Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
Contract name (Vault-Tec DAO) contains non-alphanumeric characters.
Not a direct threat, but may indicate unreliable intentions of developer. Non-alphanumeric chars (,.;!#*&") are extremely rare among low risk tokens.
Not a direct threat, but may indicate unreliable intentions of developer. Widespread names (e.g. Elon, King, Moon, Doge) are common among meme-tokens and scams. The allow to gain free hype and attract unexperienced investors.
Vault._beforeTokenTransfer(address,address,uint256) (#918-929) uses tx.origin for authorization: buyDelayBlock > 0 && lastBuy[tx.origin] > 0 (#924)
Vault._beforeTokenTransfer(address,address,uint256) (#918-929) uses tx.origin for authorization: require(bool,string)(lastBuy[tx.origin] + buyDelayBlock <= block.number,delay block) (#925)
Do not use tx.origin for authorization.
Additional information: link
EnumerableSet.getValues(EnumerableSet.AddressSet).addressArray (#316) is a local variable never initialized
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero to improve code readability.
Additional information: link
VaultOwned.setVault(address) (#857-861) should emit an event for:
- _vault = vault_ (#858)
Emit an event for critical parameter changes.
Additional information: link
Vault.setMaxBuyAmount(uint256) (#931-933) should emit an event for:
- maxBuyAmount = _maxBuyAmount (#932)
Vault.setBuyDelayBlock(uint256) (#939-942) should emit an event for:
- buyDelayBlock = _buyDelayBlock (#941)
Emit an event for critical parameter changes.
Additional information: link
VaultOwned.setVault(address).vault_ (#857) lacks a zero-check on :
- _vault = vault_ (#858)
Check that the address is not zero.
Additional information: link
ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#785-806) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,Permit: expired deadline) (#794)
Avoid relying on block.timestamp.
Additional information: link
ERC20Permit.constructor() (#768-783) uses assembly
- INLINE ASM (#770-772)
Do not use evm assembly.
Additional information: link
Counters.decrement(Counters.Counter) (#738-740) is never used and should be removed
ERC20._beforeTokenTransfer(address,address,uint256) (#720) is never used and should be removed
EnumerableSet._add(EnumerableSet.Set,bytes32) (#29-39) is never used and should be removed
EnumerableSet._at(EnumerableSet.Set,uint256) (#105-108) is never used and should be removed
EnumerableSet._contains(EnumerableSet.Set,bytes32) (#84-86) is never used and should be removed
EnumerableSet._getValues(EnumerableSet.Set) (#110-112) is never used and should be removed
EnumerableSet._insert(EnumerableSet.Set,uint256,bytes32) (#119-125) is never used and should be removed
EnumerableSet._length(EnumerableSet.Set) (#91-93) is never used and should be removed
EnumerableSet._remove(EnumerableSet.Set,bytes32) (#47-79) is never used and should be removed
EnumerableSet.add(EnumerableSet.AddressSet,address) (#268-270) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes32Set,bytes32) (#201-203) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes4Set,bytes4) (#137-139) is never used and should be removed
EnumerableSet.add(EnumerableSet.UInt256Set,uint256) (#394-396) is never used and should be removed
EnumerableSet.add(EnumerableSet.UintSet,uint256) (#342-344) is never used and should be removed
EnumerableSet.at(EnumerableSet.AddressSet,uint256) (#306-308) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes32Set,uint256) (#239-241) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes4Set,uint256) (#175-177) is never used and should be removed
EnumerableSet.at(EnumerableSet.UInt256Set,uint256) (#432-434) is never used and should be removed
EnumerableSet.at(EnumerableSet.UintSet,uint256) (#380-382) is never used and should be removed
EnumerableSet.contains(EnumerableSet.AddressSet,address) (#285-287) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes32Set,bytes32) (#218-220) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes4Set,bytes4) (#154-156) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UInt256Set,uint256) (#411-413) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UintSet,uint256) (#359-361) is never used and should be removed
EnumerableSet.getValues(EnumerableSet.AddressSet) (#314-323) is never used and should be removed
EnumerableSet.getValues(EnumerableSet.Bytes32Set) (#243-251) is never used and should be removed
EnumerableSet.getValues(EnumerableSet.Bytes4Set) (#179-185) is never used and should be removed
EnumerableSet.insert(EnumerableSet.AddressSet,uint256,address) (#325-327) is never used and should be removed
EnumerableSet.insert(EnumerableSet.Bytes32Set,uint256,bytes32) (#253-255) is never used and should be removed
EnumerableSet.insert(EnumerableSet.Bytes4Set,uint256,bytes4) (#187-189) is never used and should be removed
EnumerableSet.length(EnumerableSet.AddressSet) (#292-294) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes32Set) (#225-227) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes4Set) (#161-163) is never used and should be removed
EnumerableSet.length(EnumerableSet.UInt256Set) (#418-420) is never used and should be removed
EnumerableSet.length(EnumerableSet.UintSet) (#366-368) is never used and should be removed
EnumerableSet.remove(EnumerableSet.AddressSet,address) (#278-280) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes32Set,bytes32) (#211-213) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes4Set,bytes4) (#147-149) is never used and should be removed
EnumerableSet.remove(EnumerableSet.UInt256Set,uint256) (#404-406) is never used and should be removed
EnumerableSet.remove(EnumerableSet.UintSet,uint256) (#352-354) is never used and should be removed
SafeMath.average(uint256,uint256) (#586-589) is never used and should be removed
SafeMath.bondingCurve(uint256,uint256) (#595-597) is never used and should be removed
SafeMath.div(uint256,uint256) (#540-542) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#544-550) is never used and should be removed
SafeMath.mod(uint256,uint256) (#552-554) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#556-559) is never used and should be removed
SafeMath.mul(uint256,uint256) (#528-538) is never used and should be removed
SafeMath.percentageAmount(uint256,uint8) (#574-576) is never used and should be removed
SafeMath.percentageOfTotal(uint256,uint256) (#582-584) is never used and should be removed
SafeMath.quadraticPricing(uint256,uint256) (#591-593) is never used and should be removed
SafeMath.sqrrt(uint256) (#561-572) is never used and should be removed
SafeMath.substractPercentage(uint256,uint8) (#578-580) is never used and should be removed
Remove unused functions.
Additional information: link
Variable ERC20._balances (#608) is not in mixedCase
Variable ERC20._allowances (#611) is not in mixedCase
Variable ERC20._totalSupply (#614) is not in mixedCase
Variable ERC20._name (#617) is not in mixedCase
Variable ERC20._symbol (#620) is not in mixedCase
Variable ERC20._decimals (#623) is not in mixedCase
Variable ERC20Permit.DOMAIN_SEPARATOR (#766) is not in mixedCase
Variable Ownable._owner (#823) is not in mixedCase
Variable VaultOwned._vault (#855) is not in mixedCase
Function Vault._burnFrom(address,uint256) (#899-908) is not in mixedCase
Parameter Vault.setMaxBuyAmount(uint256)._maxBuyAmount (#931) is not in mixedCase
Parameter Vault.setAllowBuy(bool)._allowBuy (#935) is not in mixedCase
Parameter Vault.setBuyDelayBlock(uint256)._buyDelayBlock (#939) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
ERC20.ERC20TOKEN_ERC1820_INTERFACE_ID (#605) is never used in Vault (#880-944)
Remove unused state variables.
Additional information: link
symbol() should be declared external:
- ERC20.symbol() (#635-637)
decimals() should be declared external:
- ERC20.decimals() (#639-641)
totalSupply() should be declared external:
- ERC20.totalSupply() (#643-645)
balanceOf(address) should be declared external:
- ERC20.balanceOf(address) (#647-649)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#651-654)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#660-663)
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#665-669)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#671-674)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#676-679)
permit(address,address,uint256,uint256,uint8,bytes32,bytes32) should be declared external:
- ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#785-806)
nonces(address) should be declared external:
- ERC20Permit.nonces(address) (#808-810)
owner() should be declared external:
- Ownable.owner() (#832-834)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#841-844)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#846-850)
vault() should be declared external:
- VaultOwned.vault() (#866-868)
burn(uint256) should be declared external:
- Vault.burn(uint256) (#891-893)
burnFrom(address,uint256) should be declared external:
- Vault.burnFrom(address,uint256) (#895-897)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts