BitHotel - Smart Contract Audit Report

Summary

Xi Token Audit Report BitHotel is a creating new NFTs and a presale platform.

For this audit, we reviewed the project team's BitHotelFactory, Bithotel, PresaleBitHotel, ERC2981PerTokenRoyalties, and IERC2981Royalties contracts at commit df2d52e527ce4e711b7e311e8b738aa38f690cc8 on the team's private GitHub repository.

Notes on the Contracts:
BitHotelFactory Contract:
This contract allows the owner to create new BitHotel NFT collections at any time.
Upon creating a collection, the owner specifies a name, symbol, number of replicas which can be minted, and rarity. The collection's rarity value is stored in this contract.
The creator of the collection is set to the owner of this contract.
BitHotel Contract:
Upon construction, a name, symbol, creator, and number of replicas are specified.
The creator can mint a token at any time, as long it does not result in the supply exceeding the defined number of replicas.
The creator will specify a royalty recipient and royalty percentage for the token minted. While royalties are set upon minting, they are never distributed.
The number of replicas cannot be changed.
PresaleBitHotel Contract:
This contract is used to sell NFTs that are listed on the platform by the owner.
Upon deployment, a wallet address is specified which is used to collect payments for NFTs.
The owner can then initialize the contract, passing in a list of NFTs with specified costs which can be sold through this contract. These NFTs are transferred from the specified contracts to this contract.
The owner can add new NFTs to be sold at anytime. The owner must ensure that the NFTs added have been transferred to this contract so that they can be transferred at the time of purchase.
The owner can update the price of a listed NFT at any time.
In order for a user to purchase an NFT, they must be added by the owner to a specific NFT's whitelist tracked within this contract.
When purchasing, the user must pay the exact listed cost of the NFT in BUSD, which is transferred from the user to the wallet address.
As the contracts are implemented with Solidity 0.8.x, they are protected from overflows.
Audit Findings Summary
No external threats were identified.
Please ensure trust in the team prior to investing as they have some control in the ecosystem.
Date: November 23rd, 2021

Audit Results

Vulnerability Category	Notes	Result
Arbitrary Storage Write	N/A	PASS
Arbitrary Jump	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Deprecated Opcodes	N/A	PASS
Ether Thief	N/A	PASS
Exceptions	N/A	PASS
External Calls	N/A	PASS
Integer Over/Underflow	N/A	PASS
Multiple Sends	N/A	PASS
Suicide	N/A	PASS
State Change External Calls	N/A	PASS
Unchecked Retval	N/A	PASS
User Supplied Assertion	N/A	PASS
Critical Solidity Compiler	N/A	PASS
Overall Contract Safety		PASS

Details: BitHotelFactory Contract

ERC20 Token Graph

Multi-file Token


 ($) = payable function
 # = non-constant function
 
  +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Prv] _setOwner #

 + [Int] IERC165 
    - [Ext] supportsInterface

 + [Int] IERC721 (IERC165)
    - [Ext] balanceOf
    - [Ext] ownerOf
    - [Ext] safeTransferFrom #
    - [Ext] transferFrom #
    - [Ext] approve #
    - [Ext] getApproved
    - [Ext] setApprovalForAll #
    - [Ext] isApprovedForAll
    - [Ext] safeTransferFrom #

 + [Int] IERC721Receiver 
    - [Ext] onERC721Received #

 + [Int] IERC721Metadata (IERC721)
    - [Ext] name
    - [Ext] symbol
    - [Ext] tokenURI

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 + [Lib] Strings 
    - [Int] toString
    - [Int] toHexString
    - [Int] toHexString

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  ERC721 (Context, ERC165, IERC721, IERC721Metadata)
    - [Pub]  #
    - [Pub] supportsInterface
    - [Pub] balanceOf
    - [Pub] ownerOf
    - [Pub] name
    - [Pub] symbol
    - [Pub] tokenURI
    - [Int] _baseURI
    - [Pub] approve #
    - [Pub] getApproved
    - [Pub] setApprovalForAll #
    - [Pub] isApprovedForAll
    - [Pub] transferFrom #
    - [Pub] safeTransferFrom #
    - [Pub] safeTransferFrom #
    - [Int] _safeTransfer #
    - [Int] _exists
    - [Int] _isApprovedOrOwner
    - [Int] _safeMint #
    - [Int] _safeMint #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _transfer #
    - [Int] _approve #
    - [Prv] _checkOnERC721Received #
    - [Int] _beforeTokenTransfer #

 +  ERC721URIStorage (ERC721)
    - [Pub] tokenURI
    - [Int] _setTokenURI #
    - [Int] _burn #

 + [Int] IERC2981Royalties 
    - [Ext] royaltyInfo

 +  ERC2981PerTokenRoyalties (ERC165, IERC2981Royalties)
    - [Int] _setTokenRoyalty #
    - [Ext] royaltyInfo

 + [Lib] Counters 
    - [Int] current
    - [Int] increment #
    - [Int] decrement #
    - [Int] reset #

 +  BitHotel (ERC721URIStorage, ERC2981PerTokenRoyalties)
    - [Pub]  #
       - modifiers: ERC721
    - [Ext] mint #
       - modifiers: onlyController
    - [Pub] supportsInterface

 +  BitHotelFactory (Ownable)
    - [Pub]  #
    - [Ext] createCollection #
       - modifiers: onlyOwner
    - [Ext] getAllCollection
    - [Ext] getRarity

Details: PresaleBitHotel Contract