BSheep - Smart Contract Audit Report

Summary

BSheep Audit Report BSheep ($BSHEEP) is a new token contract on the Binance Smart Chain that contains the functionality of frictionless fee redistribution, liquidity adds, BNB rewards, and a lottery system.

We audited BSheep's token contract contract at 0xeb4bd7cac8c58073d9301a5fb06c15c02ccf7d9f on the Binance Smart Chain mainnet.

Overview of the Contract:
  • The total supply of the token is initially set to one quadrillion [1,000,000,000,000,000] $BSHEEP.
  • There are not any mint or burn functions present; though the circulating supply can be reduced by transferring tokens to the burn address, if desired.
  • At the time of writing this report, 100% of the total supply is in possession of the owner as the project was recently deployed.

  • There is a 'tax fee' and 'liquidity fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify these fees to any percentage at any time.
  • A portion of the tax fee is redistributed to existing token holders instantly and automatically at the time of each transaction.
  • The liquidity fee charged on transactions is stored in the contract and, once a threshold value is met, used to fund Pancakeswap liqudity. This functionality can be enabled/disabled by the owner.
  • Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshhold as determined by the owner is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
  • The recipient of the newly created LP tokens is the Owner of the contract.
  • A final portion of the fees charged on transfers is used to fund BNB rewards, which will be claimable by token holders. This is also used to fund a lottery system, allowing users to win extra rewards on a psuedo-random basis.

  • The owner of the contract can exclude and include accounts from transfer fees and reward distribution.
  • The owner has the ability to set and update a maximum transaction percent at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction.
  • The owner has the ability to exclude and include addresses from this maximum transaction amount.
  • The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function. Ownership can additionally be restored (even if ownership was previously renounced), by using the unlock function a second time.
  • Ownership has not been renounced.
  • The randomness function, to an extent, relies on predictable environment variables. This is common, albiet not best practice; but the probability of miners maliciously changing these variables is extremley low.
  • Some functions could have been declared external instead of public to save some gas.
  • BNB claiming logic is properly structured to prevent reentrancy attacks.
  • The contract utilizes SafeMath libraries to prevent overflows along with following the BEP20 standard.

Audit Findings Summary
  • No security threats were identified.
  • We strongly recommend that the team renounces ownership after a successful launch.
  • Please ensure trust in the team prior to investing as they have substantial control within the ecosystem.
  • Date: June 27th, 2021

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesRandomness relies on a series of environmental variables.
Probability of a negative impact is very low.
WARNING
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

BEP20 Token Graph

Multi-file Token

												
($) = payable function
 # = non-constant function

 + [Int] IBEP20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] geUnlockTime
    - [Pub] lock #
       - modifiers: onlyOwner
    - [Pub] unlock #

 + [Int] IPancakeFactory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IPancakePair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] mint #
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Int] IPancakeRouter01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IPancakeRouter02 (IPancakeRouter01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 + [Lib] Utils 
    - [Prv] random
    - [Prv] isLotteryWon
    - [Pub] calculateBNBReward
    - [Pub] calculateTopUpClaim #
    - [Pub] swapTokensForEth #
    - [Pub] swapETHForTokens #
    - [Pub] addLiquidity #

 +  ReentrancyGuard 
    - [Pub]  #

 +  BSheep (Context, IBEP20, Ownable, ReentrancyGuard)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcludedFromReward
    - [Pub] totalFees
    - [Pub] deliver #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Pub] excludeFromReward #
       - modifiers: onlyOwner
    - [Ext] includeInReward #
       - modifiers: onlyOwner
    - [Prv] _transferBothExcluded #
    - [Pub] excludeFromFee #
       - modifiers: onlyOwner
    - [Pub] includeInFee #
       - modifiers: onlyOwner
    - [Ext] setTaxFeePercent #
       - modifiers: onlyOwner
    - [Ext] setLiquidityFeePercent #
       - modifiers: onlyOwner
    - [Pub] setSwapAndLiquifyEnabled #
       - modifiers: onlyOwner
    - [Ext]  ($)
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _takeLiquidity #
    - [Prv] calculateTaxFee
    - [Prv] calculateLiquidityFee
    - [Prv] removeAllFee #
    - [Prv] restoreAllFee #
    - [Pub] isExcludedFromFee
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] _tokenTransfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Pub] setMaxTxPercent #
       - modifiers: onlyOwner
    - [Pub] setExcludeFromMaxTx #
       - modifiers: onlyOwner
    - [Pub] calculateBNBReward
    - [Pub] getRewardCycleBlock
    - [Pub] claimBNBReward #
       - modifiers: isHuman,nonReentrant
    - [Prv] topUpClaimCycleAfterTransfer #
    - [Prv] ensureMaxTxAmount #
    - [Pub] disruptiveTransfer ($)
    - [Prv] swapAndLiquify #
    - [Pub] activateContract #
       - modifiers: onlyOwner