CryptoCart V2 - Smart Contract Audit Report
CryptoCart V2 ($CCv2) is a new community-driven DeFi token on the Ethereum Blockchain.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 1 million $CCv2 [1,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 100% of the total supply belongs to the owner as the project was recently deployed.
- There is a 2% vault fee charged on transfers when the user is selling tokens via Uniswap.
- The tokens collected through the vault fee are sent to the vault address controlled by the team.
- The calculation of the vault fee performs a multiplication on the result of a division, leading to less accurate results. It is advisable to always perform all multiplications prior to division. This line can be viewed here.
- The contract could potentially lock ETH as it contains a payable function, but lacks a withdrawal function. We would recommend removing this payable function altogether, however as this contract is already deployed, this is merely informational.
- The contract utilizes an Editor role.
- The owner or Editor of the contract can exclude accounts from the vault fee.
- The contract complies with the ERC20 token standard.
- Some gas optimizations can be achieved through declaring functions external instead of public and some variables constant. As this contract is already deployed, this is merely informational.
- As the contract is deployed with Solidity v0.8.x, it is protected from overflows.
- No external threats were identified.
- Please ensure trust in the team as they are in control of 100% of the total supply and collect tokens from fees.
- Date: November 8th, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + Ownable (Context) - [Pub]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner + Editor (Context) - [Pub] # - [Pub] editors - [Pub] transferEditorRole # - modifiers: onlyEditor + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + ERC20 (Context, IERC20) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Int] _transfer # - [Int] _mint # - [Int] _approve # - [Int] _setupDecimals # - [Int] _beforeTokenTransfer # + [Int] IUniswapV2Factory - [Ext] createPair # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidityETH ($) + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] mul - [Int] div - [Int] mod - [Int] sub - [Int] div - [Int] mod + CryptoCartV2 (ERC20, Ownable, Editor) - [Pub] # - modifiers: ERC20 - [Ext] ($) - [Prv] _setAutomatedMarketMakerPair # - [Pub] excludeFromFees # - modifiers: OwnerOrEditor - [Int] _transfer #