Djin - Smart Contract Audit Report

Summary

Djin is a new blockchain-based game where users own and collect unique NFTs.

For this audit, we reviewed the project's DJX token contract and DJY game contract. The contracts were reviewed using code provided to us by the team.

  • The DJX token is the ERC20 token of the platform.
  • The token has an initial total supply of 1,000,000.
  • The 'Platform Address', which is the DJY contract has the ability to mint tokens at any time, burn tokens from any address, and move tokens in and out of the staked supply.
  • Users can stake their DJX tokens via the DJY contract.
  • The DJY contract holds the logic of the NFT-based game.
  • Users can contribute DJX tokens via a summon function in order to generate pseudo-random NFTs.
  • Each NFT has a variables associated with it which can coorelate to their rarity.
  • Users can also burn their Djin NFTs.
  • Ultimately, the goal of the game is to collect unique NFTs.
  • The team has the ability to change the DJX token address at any time.
  • The randomness function, to an extent, relies on predictable environment variables. This is common, albiet not best practice; but the probability of miners maliciously changing these variables is extremley low.
  • Some functions could be declared extenral instead of public to save a small amount of gas on each call.
  • SafeMath is used to prevent overflows.

    • Audit Findings Summary:
    • No security issues from external attackers were identified.
    • Ensure trust in the team as they have substantial control in the ecosystem.
    • Date: May 11th, 2021

External Threats - Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesRandomness relies on a series of environmental variables.
Probability of a negative impact is very low.		WARNING
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS


Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview


 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] addPlatformAddress #
       - modifiers: onlyOwner
    - [Pub] removePlatformAddress #
       - modifiers: onlyOwner

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] circulatingSupply
    - [Ext] stakedSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IERC20Metadata (IERC20)
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals

 +  DJX (Context, IERC20, IERC20Metadata, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] totalCalcSupply
    - [Pub] circulatingSupply
    - [Pub] stakedSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _approve #
    - [Int] _beforeTokenTransfer #
    - [Int] mint #
    - [Int] _mint #
    - [Pub] printer #
       - modifiers: onlyPlatform
    - [Pub] burnY4X #
       - modifiers: onlyPlatform
    - [Pub] addStake #
       - modifiers: onlyPlatform
    - [Pub] setName #
       - modifiers: onlyPlatform
    - [Int] burn #
    - [Pub] burnFrom #
       - modifiers: onlyPlatform
    - [Int] _burn #
    - [Pub] burner #
       - modifiers: onlyPlatform
    - [Pub] burnX4Y #
       - modifiers: onlyPlatform


Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview



 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 +  Context 
    - [Int]  #
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] SafeMaths 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] addPlatformAddress #
       - modifiers: onlyOwner
    - [Pub] removePlatformAddress #
       - modifiers: onlyOwner

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] burnY4X #
    - [Ext] burnX4Y #
    - [Ext] printer #
    - [Ext] addStake #
    - [Ext] setName #
    - [Ext] getDJXBalance
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IERC165 
    - [Ext] supportsInterface

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 + [Int] IERC721 (IERC165)
    - [Ext] balanceOf
    - [Ext] ownerOf
    - [Ext] safeTransferFrom #
    - [Ext] transferFrom #
    - [Ext] approve #
    - [Ext] getApproved
    - [Ext] setApprovalForAll #
    - [Ext] isApprovedForAll
    - [Ext] safeTransferFrom #

 + [Int] IERC721Metadata (IERC721)
    - [Ext] name
    - [Ext] symbol
    - [Ext] tokenURI

 + [Int] IERC721Receiver 
    - [Ext] onERC721Received #

 + [Int] IERC721Enumerable (IERC721)

 + [Lib] Address 
    - [Int] isContract
    - [Int] toPayable
    - [Int] sendValue #

 + [Lib] Strings 
    - [Int] toString
    - [Int] toHexString
    - [Int] toHexString

 +  ERC721 (Context, ERC165, IERC721, IERC721Metadata)
    - [Pub]  #
    - [Pub] supportsInterface
    - [Pub] balanceOf
    - [Pub] ownerOf
    - [Pub] name
    - [Pub] symbol
    - [Pub] tokenURI
    - [Int] _baseURI
    - [Pub] approve #
    - [Pub] getApproved
    - [Pub] setApprovalForAll #
    - [Pub] isApprovedForAll
    - [Pub] transferFrom #
    - [Pub] safeTransferFrom #
    - [Pub] safeTransferFrom #
    - [Int] _safeTransfer #
    - [Pub] _exists
    - [Int] _isApprovedOrOwner
    - [Int] _safeMint #
    - [Int] _safeMint #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _transfer #
    - [Int] _approve #
    - [Prv] _checkOnERC721Received #
    - [Int] _beforeTokenTransfer #

 +  DJY (Ownable, ERC165, IERC721, ERC721, IERC721Receiver)
    - [Pub]  #
       - modifiers: Ownable,ERC721
    - [Pub] tokenOfOwnerByIndex
    - [Pub] tokenByIndex
    - [Int] _beforeTokenTransfer #
    - [Prv] _addTokenToOwnerEnumeration #
    - [Prv] _addTokenToAllTokensEnumeration #
    - [Prv] _removeTokenFromOwnerEnumeration #
    - [Prv] _removeTokenFromAllTokensEnumeration #
    - [Pub] UpdateDjinOwnership #
    - [Int] _transfer #
    - [Pub] supportsInterface
    - [Pub] onERC721Received #
    - [Pub] setDJXAddress #
       - modifiers: onlyPlatform
    - [Int] uint2str
    - [Int] length
    - [Pub] setBasePercentage #
       - modifiers: onlyPlatform
    - [Pub] getDJXBalance
    - [Pub] getBasePercentage
    - [Int] _setTokenStakebyID #
    - [Pub] setTokenStakebyID #
       - modifiers: onlyOwner
    - [Pub] setNamebyID #
       - modifiers: onlyOwner
    - [Pub] setAddStakeStatus #
       - modifiers: onlyOwner
    - [Pub] getDjinStakebyID
    - [Pub] getDjinBloodline
    - [Pub] totalStakes
    - [Pub] allTokenslength
    - [Pub] totalSupply
    - [Pub] djinBloodLine
    - [Pub] summonDjin #
    - [Pub] banishDjin #
    - [Pub] conjure
    - [Pub] addStake #
       - modifiers: enableAddStake
    - [Pub] mulScale
    - [Pub] calculateReward
    - [Pub] getReward
    - [Pub] withdrawReward #