BeastDoge - Smart Contract Audit Report

Summary

BeastDoge Audit Report BeastDoge is a new DeFi token on the Binance Smart Chain that provides automatic liquidity adds, utilizes automatic token buyback and burns, and pays holders dividends in the form of BNB rewards.

For this audit report, we reviewed the BeastDoge token Contract at 0x957DdE7c9867deE3c18Ea59F251Ec8b151634532 on the Binance Smart Chain Mainnet.

Overview of the Contract:
  • The initial total supply of the token upon deployment is set to one quadrillion [1,000,000,000,000,000] $TBDT.
  • No minting or burn functions are present beyond deployment; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
  • As the token has recently been deployed, there is not a token allocation for our team to comment on as part of this audit.

  • There is a "Marketing Fee", "Fundraising Fee", "Liquidity Fee", "Buyback and Burn Fee", and "BNB Rewards Fee" on all transfers (given that the transferring address is not excluded from fees). The owner has the ability to set the fee percentages to any amount at any time.
  • The fees charged on transactions are stored in the contract and, once a threshold value of $TBDT (determined by the owner) is met, the tokens collected from fees are distributed proportionally for the purpose of the various fees.
  • The 'Marketing', 'Fundraising', and 'Buyback and Burn' Fee tokens are swapped for BNB. A portion of the BNB is sent to the "marketing" and "fundraising" wallets which are controlled by the team.
  • The remaining portion of BNB that was funded from the "Buyback and Burn" Fee is stored in the contract address and a percentage (determined by the owner) is used to buy $TBDT tokens which are immediately transferred to the 0x..Dead address.
  • The Liquidity Fee tokens are used to automatically provide liquidity.
  • Pancakeswap liquidity is automatically added by selling half of the tokens collected as liquidity fees, pairing the received BNB with the token, and adding it as liquidity to the Pancakeswap pair.
  • The owner of the contract receives the LP tokens that are created through this process. We recommend that the owner implements a system to lock these LP tokens, or renounce ownership so the recipient becomes the zero address.
  • The portion of tokens collected from the 'BNB Reward' Fee are swapped for BNB and applied toward funding the BNB dividend rewards for those who are eligible.

  • A user must hold 1,000,000,000 $TBDT tokens to be eligible for dividends. Which is 0.0001% of the initial token supply.
  • Once dividends are distributed, they will need to be claimed; claiming happens automatically on each transfer.
  • Dividend rewards can also be claimed manually by kicking off the claim cycle, which will process all eligible token holders.
  • Alternatively, a user can manually claim dividends as an individual.
  • There is a wait-time of 3600 seconds (1 hour) between claiming dividend rewards.
  • Claimed dividends are sent to the user's wallet address.

  • Some gas optimizations can be achieved through marking functions external instead of public. There are also some public variables that could be declared constant. This is merely informational as the contract has already been deployed.
  • The contract utilizes the SafeMath library to prevent overflows along with following the ERC20 standard.

  • Ownership Controls:
  • The owner has the ability to renounce ownership of their role by transferring it to the zero address. Ownership has not been renounced.
  • The owner is able to update the various transfer fee percentages to any amount at any time.
  • The owner is able to exclude addresses from fees at any time.
  • The owner is able to set and update the "maximum transaction amount" which will impose a limit to the number of tokens that can be transferred during a transaction.
  • The owner is able to toggle the automatic swapping features of the contract. When disabled, the fees would continue to accumulate in the contract address and no dividends would be distributed, nor would liquidity be added.
  • The owner is able to update the minimum token threshold for swapping tokens in the contract balance.
  • The owner is able to update the minimum token threshold of BNB that must be held in the contract address to trigger a token buyback and burn.
  • The owner is able to manually activate a token buyback and burn (for a specified amount of BNB) by using the "Feed the Beast" function.
  • The owner is able to enable and disable the buyback functionality.
  • The owner is able to update the "buyback block period" which establishes a cooldown for the buyback functionality.
  • The owner is able to update the percentage of BNB within the contract balance that will be applied to buybacks.
  • The owner is able to exclude any address from dividends at any time.
  • The owner is able to update the Dividend Tracker and UniswapV2Router contract addresses at any time.
  • The owner is able to set a new 'automated market maker pair' at any time.
  • The owner is able to update the addresses for the 'Marketing' and 'Fundraising' wallets at any time.
  • The owner is able to update the maximum amount of gas used for processing to a value between 200,000 and 900,000 at any time.
  • The owner is able to update the amount of time a user must wait between claiming dividends to a value between 1 and 24 hours (in seconds).

Audit Findings Summary
  • No external security threats were identified during our analysis.
  • We recommend that the team renounces ownership after a successful launch.
  • Please ensure trust in the team as they have substantial control in the ecosystem.
  • Date: September 16th, 2021

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

BEP20 Token Graph

Multi-file Token

												
($) = payable function
 # = non-constant function

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] mint #
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Int] IUniswapV2Router01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IUniswapV2Router02 (IUniswapV2Router01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 + [Lib] IterableMapping 
    - [Pub] get
    - [Pub] getIndexOfKey
    - [Pub] getKeyAtIndex
    - [Pub] size
    - [Pub] set #
    - [Pub] remove #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] SafeMathInt 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] abs
    - [Int] toUint256Safe

 + [Lib] SafeMathUint 
    - [Int] toInt256Safe

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IERC20Metadata (IERC20)
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals

 +  ERC20 (Context, IERC20, IERC20Metadata)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _beforeTokenTransfer #

 + [Int] DividendPayingTokenInterface 
    - [Ext] dividendOf
    - [Ext] distributeDividends ($)
    - [Ext] withdrawDividend #

 + [Int] DividendPayingTokenOptionalInterface 
    - [Ext] withdrawableDividendOf
    - [Ext] withdrawnDividendOf
    - [Ext] accumulativeDividendOf

 +  DividendPayingToken (ERC20, DividendPayingTokenInterface, DividendPayingTokenOptionalInterface)
    - [Pub]  #
       - modifiers: ERC20
    - [Ext]  ($)
    - [Pub] distributeDividends ($)
    - [Pub] withdrawDividend #
    - [Int] _withdrawDividendOfUser #
    - [Pub] dividendOf
    - [Pub] withdrawableDividendOf
    - [Pub] withdrawnDividendOf
    - [Pub] accumulativeDividendOf
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _setBalance #

 +  BeastDogeToken (ERC20, Ownable)
    - [Pub]  #
       - modifiers: ERC20
    - [Ext]  ($)
    - [Pub] updateDividendTracker #
       - modifiers: onlyOwner
    - [Pub] updateUniswapV2Router #
       - modifiers: onlyOwner
    - [Pub] excludeFromFees #
       - modifiers: onlyOwner
    - [Pub] excludeMultipleAccountsFromFees #
       - modifiers: onlyOwner
    - [Ext] setSwapTokensAtAmount #
       - modifiers: onlyOwner
    - [Pub] buyBackUpperLimitAmount
    - [Pub] buyBackPercentage
    - [Ext] setBuybackBlockPeriod #
       - modifiers: onlyOwner
    - [Pub] setBuyBackEnabled #
       - modifiers: onlyOwner
    - [Ext] setBuybackPercentage #
       - modifiers: onlyOwner
    - [Ext] setBuyBackUpperLimit #
       - modifiers: onlyOwner
    - [Ext] setMaxTransactionAmount #
       - modifiers: onlyOwner
    - [Ext] setMarketingWallet #
       - modifiers: onlyOwner
    - [Ext] setFundraisingWallet #
       - modifiers: onlyOwner
    - [Ext] setBNBRewardsFee #
       - modifiers: onlyOwner
    - [Ext] setLiquidityFee #
       - modifiers: onlyOwner
    - [Ext] setMarketingFee #
       - modifiers: onlyOwner
    - [Ext] setfundraisingFee #
       - modifiers: onlyOwner
    - [Ext] setBuyBackAndBurnFee #
       - modifiers: onlyOwner
    - [Pub] setAutomatedMarketMakerPair #
       - modifiers: onlyOwner
    - [Prv] _setAutomatedMarketMakerPair #
    - [Pub] updateGasForProcessing #
       - modifiers: onlyOwner
    - [Ext] updateClaimWait #
       - modifiers: onlyOwner
    - [Ext] getClaimWait
    - [Ext] getTotalDividendsDistributed
    - [Pub] isExcludedFromFees
    - [Pub] withdrawableDividendOf
    - [Pub] dividendTokenBalanceOf
    - [Ext] excludeFromDividends #
       - modifiers: onlyOwner
    - [Ext] getAccountDividendsInfo
    - [Ext] getAccountDividendsInfoAtIndex
    - [Ext] processDividendTracker #
    - [Ext] claim #
    - [Ext] getLastProcessedIndex
    - [Ext] getNumberOfDividendTokenHolders
    - [Ext] setTradingIsEnabled #
       - modifiers: onlyOwner
    - [Int] _transfer #
    - [Prv] buyBackTokens #
       - modifiers: lockTheSwap
    - [Ext] FeedTheBeast #
       - modifiers: onlyOwner
    - [Prv] swapETHForTokens #
    - [Prv] swapAndSendToFeeAddress #
       - modifiers: lockTheSwap
    - [Prv] swapAndSendBNB #
       - modifiers: lockTheSwap
    - [Prv] swapAndLiquify #
       - modifiers: lockTheSwap
    - [Prv] swapTokensForEth #
    - [Prv] addLiquidity #
    - [Prv] swapAndSendDividends #
       - modifiers: lockTheSwap

 +  TBDTDividendTracker (Ownable, DividendPayingToken)
    - [Pub]  #
       - modifiers: DividendPayingToken
    - [Int] _transfer #
    - [Pub] withdrawDividend #
    - [Ext] excludeFromDividends #
       - modifiers: onlyOwner
    - [Ext] updateClaimWait #
       - modifiers: onlyOwner
    - [Ext] getLastProcessedIndex
    - [Ext] getNumberOfTokenHolders
    - [Pub] getAccount
    - [Pub] getAccountAtIndex
    - [Prv] canAutoClaim
    - [Ext] setBalance #
       - modifiers: onlyOwner
    - [Pub] process #
    - [Pub] processAccount #
       - modifiers: onlyOwner