Unable to find manual contract audit (e.g. Certik, PeckShield, Solidity...)
King.addLiquidity(uint256,uint256) (#699-709) sends eth to arbitrary user
Dangerous calls:
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Additional information: link
Reentrancy in King._transfer(address,address,uint256) (#609-647):
External calls:
- swapAndLiquify(contractTokenBalance) (#631)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#631)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#634)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#642)
- finalAmount = takeFee(sender,recipient,amount) (#636-637)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#723)
Apply the check-effects-interactions pattern.
Additional information: link
Combination 1: Reentrancy vulnerabilities + Functions that send Ether to arbitraty destination. Usual for scams. May be justified by some complex mechanics (e.g. rebase, reflections). DYOR & manual audit are advised.
Contract ticker (Virus Tiger) contains non-alphanumeric characters.
Not a direct threat, but may indicate unreliable intentions of developer. Non-alphanumeric chars (,.;!#*&") are extremely rare among low risk tokens.
King.addLiquidity(uint256,uint256) (#699-709) ignores return value by uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
Ensure that all the return values of the function calls are used.
Additional information: link
King.allowance(address,address).owner (#469) shadows:
- Ownable.owner() (#127-129) (function)
King._approve(address,address,uint256).owner (#492) shadows:
- Ownable.owner() (#127-129) (function)
Rename the local variables that shadow another component.
Additional information: link
King.setBuyTaxes(uint256,uint256,uint256) (#512-518) should emit an event for:
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#517)
King.setDistributionSettings(uint256,uint256,uint256) (#525-531) should emit an event for:
- _liquidityShare = newLiquidityShare (#526)
- _teamShare = newTeamShare (#528)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#530)
King.setMaxTxAmount(uint256) (#533-535) should emit an event for:
- _maxTxAmount = maxTxAmount (#534)
King.setWalletLimit(uint256) (#545-547) should emit an event for:
- _walletMax = newLimit (#546)
King.setNumTokensBeforeSwap(uint256) (#549-551) should emit an event for:
- minimumTokensBeforeSwap = newLimit (#550)
Emit an event for critical parameter changes.
Additional information: link
King.setMarketingWalletAddress(address).newAddress (#553) lacks a zero-check on :
- marketingWalletAddress = address(newAddress) (#554)
King.setTeamWalletAddress(address).newAddress (#557) lacks a zero-check on :
- teamWalletAddress = address(newAddress) (#558)
Check that the address is not zero.
Additional information: link
Reentrancy in King.changeRouterVersion(address) (#578-595):
External calls:
- newPairAddress = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#586-587)
State variables written after the call(s):
- isMarketPair[address(uniswapPair)] = true (#594)
- isWalletLimitExempt[address(uniswapPair)] = true (#593)
- uniswapPair = newPairAddress (#590)
- uniswapV2Router = _uniswapV2Router (#591)
Reentrancy in King.constructor() (#418-447):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#421-422)
State variables written after the call(s):
- _allowances[address(this)][address(uniswapV2Router)] = _totalSupply (#425)
- _balances[_msgSender()] = _totalSupply (#445)
- _totalDistributionShares = _liquidityShare.add(_marketingShare).add(_teamShare) (#432)
- _totalTaxIfBuying = _buyLiquidityFee.add(_buyMarketingFee).add(_buyTeamFee) (#430)
- _totalTaxIfSelling = _sellLiquidityFee.add(_sellMarketingFee).add(_sellTeamFee) (#431)
- isExcludedFromFee[owner()] = true (#427)
- isExcludedFromFee[address(this)] = true (#428)
- isMarketPair[address(uniswapPair)] = true (#440)
- isTxLimitExempt[owner()] = true (#438)
- isTxLimitExempt[address(this)] = true (#439)
- isWalletLimitExempt[owner()] = true (#434)
- isWalletLimitExempt[address(uniswapPair)] = true (#435)
- isWalletLimitExempt[address(this)] = true (#436)
- marketingWalletAddress = address(address(0xc3195B943e26D12562597B2e4914136979913603)) (#443)
- teamWalletAddress = address(address(0xc3195B943e26D12562597B2e4914136979913603)) (#442)
- uniswapV2Router = _uniswapV2Router (#424)
Reentrancy in King.swapAndLiquify(uint256) (#656-678):
External calls:
- swapTokensForEth(tokensForSwap) (#661)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#671)
- recipient.transfer(amount) (#575)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#674)
- recipient.transfer(amount) (#575)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- _allowances[owner][spender] = amount (#496)
Reentrancy in King.transferFrom(address,address,uint256) (#603-607):
External calls:
- _transfer(sender,recipient,amount) (#604)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
External calls sending eth:
- _transfer(sender,recipient,amount) (#604)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#605)
- _allowances[owner][spender] = amount (#496)
Apply the check-effects-interactions pattern.
Additional information: link
Reentrancy in King._transfer(address,address,uint256) (#609-647):
External calls:
- swapAndLiquify(contractTokenBalance) (#631)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#631)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#724)
- finalAmount = takeFee(sender,recipient,amount) (#636-637)
- Transfer(sender,recipient,finalAmount) (#644)
Reentrancy in King.constructor() (#418-447):
External calls:
- uniswapPair = IUniswapV2Factory(_uniswapV2Router.factory()).createPair(address(this),_uniswapV2Router.WETH()) (#421-422)
Event emitted after the call(s):
- Transfer(address(0),_msgSender(),_totalSupply) (#446)
Reentrancy in King.swapAndLiquify(uint256) (#656-678):
External calls:
- swapTokensForEth(tokensForSwap) (#661)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#671)
- recipient.transfer(amount) (#575)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#674)
- recipient.transfer(amount) (#575)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#497)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
Reentrancy in King.swapTokensForEth(uint256) (#681-697):
External calls:
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
Event emitted after the call(s):
- SwapTokensForETH(tokenAmount,path) (#696)
Reentrancy in King.transferFrom(address,address,uint256) (#603-607):
External calls:
- _transfer(sender,recipient,amount) (#604)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
- uniswapV2Router.swapExactTokensForETHSupportingFeeOnTransferTokens(tokenAmount,0,path,address(this),block.timestamp) (#688-694)
External calls sending eth:
- _transfer(sender,recipient,amount) (#604)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#497)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#605)
Apply the check-effects-interactions pattern.
Additional information: link
Address.isContract(address) (#75-80) uses assembly
- INLINE ASM (#78)
Address._functionCallWithValue(address,bytes,uint256,string) (#95-111) uses assembly
- INLINE ASM (#103-106)
Do not use evm assembly.
Additional information: link
Address._functionCallWithValue(address,bytes,uint256,string) (#95-111) is never used and should be removed
Address.functionCall(address,bytes) (#86-88) is never used and should be removed
Address.functionCall(address,bytes,string) (#89-91) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#92-94) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (#113-116) is never used and should be removed
Address.isContract(address) (#75-80) is never used and should be removed
Address.sendValue(address,uint256) (#81-85) is never used and should be removed
Context._msgData() (#7-10) is never used and should be removed
SafeMath.mod(uint256,uint256) (#64-66) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#68-71) is never used and should be removed
Remove unused functions.
Additional information: link
King._totalSupply (#382) is set pre-construction with a non-constant function or state variable:
- 1000000000000 * 10 ** _decimals
King._maxTxAmount (#383) is set pre-construction with a non-constant function or state variable:
- 1000000000000 * 10 ** _decimals
King._walletMax (#384) is set pre-construction with a non-constant function or state variable:
- 1000000000000 * 10 ** _decimals
King.minimumTokensBeforeSwap (#385) is set pre-construction with a non-constant function or state variable:
- 10000 * 10 ** _decimals
Remove any initialization of state variables via non-constant state variables or function calls. If variables must be set upon contract deployment, locate initialization in the constructor instead.
Additional information: link
Low level call in Address.sendValue(address,uint256) (#81-85):
- (success) = recipient.call{value: amount}() (#83)
Low level call in Address._functionCallWithValue(address,bytes,uint256,string) (#95-111):
- (success,returndata) = target.call{value: weiValue}(data) (#97)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (#183) is not in mixedCase
Function IUniswapV2Pair.PERMIT_TYPEHASH() (#184) is not in mixedCase
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (#200) is not in mixedCase
Function IUniswapV2Router01.WETH() (#218) is not in mixedCase
Parameter King.setSwapAndLiquifyEnabled(bool)._enabled (#561) is not in mixedCase
Variable King._balances (#358) is not in mixedCase
Variable King._buyLiquidityFee (#366) is not in mixedCase
Variable King._buyMarketingFee (#367) is not in mixedCase
Variable King._buyTeamFee (#368) is not in mixedCase
Variable King._sellLiquidityFee (#370) is not in mixedCase
Variable King._sellMarketingFee (#371) is not in mixedCase
Variable King._sellTeamFee (#372) is not in mixedCase
Variable King._liquidityShare (#374) is not in mixedCase
Variable King._marketingShare (#375) is not in mixedCase
Variable King._teamShare (#376) is not in mixedCase
Variable King._totalTaxIfBuying (#378) is not in mixedCase
Variable King._totalTaxIfSelling (#379) is not in mixedCase
Variable King._totalDistributionShares (#380) is not in mixedCase
Variable King._maxTxAmount (#383) is not in mixedCase
Variable King._walletMax (#384) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
Redundant expression "this (#8)" inContext (#3-11)
Remove redundant statements if they congest code but offer no value.
Additional information: link
Reentrancy in King._transfer(address,address,uint256) (#609-647):
External calls:
- swapAndLiquify(contractTokenBalance) (#631)
- recipient.transfer(amount) (#575)
External calls sending eth:
- swapAndLiquify(contractTokenBalance) (#631)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- _balances[sender] = _balances[sender].sub(amount,Insufficient Balance) (#634)
- _balances[recipient] = _balances[recipient].add(finalAmount) (#642)
- finalAmount = takeFee(sender,recipient,amount) (#636-637)
- _balances[address(this)] = _balances[address(this)].add(feeAmount) (#723)
Event emitted after the call(s):
- Transfer(sender,address(this),feeAmount) (#724)
- finalAmount = takeFee(sender,recipient,amount) (#636-637)
- Transfer(sender,recipient,finalAmount) (#644)
Reentrancy in King.swapAndLiquify(uint256) (#656-678):
External calls:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#671)
- recipient.transfer(amount) (#575)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#674)
- recipient.transfer(amount) (#575)
External calls sending eth:
- transferToAddressETH(marketingWalletAddress,amountBNBMarketing) (#671)
- recipient.transfer(amount) (#575)
- transferToAddressETH(teamWalletAddress,amountBNBTeam) (#674)
- recipient.transfer(amount) (#575)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
- _allowances[owner][spender] = amount (#496)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#497)
- addLiquidity(tokensForLP,amountBNBLiquidity) (#677)
Reentrancy in King.transferFrom(address,address,uint256) (#603-607):
External calls:
- _transfer(sender,recipient,amount) (#604)
- recipient.transfer(amount) (#575)
External calls sending eth:
- _transfer(sender,recipient,amount) (#604)
- recipient.transfer(amount) (#575)
- uniswapV2Router.addLiquidityETH{value: ethAmount}(address(this),tokenAmount,0,0,owner(),block.timestamp) (#701-708)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#605)
- _allowances[owner][spender] = amount (#496)
Event emitted after the call(s):
- Approval(owner,spender,amount) (#497)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (#605)
Apply the check-effects-interactions pattern.
Additional information: link
Variable IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountADesired (#223) is too similar to IUniswapV2Router01.addLiquidity(address,address,uint256,uint256,uint256,uint256,address,uint256).amountBDesired (#224)
Prevent variables from having similar names.
Additional information: link
Ownable.waiveOwnership() (#136-139) uses literals with too many digits:
- OwnershipTransferred(_owner,address(0x000000000000000000000000000000000000dEaD)) (#137)
Ownable.waiveOwnership() (#136-139) uses literals with too many digits:
- _owner = address(0x000000000000000000000000000000000000dEaD) (#138)
King.slitherConstructorVariables() (#349-731) uses literals with too many digits:
- deadAddress = 0x000000000000000000000000000000000000dEaD (#357)
King.slitherConstructorVariables() (#349-731) uses literals with too many digits:
- _totalSupply = 1000000000000 * 10 ** _decimals (#382)
King.slitherConstructorVariables() (#349-731) uses literals with too many digits:
- _maxTxAmount = 1000000000000 * 10 ** _decimals (#383)
King.slitherConstructorVariables() (#349-731) uses literals with too many digits:
- _walletMax = 1000000000000 * 10 ** _decimals (#384)
Use: Ether suffix, Time suffix, or The scientific notation
Additional information: link
King._decimals (#354) should be constant
King._name (#352) should be constant
King._sellMarketingFee (#371) should be constant
King._sellTeamFee (#372) should be constant
King._symbol (#353) should be constant
Add the constant attributes to state variables that never change.
Additional information: link
waiveOwnership() should be declared external:
- Ownable.waiveOwnership() (#136-139)
transferOwnership(address) should be declared external:
- Ownable.transferOwnership(address) (#141-145)
getTime() should be declared external:
- Ownable.getTime() (#147-149)
name() should be declared external:
- King.name() (#449-451)
symbol() should be declared external:
- King.symbol() (#453-455)
decimals() should be declared external:
- King.decimals() (#457-459)
totalSupply() should be declared external:
- King.totalSupply() (#461-463)
allowance(address,address) should be declared external:
- King.allowance(address,address) (#469-471)
increaseAllowance(address,uint256) should be declared external:
- King.increaseAllowance(address,uint256) (#473-476)
decreaseAllowance(address,uint256) should be declared external:
- King.decreaseAllowance(address,uint256) (#478-481)
minimumTokensBeforeSwapAmount() should be declared external:
- King.minimumTokensBeforeSwapAmount() (#483-485)
approve(address,uint256) should be declared external:
- King.approve(address,uint256) (#487-490)
setMarketPairStatus(address,bool) should be declared external:
- King.setMarketPairStatus(address,bool) (#500-502)
setIsExcludedFromFee(address,bool) should be declared external:
- King.setIsExcludedFromFee(address,bool) (#508-510)
setSwapAndLiquifyEnabled(bool) should be declared external:
- King.setSwapAndLiquifyEnabled(bool) (#561-564)
setSwapAndLiquifyByLimitOnly(bool) should be declared external:
- King.setSwapAndLiquifyByLimitOnly(bool) (#566-568)
getCirculatingSupply() should be declared external:
- King.getCirculatingSupply() (#570-572)
changeRouterVersion(address) should be declared external:
- King.changeRouterVersion(address) (#578-595)
transfer(address,uint256) should be declared external:
- King.transfer(address,uint256) (#598-601)
transferFrom(address,address,uint256) should be declared external:
- King.transferFrom(address,address,uint256) (#603-607)
Use the external attribute for functions never called from the contract.
Additional information: link
Unable to find website, listings and other project-related information
Young tokens have high risks of scam / price dump / death
Token has no active CoinGecko listing / rank
Token has no active CoinMarketCap listing / rank
Unable to find Telegram and Twitter accounts