CumRocket Farm Token & Staking Contracts - Smart Contract Audit Report

Summary

Cummies Finance Audit Report CumRocket is building an NFT marketplace on the Binance Smart Chain.

For this audit, we reviewed the project's upcoming farm contract at 0xfdcf8223691a619ad7398d05158bc751b6bf7fb9 on the Binance Smart Chain mainnet.

Notes on the Contract:
  • Users can stake CUMMIES/BNB LP tokens from Pancakeswap in order to earn rewards in CumRocket's CUMMIES token.
  • There is a fee associated with making a deposit to the contract, set by the team for each staked asset.
  • There is no fee associated with making a withdraw from the contract.
  • Users can claim their pending rewards at any time. In addition, if a user has pending rewards and stakes additional tokens, their rewards will be claimed automatically.
  • In case of an error or missing rewards, users can use an emergency withdraw function to recover their staked funds.
  • The team has the ability to add other assets for staking, and other tokens to be used for rewards.
  • The team also has the ability to recover any ERC20 tokens which are not staked.
  • The team can withdraw the rewards from the contract at any time.
  • The percPrecision variable could have be constant to save gas both on deployment and each reference.
  • Utilization of SafeMath and SafeERC20 to prevent overflows and ensure safe token transfers.
Audit Findings Summary:
  • No security issues from outside attackers were identified.
  • Ensure trust in the team as they have some control in the ecosystem.
  • Date: June 17th, 2021.
  • Update June 23rd, 2021 - The contract is now deployed to 0xD31E1eD22d862a191008f8585026D7376758A999

Audit Results

Vulnerability Category Notes Result
Arbitrary Storage Write N/A PASS
Arbitrary Jump N/A PASS
Delegate Call to Untrusted Contract N/A PASS
Dependence on Predictable Variables N/A PASS
Deprecated Opcodes N/A PASS
Ether Thief N/A PASS
Exceptions N/A PASS
External Calls N/A PASS
Integer Over/Underflow N/A PASS
Multiple Sends N/A PASS
Suicide N/A PASS
State Change External Calls N/A Pass
Unchecked Retval N/A PASS
User Supplied Assertion N/A PASS
Critical Solidity Compiler N/A PASS
Overall Contract Safety   PASS

Smart Contract Graph

Contract Inheritance


 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] callOptionalReturn #

 +  Context 
    - [Int]  #
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #
    - [Pub] getUnlockTime
    - [Pub] lock #
       - modifiers: onlyOwner
    - [Pub] unlock #

 +  CumFarm (Ownable)
    - [Pub]  #
    - [Ext] getContractStakingBalance
    - [Ext] balanceOf
    - [Ext] getContractRewardBalance
    - [Prv] updateUserRewardBlock #
    - [Pub] getUserCurrentRewards
    - [Ext] updateStakingToken #
       - modifiers: onlyOwner
    - [Ext] addRewardToken #
       - modifiers: onlyOwner
    - [Ext] updateRewardToken #
       - modifiers: onlyOwner
    - [Prv] setHolderStrength #
    - [Ext] calculateHolderStrength
    - [Ext] getHolderStrength
    - [Ext] getTotalStrength
    - [Pub] getHolderPercentage
    - [Ext] stake #
    - [Pub] withdraw #
    - [Pub] withdrawAllRewards #
    - [Int] updateContractRewardBalance #
    - [Pub] withdrawReward #
    - [Ext] emergencyExit #
    - [Prv] getRewardsAmount
    - [Int] updateRewards #
    - [Int] updateUsersReward #
    - [Ext] recoverERC20 #
       - modifiers: onlyOwner
    - [Ext] emergencyRewardTokensWithdrawal #
       - modifiers: onlyOwner
    - [Ext] refreshRewards #
       - modifiers: onlyOwner