AK47 - Smart Contract Audit Report
Audit Summary
AK47 ($AK47) is a new BEP-20 token on the Binance Smart Chain that is an automatic liquidity providing protocol.
We reviewed the AK47 contract at 0xbCE8C8b84758284eb8197bDd7d32D8Cc7e669622 on the Binance Smart Chain mainnet.
Audit Findings
Date: February 17th, 2022.
Finding #1 - AK47 - Informational
Description: Several functions are declared public, but are never called internally.Recommendation: We recommend declaring these functions external for additional gas savings on each call.increaseAllowance, decreaseAllowance, burn, setSwapAndBuyBackEnabled, setRouter, setTeamWallet, setPauseTransfer, setMaxHoldOpen, setMaxHoldAmountFinding #2 - AK47 - Informational
Description: TheUSDTandburnWalletstate variables can never be modified, but are not declared constant.
Recommendation: These state variables can be declared constant for additional gas savings on each reference and to reduce deployment costs.
Contract Overview
Ownership Controls:
- The total supply of the token is currently 1,947 $AK47.
- Any user can burn their own tokens to reduce the total supply.
- No mint functions are accessible beyond deployment.
- At the time of writing this report, there are 440 total token holders. The token allocation is as follows:
- 49.1% of the total supply belongs to the owner.
- 17.71% of the total supply is in Pancakeswap BSC-USD liquidity.
- Of that liquidity, 78.26% of the LP tokens have been sent to the 0x..dead address.
- 6% of the total supply is in Pancakeswap NMBTC-AK47 liquidity.
- Of that liquidity, 97.9% of the LP tokens belong to the owner.
- There is a 4% Liquidity fee and 1% Team fee on all transfers where either the sender or the recipient is a contract address and is not excluded from fees.
- The Liquidity fee charged during transfers is stored in the contract address. The tokens are swapped for BSC-USD for the purpose of funding Pancakeswap liquidity when the following conditions are met:
- The automatic liquidity add functionality is enabled by the team.
- The threshold number of 2 tokens in the contract address has been reached.
- The contract is not currently performing an automatic liquidity add.
- The transfer does not involve an approved DEX.
- Liquidity-adds are automatically performed by selling the tokens collected as fees, pairing the received BSC-USD with the token, and adding it as liquidity to the pair.
- The LP tokens received through this process are sent to the 0x..dead address.
- The tokens collected from the Team fee are sent to a wallet controlled by the team.
- The contract enforces a maximum wallet amount which prevents a transfer from taking place when the following conditions are met:
- The maximum wallet amount functionality is enabled by the team.
- The recipient is not a contract address.
- The recipient is not excluded from fees.
- The recipient's token balance will exceed the limit number of 5 tokens.
- The contract utilizes the SafeMath library to prevent overflows/underflows.
- The contract complies with the BEP-20 token standard.
- Ownership has been renounced.
- The owner was previously able to modify the Liquidity fee and Team fee to any percentages at any time.
- The owner was previously able to exclude and include accounts from transfer fees.
- The owner was previously able to update the maximum wallet amount to any value at any time.
- The owner was previously able to enable/disable the maximum wallet amount at any time.
- The owner was previously able to enable/disable automatic liquidity adds at any time.
- The owner was previously able to update the threshold number of tokens needed to trigger an automatic liquidity add to any value at any time.
- The owner was previously able to withdraw any tokens from the contract at any time.
- The owner was previously able to pause transfers for all accounts that are not excluded from fees.
- The owner was previously able to update the team's Fee wallet to any address at any time.
- The owner was previously able to add any address as an approved DEX at any time.
- The owner was previously able to update the Pancakeswap Router address at any time.
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Centralization of Control | Ownership has been renounced by the team. | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Logical Issues | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritance Chart
Functions Overview
($) = payable function
# = non-constant function
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ [Int] IBEP20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] getOwner
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ Context
- [Int] #
- [Int] _msgSender
- [Int] _msgData
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _transferOwnership #
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ ForwardAccount
- [Pub] #
+ AK47 (Context, IBEP20, Ownable)
- [Pub] #
- [Int] createForwardAddress #
- [Ext] getOwner
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
- [Prv] _isContractTransaction
- [Prv] transferFee #
- [Int] swapAndBuyBack #
- [Prv] swapAndLiquify #
- modifiers: lockTheSwap
- [Prv] swapTokensForUsdt #
- [Prv] addLiquidity #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] burn #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _burnFrom #
- [Ext] recoverToken #
- modifiers: onlyOwner
- [Pub] setSwapAndBuyBackEnabled #
- modifiers: onlyOwner
- [Ext] setNumTokensSellToAddToBuyBack #
- modifiers: onlyOwner
- [Ext] setExcludedFromFee #
- modifiers: onlyOwner
- [Pub] setRouter #
- modifiers: onlyOwner
- [Ext] setIsPair #
- modifiers: onlyOwner
- [Pub] setTeamWallet #
- modifiers: onlyOwner
- [Ext] setFeeRate #
- modifiers: onlyOwner
- [Pub] setPauseTransfer #
- modifiers: onlyOwner
- [Pub] setMaxHoldOpen #
- modifiers: onlyOwner
- [Pub] setMaxHoldAmount #
- modifiers: onlyOwner