SAFU

Audit

KYC

Test

0x2d716831d82d837c3922ad8c10fe70757b5814fe

Audit Scope
Source Code
Contract Owner
Blockchain
Language
Compiler
Verified
Audit Method
Audit Date

Note that we only audited the code available to us on this URL at the time of the audit. If the URL is not from any block explorer (main net), it may be subject to change. Always check the contract address on this audit report and compare it to the token you are doing research for.

Audit Result
Latest update: Sat, 05 Nov 2022 17:03:46 +0100
Informational
Low-Risk
Medium-Risk
High-Risk

Contract Information

Total Supply
Decimals
Holders
License
Code
Ability to mint
Ability to blacklist
Max Transaction
Fee Limitation
Exclude from Fees
Contract Pausability

Audit Results

Informational ()
Low-Risk ()
Medium-Risk ()
High-Risk ()
Informational

No fix needed, will not bring problems.

Error Code

Description

Presence of unused variables

Unused variables are allowed in Solidity and they do not pose a direct security issue. It is best practice though to avoid them as they can: cause an increase in computations (and unnecessary gas consumption), indicate bugs or malformed data structures and they are generally a sign of poor code quality or cause code noise and decrease readability of the code

 pragma solidity 0.4.24;

contract ShadowingInFunctions {
    uint n = 2;
    uint x = 3;

    function test1() constant returns (uint n) {
        return n; // Will return 0
    }

    function test2() constant returns (uint n) {
        n = 1;
        return n; // Will return 1
    }

    function test3() constant returns (uint x) {
        uint n = 4;
        return n+x; // Will return 4
    }

>=;

"Test"

pragma solidity ^0.5.0;

contract DepositBox {
    mapping(address => uint) balance;

    // Accept deposit
    function deposit(uint amount) public payable {
        require(msg.value == amount, 'incorrect amount');
        // Should update user balance
        balance[msg.sender] == amount;
    }
}
} 

Recommendation

Remove all unused variables from the code base.

Update notes

No notes.
Low-Risk

Could be fixed, will not bring problems.

Error Code

Description

Outdated Compiler Version

Using an outdated compiler version can be problematic especially if there are publicly disclosed bugs and issues that affect the current compiler version.

Recommendation

It is recommended to use a recent version of the Solidity compiler.

Update notes

test
Low-Risk

Could be fixed, will not bring problems.

Error Code

Description

Calls inside a loop

Calls inside a loop might lead to a denial-of-service attack.

 Test 

Example

				
					contract CallsInLoop{

    address[] destinations;

    constructor(address[] newDestinations) public{
        destinations = newDestinations;
    }

    function bad() external{
        for (uint i=0; i < destinations.length; i++){
            destinations[i].transfer(i);
        }
    }

}
				
			

If one of the destinations has a fallback function that reverts, bad will always revert.

Recommendation

Favor pull over push strategy for external calls.

Update notes

Testttt
Low-Risk

Could be fixed, will not bring problems.

Status Resolved

Error Code

Description

Missing zero address validation

 Test 

Example

				
					contract C {

  modifier onlyAdmin {
    if (msg.sender != owner) throw;
    _;
  }

  function updateOwner(address newOwner) onlyAdmin external {
    owner = newOwner;
  }
}
				
			

Bob calls updateOwner without specifying the newOwner, so Bob loses ownership of the contract.

Recommendation

Check that the address is not zero.

Update notes

ETet
Low-Risk

Could be fixed, will not bring problems.

Status Resolved

Error Code

Description

CST-014

Test error
 code 

Recommendation

Descr
Medium-Risk

Could be fixed, will not bring problems.

Error Code

Description

Delegatecall to Untrusted Callee (Proxy)

There exists a special variant of a message call, named delegatecall which is identical to a message call apart from the fact that the code at the target address is executed in the context of the calling contract and msg.sender and msg.value do not change their values. This allows a smart contract to dynamically load code from a different address at runtime. Storage, current address and balance still refer to the calling contract.

Calling into untrusted contracts is very dangerous, as the code at the target address can change any storage values of the caller and has full control over the caller’s balance.

 Proxy Test 

Error Example

				
					pragma solidity ^0.4.24;

contract Proxy {

  address owner;

  constructor() public {
    owner = msg.sender;  
  }

  function forward(address callee, bytes _data) public {
    require(callee.delegatecall(_data));
  }

}
				
			

Recommendation

Use delegatecall with caution and make sure to never call into untrusted contracts. If the target address is derived from user input ensure to check it against a whitelist of trusted contracts.

Update notes

Testttttttt
Buy fee 2%
Sell fee 2%
Transfer fee 2%
<iframe width="100%" height="410px" frameBorder="0" scrolling="no" src="https://coinbrain.com/embed/bnb-0x2d716831d82d837c3922ad8c10fe70757b5814fe?theme=dark&padding=0&chart=1&trades=0">
Disclaimer
Latest update: Sat, 05 Nov 2022 17:03:46 +0100

This audit report has been prepared by Coinsult’s experts at the request of the client. In this audit, the results of the static analysis and the manual code review will be presented. The purpose of the audit is to see if the functions work as intended, and to identify potential security issues within the smart contract.

The information in this report should be used to understand the risks associated with the smart contract. This report can be used as a guide for the development team on how the contract could possibly be improved by remediating the issues that were identified.

Coinsult is not responsible if a project turns out to be a scam, rug-pull or honeypot. We only provide a detailed analysis for your own research.

Coinsult is not responsible for any financial losses. Nothing in this contract audit is financial advice, please do your own research.

The information provided in this audit is for informational purposes only and should not be considered investment advice. Coinsult does not endorse, recommend, support or suggest to invest in any project. 

Coinsult can not be held responsible for when a project turns out to be a rug-pull, honeypot or scam.

Share this audit report

Share on facebook
Share on twitter
Share on linkedin
Share on telegram
Share on whatsapp
Share on email