DoRac - Smart Contract Audit Report

Summary

DoRac Audit Report DoRac ($DORC) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.

We reviewed the DoRac contract that is deployed at 0xa5D897A847eEb6f8c82273C3c4E5e6915eeB0C75 on the Binance Smartchain mainnet.

Notes on the Contract:
  • The total supply of the token is set to 1.5 billion $DORC [1,500,000,000].
  • No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
  • At the time of writing this report, 100% of the total supply belongs to the owner as the contract was recently deployed.

  • There is a tax fee, liquidity fee, burn fee, and marketing fee on all transactions for any "non-excluded" address that participates in a transfer. A separate fee structure can be set by the team to apply different fee amounts depending on whether the user is buying or selling during the transfer.
  • Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
  • The tokens collected from the liquidity fee during transfers are stored in the contract address balance. Once the threshold value of tokens (determinded by the owner) is met, a swap will occur for the purpose of funding Pancakeswap liquidity.
  • Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshold number of tokens is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
  • The recipient of the newly created LP tokens is the owner. We recommend that the team locks these newly acquired LP tokens.
  • The tokens collected from the burn fee are sent to the 0x..dead address.
  • The tokens collected from the marketing fee are swapped for BNB and sent to the team's marketing wallet.
  • The contract features a blacklist mechanism which prevent's accounts specified by the owner from being able to participate in any transfers.
  • The contract features a maximum wallet limit which ensures that a user's token balance does not exceed a certain amount of tokens (specified by the owner) after a buying transaction.
  • As the contract is implemented with Solidity v0.8.x, it is protected from overflows.

  • Ownership Controls:
  • Ownership has not been renounced.
  • The owner can modify the tax fee, liquidity fee, burn fee, and marketing fee for both fee structures to any percentages at any time.
  • The owner can exclude and include accounts from transfer fees and reward distribution.
  • The owner can set and update a maximum transaction amount at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction.
  • The owner can update the maximum wallet limit to any value at any time.
  • The owner can enable/disable automatic liquidity adds at any time.
  • The owner can update the minimum threshold amount needed to trigger automatic liquidity adds.
  • The owner can withdraw any BNB or BEP20 tokens from the contract address at any time.
  • The owner can manually add/remove accounts from the blacklist mechanism.
  • The owner can update the team's marketing wallet to any address at any time.
  • The owner can update the Pancakeswap Router address at any time.
Audit Findings Summary
  • No external threats were identified.
  • Please ensure trust in the team prior to investing as they have substantial control in the ecosystem and currently own 100% of the total supply.
  • Date: November 22nd, 2021

Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Function Graph

ERC20 Token Graph


Inheritence Chart

Multi-file Token


Functions Overview


 ($) = payable function
 # = non-constant function
 
 + [Int] IUniswapV2Router01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IUniswapV2Router02 (IUniswapV2Router01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Prv] _setOwner #

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 +  DorcToken (Context, IERC20, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcludedFromReward
    - [Pub] totalFees
    - [Pub] deliver #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Pub] excludeFromReward #
       - modifiers: onlyOwner
    - [Ext] includeInReward #
       - modifiers: onlyOwner
    - [Ext]  ($)
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _takeLiquidity #
    - [Prv] _takeMarketingAndBurn #
    - [Prv] calculateTaxFee
    - [Prv] calculateLiquidityFee
    - [Prv] calculateBurnFee
    - [Prv] calculateMarketingFee
    - [Prv] restoreAllFee #
    - [Prv] setBuyFee #
    - [Prv] setSellFee #
    - [Pub] isExcludedFromFee
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] swapAndLiquify #
       - modifiers: lockTheSwap
    - [Prv] swapTokensForEth #
    - [Prv] addLiquidity #
    - [Prv] _tokenTransfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Prv] _transferBothExcluded #
    - [Pub] excludeFromFee #
       - modifiers: onlyOwner
    - [Pub] includeInFee #
       - modifiers: onlyOwner
    - [Ext] setMarketingWallet #
       - modifiers: onlyOwner
    - [Ext] setBuyFees #
       - modifiers: onlyOwner
    - [Ext] setSellFees #
       - modifiers: onlyOwner
    - [Pub] setRouterAddress #
       - modifiers: onlyOwner
    - [Pub] setSwapAndLiquifyEnabled #
       - modifiers: onlyOwner
    - [Ext] setSwapTokens #
       - modifiers: onlyOwner
    - [Ext] setWhaleLimit #
       - modifiers: onlyOwner
    - [Ext] setTransferLimit #
       - modifiers: onlyOwner
    - [Ext] blacklistAddress #
       - modifiers: onlyOwner
    - [Ext] claimStuckTokens #
       - modifiers: onlyOwner