DogeArmy - Audit Report
Summary
DogeArmy is a new protocol that allows users to purchase NFTs.
For this audit, we reviewed the DogeArmy contract using code that was provided to us by the team.
Notes on the Contract:Ownership Controls:
- The maximum supply is set to 10,000 DogeArmy NFTs.
- Any user can mint up to 20 DogeArmy NFTs per transaction in exchange for ETH. The standard price per NFT can be modified by the owner at any time.
- The owner can enable a Presale mode in the contract which allows users to purchase each NFT for 0.1 ether. A user must own a minimum token balance (determined by the owner) of $SHIBDOGE in order for a purchase to successfully occur. A user cannot purchase more than 10 NFTs total during Presale mode.
- Users must exercise caution as to enter the exact amount of ETH required for purchasing their desired amount of NFTs. Any excess ETH will be accepted and sent directly to the project team.
- As the contract is implemented with Solidity v0.8.11, it is protected from overflows/underflows.
Audit Findings Summary
- The owner can modify the standard price per NFT to any value at any time.
- The owner can modify the minimum amount of $SHIBDOGE tokens a user must hold in order to purchase NFTs in Presale mode.
- The owner can enable/disable both Presale mode and Standard mode of the contract at any time. If both modes are disabled, all purchasing is essentially paused.
- The owner can mint up to 100 NFTs total (10 per transaction) to any address at any time at no cost.
- The owner can withdraw all of the ETH from the contract address at any time.
- The owner can update the BaseURI of any NFT that has not been frozen by the owner. Once an NFT has been frozen by the owner it cannot be un-frozen.
- No external threats were identified.
- Users must exercise caution as to enter the exact amount of ETH required for purchasing their desired amount of NFTs. Any excess ETH will be accepted and sent directly to the project team.
- Please ensure trust in the team as they will receive the ETH from NFT purchases.
- Date: January 10th, 2022
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Centralization of Control | PASS | |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _transferOwnership #
+ [Int] IERC165
- [Ext] supportsInterface
+ [Int] IERC721 (IERC165)
- [Ext] balanceOf
- [Ext] ownerOf
- [Ext] safeTransferFrom #
- [Ext] transferFrom #
- [Ext] approve #
- [Ext] getApproved
- [Ext] setApprovalForAll #
- [Ext] isApprovedForAll
- [Ext] safeTransferFrom #
+ [Int] IERC721Receiver
- [Ext] onERC721Received #
+ [Int] IERC721Metadata (IERC721)
- [Ext] name
- [Ext] symbol
- [Ext] tokenURI
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Int] verifyCallResult
+ [Lib] Strings
- [Int] toString
- [Int] toHexString
- [Int] toHexString
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ ERC721 (Context, ERC165, IERC721, IERC721Metadata)
- [Pub] #
- [Pub] supportsInterface
- [Pub] balanceOf
- [Pub] ownerOf
- [Pub] name
- [Pub] symbol
- [Pub] tokenURI
- [Int] _baseURI
- [Pub] approve #
- [Pub] getApproved
- [Pub] setApprovalForAll #
- [Pub] isApprovedForAll
- [Pub] transferFrom #
- [Pub] safeTransferFrom #
- [Pub] safeTransferFrom #
- [Int] _safeTransfer #
- [Int] _exists
- [Int] _isApprovedOrOwner
- [Int] _safeMint #
- [Int] _safeMint #
- [Int] _mint #
- [Int] _burn #
- [Int] _transfer #
- [Int] _approve #
- [Int] _setApprovalForAll #
- [Prv] _checkOnERC721Received #
- [Int] _beforeTokenTransfer #
- [Int] _afterTokenTransfer #
+ [Int] ERC20
- [Ext] balanceOf
+ DogeArmy (ERC721, Ownable)
- [Pub] #
- modifiers: ERC721
- [Pub] mint ($)
- [Pub] mintPresale ($)
- [Ext] reserve #
- modifiers: onlyOwner
- [Ext] setMinTokenThreshold #
- modifiers: onlyOwner
- [Ext] setPublicPrice #
- modifiers: onlyOwner
- [Ext] togglePreSale #
- modifiers: onlyOwner
- [Ext] togglePublicSale #
- modifiers: onlyOwner
- [Ext] freezeURI #
- modifiers: onlyOwner
- [Ext] withdraw #
- modifiers: onlyOwner
- [Ext] reveal #
- modifiers: onlyOwner
- [Ext] setUnrevealedURI #
- modifiers: onlyOwner
- [Ext] setBaseURI #
- modifiers: onlyOwner
- [Pub] tokenURI
- [Int] _baseURI