzeppelin/contracts/token/ERC20/ERC20.sol#262)
- maxWalletAmount = (TOTAL_SUPPLY * 21) / 10000 (contracts/Triflex.sol#137)
- maxWalletExcluded[uniswapV2Pair] = true (contracts/Triflex.sol#139)
- maxWalletExcluded[_msgSender()] = true (contracts/Triflex.sol#140)
- maxWalletExcluded[address(this)] = true (contracts/Triflex.sol#141)
- uniswapV2Router = _uniswapV2Router (contracts/Triflex.sol#129)
Reentrancy in Ham.sb(address,uint256) (contracts/Ham.sol#177-194):
External calls:
- onRye._setBalance(account,newBalance) (contracts/Ham.sol#185)
- onRye._setBalance(account,0) (contracts/Ham.sol#188)
- _processAccount(account,true) (contracts/Ham.sol#192)
- amount = onRye._withdrawDividendOfUser(account) (contracts/Ham.sol#241)
State variables written after the call(s):
- _processAccount(account,true) (contracts/Ham.sol#192)
- lastClaimTimes[account] = block.timestamp (contracts/Ham.sol#244)
Reentrancy in Triflex.setNewRouter(address) (contracts/Triflex.sol#473-490):
External calls:
- uniswapV2Pair = IUniswapV2Factory(_newRouter.factory()).createPair(address(this),_newRouter.WETH()) (contracts/Triflex.sol#481-484)
State variables written after the call(s):
- uniswapV2Router = _newRouter (contracts/Triflex.sol#488)
Reentrancy in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
External calls:
- swapTokensForEth(amountToLiquify) (contracts/Triflex.sol#341)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,1,path,address(this),block.timestamp) (contracts/Triflex.sol#418-424)
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
External calls sending eth:
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,1,1,address(this),block.timestamp) (contracts/Triflex.sol#430-437)
State variables written after the call(s):
- addLiquidity(amountToLiquify,amountETHLiquidity) (contracts/Triflex.sol#397)
- _allowances[owner][spender] = amount (@openzeppelin/contracts/token/ERC20/ERC20.sol#318)
Apply the check-effects-interactions pattern.

Additional information: link

ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/ERC20Permit.sol#74-107) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,ERC20Permit: expired deadline) (contracts/ERC20Permit.sol#83)
Ham.getAccount(address) (contracts/Ham.sol#126-168) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > 0 (contracts/Ham.sol#164)
- nextClaimTime > block.timestamp (contracts/Ham.sol#165-167)
Ham.canAutoClaim(uint256) (contracts/Ham.sol#170-175) uses timestamp for comparisons
Dangerous comparisons:
- lastClaimTime > block.timestamp (contracts/Ham.sol#171)
- block.timestamp.sub(lastClaimTime) >= claimWait (contracts/Ham.sol#174)
Avoid relying on block.timestamp.

Additional information: link

AddressUpgradeable.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#174-194) uses assembly
- INLINE ASM (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#186-189)
MinimalForwarder.execute(MinimalForwarder.ForwardRequest,bytes) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#42-66) uses assembly
- INLINE ASM (@openzeppelin/contracts/metatx/MinimalForwarder.sol#60-62)
Address.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#201-221) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#213-216)
ECDSA.tryRecover(bytes32,bytes) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#57-86) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#67-71)
- INLINE ASM (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#78-81)
ERC20Permit.constructor(string) (contracts/ERC20Permit.sol#44-60) uses assembly
- INLINE ASM (contracts/ERC20Permit.sol#46-48)
Do not use evm assembly.

Additional information: link

Different versions of Solidity is used:
- Version used: ['0.8.9', '^0.8.0', '^0.8.1', '^0.8.2', '^0.8.4']
- ^0.8.0 (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/access/IAccessControlUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#4)
- ^0.8.2 (@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#4)
- ^0.8.1 (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/utils/StringsUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/utils/introspection/IERC165Upgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#4)
- ^0.8.0 (@openzeppelin/contracts/access/Ownable.sol#4)
- ^0.8.0 (@openzeppelin/contracts/metatx/MinimalForwarder.sol#4)
- ^0.8.0 (@openzeppelin/contracts/security/ReentrancyGuard.sol#4)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#4)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#4)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#4)
- ^0.8.0 (@openzeppelin/contracts/token/ERC20/extensions/draft-IERC20Permit.sol#4)
- ^0.8.1 (@openzeppelin/contracts/utils/Address.sol#4)
- ^0.8.0 (@openzeppelin/contracts/utils/Context.sol#4)
- ^0.8.0 (@openzeppelin/contracts/utils/Counters.sol#4)
- ^0.8.0 (@openzeppelin/contracts/utils/Strings.sol#4)
- ^0.8.0 (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#4)
- ^0.8.0 (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#4)
- 0.8.9 (contracts/ERC20Permit.sol#2)
- ^0.8.4 (contracts/Ham.sol#2)
- ^0.8.4 (contracts/ItterableMapping.sol#2)
- ^0.8.4 (contracts/Triflex.sol#2)
- ^0.8.4 (contracts/interface/IHam.sol#3)
- ^0.8.4 (contracts/interface/IOnRye.sol#3)
- ^0.8.4 (contracts/interface/IUniswapV2Factory.sol#3)
- ^0.8.4 (contracts/interface/IUniswapV2Router01.sol#3)
- ^0.8.4 (contracts/interface/IUniswapV2Router02.sol#3)
- ^0.8.4 (contracts/libraries/SafeMathInt.sol#3)
- ^0.8.4 (contracts/libraries/SafeMathUint.sol#3)
Use one Solidity version.

Additional information: link

ReentrancyGuardUpgradeable.nonReentrant() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#55-67) has costly operations inside a loop:
- _status = _ENTERED (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#60)
ReentrancyGuardUpgradeable.nonReentrant() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#55-67) has costly operations inside a loop:
- _status = _NOT_ENTERED (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#66)
Use a local variable to hold the loop computation result.

Additional information: link

AccessControlUpgradeable.__AccessControl_init_unchained() (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#54-55) is never used and should be removed
AccessControlUpgradeable._setRoleAdmin(bytes32,bytes32) (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#212-216) is never used and should be removed
AccessControlUpgradeable._setupRole(bytes32,address) (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#203-205) is never used and should be removed
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#85-87) is never used and should be removed
Address.functionCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#95-101) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#114-120) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#128-139) is never used and should be removed
Address.functionDelegateCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#174-176) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#184-193) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#147-149) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#157-166) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#60-65) is never used and should be removed
Address.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#201-221) is never used and should be removed
AddressUpgradeable.functionCall(address,bytes) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#85-87) is never used and should be removed
AddressUpgradeable.functionCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#95-101) is never used and should be removed
AddressUpgradeable.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#114-120) is never used and should be removed
AddressUpgradeable.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#128-139) is never used and should be removed
AddressUpgradeable.functionStaticCall(address,bytes) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#147-149) is never used and should be removed
AddressUpgradeable.functionStaticCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#157-166) is never used and should be removed
AddressUpgradeable.sendValue(address,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#60-65) is never used and should be removed
AddressUpgradeable.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#174-194) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#21-23) is never used and should be removed
ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#18-19) is never used and should be removed
ContextUpgradeable.__Context_init_unchained() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#21-22) is never used and should be removed
ContextUpgradeable._msgData() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#27-29) is never used and should be removed
Counters.decrement(Counters.Counter) (@openzeppelin/contracts/utils/Counters.sol#32-38) is never used and should be removed
Counters.reset(Counters.Counter) (@openzeppelin/contracts/utils/Counters.sol#40-42) is never used and should be removed
ECDSA.recover(bytes32,bytes32,bytes32) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#130-138) is never used and should be removed
ECDSA.recover(bytes32,uint8,bytes32,bytes32) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#181-190) is never used and should be removed
ECDSA.toEthSignedMessageHash(bytes) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#214-216) is never used and should be removed
ECDSA.toEthSignedMessageHash(bytes32) (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#200-204) is never used and should be removed
ERC165Upgradeable.__ERC165_init() (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#24-25) is never used and should be removed
ERC165Upgradeable.__ERC165_init_unchained() (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#27-28) is never used and should be removed
ERC20._burn(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#280-295) is never used and should be removed
OwnableUpgradeable.__Ownable_init() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#29-31) is never used and should be removed
OwnableUpgradeable.__Ownable_init_unchained() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#33-35) is never used and should be removed
ReentrancyGuardUpgradeable.__ReentrancyGuard_init() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#40-42) is never used and should be removed
ReentrancyGuardUpgradeable.__ReentrancyGuard_init_unchained() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#44-46) is never used and should be removed
SafeMathInt.abs(int256) (contracts/libraries/SafeMathInt.sol#52-55) is never used and should be removed
SafeMathInt.div(int256,int256) (contracts/libraries/SafeMathInt.sol#23-29) is never used and should be removed
SafeMathInt.mul(int256,int256) (contracts/libraries/SafeMathInt.sol#11-18) is never used and should be removed
SafeMathInt.toUint256Safe(int256) (contracts/libraries/SafeMathInt.sol#58-61) is never used and should be removed
SafeMathUint.toInt256Safe(uint256) (contracts/libraries/SafeMathUint.sol#9-13) is never used and should be removed
SafeMathUpgradeable.div(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#135-137) is never used and should be removed
SafeMathUpgradeable.div(uint256,uint256,string) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#191-200) is never used and should be removed
SafeMathUpgradeable.mod(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#151-153) is never used and should be removed
SafeMathUpgradeable.mod(uint256,uint256,string) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#217-226) is never used and should be removed
SafeMathUpgradeable.mul(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#121-123) is never used and should be removed
SafeMathUpgradeable.sub(uint256,uint256,string) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#168-177) is never used and should be removed
SafeMathUpgradeable.tryAdd(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#22-28) is never used and should be removed
SafeMathUpgradeable.tryDiv(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#64-69) is never used and should be removed
SafeMathUpgradeable.tryMod(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#76-81) is never used and should be removed
SafeMathUpgradeable.tryMul(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#47-57) is never used and should be removed
SafeMathUpgradeable.trySub(uint256,uint256) (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#35-40) is never used and should be removed
Strings.toHexString(uint256) (@openzeppelin/contracts/utils/Strings.sol#40-51) is never used and should be removed
Strings.toHexString(uint256,uint256) (@openzeppelin/contracts/utils/Strings.sol#56-66) is never used and should be removed
Strings.toString(uint256) (@openzeppelin/contracts/utils/Strings.sol#15-35) is never used and should be removed
StringsUpgradeable.toHexString(uint256) (@openzeppelin/contracts-upgradeable/utils/StringsUpgradeable.sol#40-51) is never used and should be removed
StringsUpgradeable.toString(uint256) (@openzeppelin/contracts-upgradeable/utils/StringsUpgradeable.sol#15-35) is never used and should be removed
Remove unused functions.

Additional information: link

Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/access/IAccessControlUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#4) allows old versions
Pragma version^0.8.2 (@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#4) allows old versions
Pragma version^0.8.1 (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/utils/StringsUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/utils/introspection/IERC165Upgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts-upgradeable/utils/math/SafeMathUpgradeable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/access/Ownable.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/metatx/MinimalForwarder.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/security/ReentrancyGuard.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/ERC20.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/IERC20.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/token/ERC20/extensions/draft-IERC20Permit.sol#4) allows old versions
Pragma version^0.8.1 (@openzeppelin/contracts/utils/Address.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Context.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Counters.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/Strings.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/cryptography/ECDSA.sol#4) allows old versions
Pragma version^0.8.0 (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#4) allows old versions
Pragma version0.8.9 (contracts/ERC20Permit.sol#2) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.7
solc-0.8.9 is not recommended for deployment
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.

Additional information: link

Low level call in AddressUpgradeable.sendValue(address,uint256) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#60-65):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#63)
Low level call in AddressUpgradeable.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#128-139):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#137)
Low level call in AddressUpgradeable.functionStaticCall(address,bytes,string) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#157-166):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol#164)
Low level call in MinimalForwarder.execute(MinimalForwarder.ForwardRequest,bytes) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#42-66):
- (success,returndata) = req.to.call{gas: req.gas,value: req.value}(abi.encodePacked(req.data,req.from)) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#50-52)
Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#60-65):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#63)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#128-139):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#137)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#157-166):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#164)
Low level call in Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#184-193):
- (success,returndata) = target.delegatecall(data) (@openzeppelin/contracts/utils/Address.sol#191)
Low level call in Triflex.swapAndsendEth() (contracts/Triflex.sol#337-409):
- (dSuccess) = address(developmentWallet).call{value: developmentAllocation}() (contracts/Triflex.sol#354-356)
- (mSuccess) = address(marketingWallet).call{value: marketingAllocation}() (contracts/Triflex.sol#369-371)
- (rSuccess) = address(onRye).call{value: rewardETHAllocation}() (contracts/Triflex.sol#384-386)
- (mSuccess) = address(marketingWallet).call{value: amountETH}() (contracts/Triflex.sol#401-403)
Low level call in Triflex.withdrawBNBFromContract(address) (contracts/Triflex.sol#521-528):
- (success) = to.call{value: balance}() (contracts/Triflex.sol#525)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence

Additional information: link

Function AccessControlUpgradeable.__AccessControl_init() (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#51-52) is not in mixedCase
Function AccessControlUpgradeable.__AccessControl_init_unchained() (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#54-55) is not in mixedCase
Variable AccessControlUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#247) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#29-31) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init_unchained() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#33-35) is not in mixedCase
Variable OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#87) is not in mixedCase
Function ReentrancyGuardUpgradeable.__ReentrancyGuard_init() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#40-42) is not in mixedCase
Function ReentrancyGuardUpgradeable.__ReentrancyGuard_init_unchained() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#44-46) is not in mixedCase
Variable ReentrancyGuardUpgradeable.__gap (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#74) is not in mixedCase
Function ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#18-19) is not in mixedCase
Function ContextUpgradeable.__Context_init_unchained() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#21-22) is not in mixedCase
Variable ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#36) is not in mixedCase
Function ERC165Upgradeable.__ERC165_init() (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#24-25) is not in mixedCase
Function ERC165Upgradeable.__ERC165_init_unchained() (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#27-28) is not in mixedCase
Variable ERC165Upgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol#41) is not in mixedCase
Function IERC20Permit.DOMAIN_SEPARATOR() (@openzeppelin/contracts/token/ERC20/extensions/draft-IERC20Permit.sol#59) is not in mixedCase
Variable EIP712._CACHED_DOMAIN_SEPARATOR (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#31) is not in mixedCase
Variable EIP712._CACHED_CHAIN_ID (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#32) is not in mixedCase
Variable EIP712._CACHED_THIS (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#33) is not in mixedCase
Variable EIP712._HASHED_NAME (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#35) is not in mixedCase
Variable EIP712._HASHED_VERSION (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#36) is not in mixedCase
Variable EIP712._TYPE_HASH (@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol#37) is not in mixedCase
Parameter ERC20Permit.getMessageHash(address,uint256,string,uint256)._to (contracts/ERC20Permit.sol#63) is not in mixedCase
Parameter ERC20Permit.getMessageHash(address,uint256,string,uint256)._amount (contracts/ERC20Permit.sol#64) is not in mixedCase
Parameter ERC20Permit.getMessageHash(address,uint256,string,uint256)._message (contracts/ERC20Permit.sol#65) is not in mixedCase
Parameter ERC20Permit.getMessageHash(address,uint256,string,uint256)._nonce (contracts/ERC20Permit.sol#66) is not in mixedCase
Variable ERC20Permit._PERMIT_TYPEHASH_DEPRECATED_SLOT (contracts/ERC20Permit.sol#35) is not in mixedCase
Variable ERC20Permit.DOMAIN_SEPARATOR (contracts/ERC20Permit.sol#37) is not in mixedCase
Parameter Ham.initialize(address,address)._triflex (contracts/Ham.sol#52) is not in mixedCase
Parameter Ham.initialize(address,address)._onRye (contracts/Ham.sol#52) is not in mixedCase
Parameter Ham.setMinimunTokenBalance(uint256)._minimunTokenBalance (contracts/Ham.sol#68) is not in mixedCase
Parameter Ham.getAccount(address)._account (contracts/Ham.sol#126) is not in mixedCase
Parameter Triflex.setOnRye(address)._onRye (contracts/Triflex.sol#170) is not in mixedCase
Parameter Triflex.setHam(address)._ham (contracts/Triflex.sol#176) is not in mixedCase
Parameter Triflex.openTrading(bool,uint256)._deadBlocks (contracts/Triflex.sol#456) is not in mixedCase
Parameter Triflex.setTaxesSell(uint256,uint256,uint256,uint256)._liquidityFee (contracts/Triflex.sol#531) is not in mixedCase
Parameter Triflex.setTaxesSell(uint256,uint256,uint256,uint256)._marketingFee (contracts/Triflex.sol#532) is not in mixedCase
Parameter Triflex.setTaxesSell(uint256,uint256,uint256,uint256)._developmentFee (contracts/Triflex.sol#533) is not in mixedCase
Parameter Triflex.setTaxesSell(uint256,uint256,uint256,uint256)._rewardsToHolders (contracts/Triflex.sol#534) is not in mixedCase
Parameter Triflex.setTaxesBuy(uint256)._buyTotalFee (contracts/Triflex.sol#551) is not in mixedCase
Variable Triflex._canTransferBeforeOpenTrading (contracts/Triflex.sol#40) is not in mixedCase
Variable Triflex._sellLiquidityFee (contracts/Triflex.sol#47) is not in mixedCase
Variable Triflex._sellMarketingFee (contracts/Triflex.sol#48) is not in mixedCase
Variable Triflex._sellDevelopmentFee (contracts/Triflex.sol#49) is not in mixedCase
Variable Triflex._sellRewardsToHolders (contracts/Triflex.sol#50) is not in mixedCase
Function IHam._setUserHasCustomRewardToken(address,bool) (contracts/interface/IHam.sol#32) is not in mixedCase
Function IHam._userCustomRewardToken(address) (contracts/interface/IHam.sol#33) is not in mixedCase
Function IHam._setUserCustomRewardToken(address,address) (contracts/interface/IHam.sol#34) is not in mixedCase
Function IHam._userHasCustomRewardToken(address) (contracts/interface/IHam.sol#35) is not in mixedCase
Function IOnRye._withdrawDividendOfUser(address) (contracts/interface/IOnRye.sol#33) is not in mixedCase
Function IOnRye._getTotalPendingDividends() (contracts/interface/IOnRye.sol#37) is not in mixedCase
Function IOnRye._setBalance(address,uint256) (contracts/interface/IOnRye.sol#39) is not in mixedCase
Function IOnRye._userCustomRewardToken(address) (contracts/interface/IOnRye.sol#40) is not in mixedCase
Function IUniswapV2Router01.WETH() (contracts/interface/IUniswapV2Router01.sol#7) is not in mixedCase
Follow the Solidity naming convention.

Additional information: link

Variable Triflex.TOTAL_SUPPLY (contracts/Triflex.sol#36) is too similar to ERC20._totalSupply (@openzeppelin/contracts/token/ERC20/ERC20.sol#40)
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (contracts/interface/IUniswapV2Router01.sol#12) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (contracts/interface/IUniswapV2Router01.sol#13)
Prevent variables from having similar names.

Additional information: link

Triflex.setMaxWalletAmount(uint256) (contracts/Triflex.sol#156-160) uses literals with too many digits:
- require(bool,string)(amount > (TOTAL_SUPPLY * 15) / 10000000,TF: too small) (contracts/Triflex.sol#157)
Triflex.initializeExclusion() (contracts/Triflex.sol#190-198) uses literals with too many digits:
- ham.eFR(address(0x000000000000000000000000000000000000dEaD)) (contracts/Triflex.sol#195-197)
Use: Ether suffix, Time suffix, or The scientific notation

Additional information: link

OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#87) is never used in OwnableUpgradeable (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#21-88)
ReentrancyGuardUpgradeable.__gap (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#74) is never used in Ham (contracts/Ham.sol#14-270)
ERC20Permit._PERMIT_TYPEHASH_DEPRECATED_SLOT (contracts/ERC20Permit.sol#35) is never used in Triflex (contracts/Triflex.sol#16-617)
SafeMathInt.MAX_INT256 (contracts/libraries/SafeMathInt.sol#6) is never used in SafeMathInt (contracts/libraries/SafeMathInt.sol#4-63)
Remove unused state variables.

Additional information: link

ERC20Permit._PERMIT_TYPEHASH_DEPRECATED_SLOT (contracts/ERC20Permit.sol#35) should be constant
Add the constant attributes to state variables that never change.

Additional information: link

grantRole(bytes32,address) should be declared external:
- AccessControlUpgradeable.grantRole(bytes32,address) (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#148-150)
revokeRole(bytes32,address) should be declared external:
- AccessControlUpgradeable.revokeRole(bytes32,address) (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#161-163)
renounceRole(bytes32,address) should be declared external:
- AccessControlUpgradeable.renounceRole(bytes32,address) (@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol#179-183)
renounceOwnership() should be declared external:
- OwnableUpgradeable.renounceOwnership() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#59-61)
transferOwnership(address) should be declared external:
- OwnableUpgradeable.transferOwnership(address) (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#67-70)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (@openzeppelin/contracts/access/Ownable.sol#54-56)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (@openzeppelin/contracts/access/Ownable.sol#62-65)
getNonce(address) should be declared external:
- MinimalForwarder.getNonce(address) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#31-33)
execute(MinimalForwarder.ForwardRequest,bytes) should be declared external:
- MinimalForwarder.execute(MinimalForwarder.ForwardRequest,bytes) (@openzeppelin/contracts/metatx/MinimalForwarder.sol#42-66)
name() should be declared external:
- ERC20.name() (@openzeppelin/contracts/token/ERC20/ERC20.sol#62-64)
symbol() should be declared external:
- ERC20.symbol() (@openzeppelin/contracts/token/ERC20/ERC20.sol#70-72)
decimals() should be declared external:
- ERC20.decimals() (@openzeppelin/contracts/token/ERC20/ERC20.sol#87-89)
totalSupply() should be declared external:
- ERC20.totalSupply() (@openzeppelin/contracts/token/ERC20/ERC20.sol#94-96)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#113-117)
- Triflex.transfer(address,uint256) (contracts/Triflex.sol#224-231)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#136-140)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#158-167)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#181-185)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (@openzeppelin/contracts/token/ERC20/ERC20.sol#201-210)
getMessageHash(address,uint256,string,uint256) should be declared external:
- ERC20Permit.getMessageHash(address,uint256,string,uint256) (contracts/ERC20Permit.sol#62-69)
permit(address,address,uint256,uint256,uint8,bytes32,bytes32) should be declared external:
- ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/ERC20Permit.sol#74-107)
nonces(address) should be declared external:
- ERC20Permit.nonces(address) (contracts/ERC20Permit.sol#112-114)
initialize(address,address) should be declared external:
- Ham.initialize(address,address) (contracts/Ham.sol#52-66)
setMaxWalletAmount(uint256) should be declared external:
- Triflex.setMaxWalletAmount(uint256) (contracts/Triflex.sol#156-160)
toggleAntiBot() should be declared external:
- Triflex.toggleAntiBot() (contracts/Triflex.sol#182-188)
initializeExclusion() should be declared external:
- Triflex.initializeExclusion() (contracts/Triflex.sol#190-198)
initializeRewardTokens() should be declared external:
- Triflex.initializeRewardTokens() (contracts/Triflex.sol#200-207)
Use the external attribute for functions never called from the contract.

Additional information: link

Popular Tokens

About TRFX

Listings

Age

Website

Description

Social

Contract

Laser Scorebeta Last Audit: 30 August 2022

Anti-Scam

Links

Contract

Trading

Socials

Transparency

Age

Price for TRFX

News for TRFX

Popular Tokens

TRFX [Triflex] Token

About TRFX

Listings

Age

Website

Description

Social

Contract

Laser Scorebeta Last Audit: 30 August 2022

Anti-Scam

Links

Contract

[Slither] State variable shadowing critical

[Slither] Functions that send Ether to arbitrary destinations critical

[Slither] Reentrancy vulnerabilities critical

[LSR] Ownership is not renounced major

[LSR] Dangerous combinations (1) major

[Slither] Unused return minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Boolean equality minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Uninitialized local variables minor

[Slither] Local variable shadowing minor

[Slither] Calls inside a loop minor

[Slither] Pre-declaration usage of local variables minor

[Slither] Reentrancy vulnerabilities minor

[Slither] Block timestamp minor

[Slither] Assembly usage minor

[Slither] Different pragma directives are used minor

[Slither] Costly operations inside a loop minor

[Slither] Dead-code minor

[Slither] Incorrect versions of Solidity minor

[Slither] Low-level calls minor

[Slither] Conformance to Solidity naming conventions minor

[Slither] Variable names too similar minor

[Slither] Too many digits minor

[Slither] Unused state variable minor

[Slither] State variables that could be declared constant minor

[Slither] Public function that could be declared external minor

Trading

[honeypot.is] Moderate taxes critical

[LSR] Few holders major

[LSR] Few chains major

[LSR] Few trading pairs major

Socials

[LSR] Twitter has few followers major

[LSR] Blog is not found minor

Transparency

[LSR] No BscScan listing critical

[LSR] KYC is not found major

[LSR] No Mobula listing minor

[LSR] No CoinHunt listing minor

Age

[LSR] Token age <= 90 days critical

[LSR] CoinGecko age <= 90 days major

[LSR] CoinMarketCap age <= 90 days major

[LSR] No CoinGecko rank major

[LSR] Domain age <= 360 days minor

[LSR] Twitter age <= 360 days minor

Price for TRFX

News for TRFX