FLOKI - Smart Contract Audit Report
Summary
FLOKI ($FLOKI) is a new community-driven Defi token on the Ethereum Blockchain that pays out static rewards to holders.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is set to 10 trillion $FLOKI [10,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 14.39% of the total supply has been sent to the 0x...dead Address.
- 8.01% of the total $FLOKI token supply is held in a Moontography Atomic Swap Contract, which is the bridge service provider for the team's ETH-BSC Bridge. This was not reviewed as part of this audit.
- 0.75% of the total token supply is held in a Proxy Contract, which is a multi-signature team wallet.
- 0.72% of the total token supply is held in UniSwap Liquidity. Out of that liquidity, 99.33% of the LP token are stored in a Unicrypt Liquidity Locker which is locked for 265 Years.
- There is a 'Tax Fee' and a 'Liquidity Fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify the these fees to any percentage at any time.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the "tax fee" are removed from the circulating supply.
- The liquidity fee that is charged on transactions is stored in the contract address and then subsequently used to buy BNB via the "swaptokens" function which will be sent to the marketing address. The owner has the ability to update and change the marketing wallet address at any time.
- The owner has the ability to set the minimum threshold for the 'swaptokens' mechanism. At the time of deployment, this is set to 4% of the balance of the tokens in the Liquidity Pool. Depending on the volume of tokens being sold for BNB, this functionality could cause a negative price impact on the token.
- Although the swap and liquify verbiage exists in the code, there are no "automatic liquidity adds" supported by the protocol.
- The contract features a blacklist mechanism where the owner of the contract can exclude addresses from being able to participate in transfers. The owner can prevent transactions from being possible for as many holders as they would like, at any time.
- The owner of the contract can exclude and include accounts from fees and reward distribution.
- The protocol does not implement any maximum transaction amount.
- The owner has the ability to withdraw all the ETH from the contract at any time.
- Ownership has not been renounced, but is maintained in a multi-signature team wallet.
- The contract utilizes SafeMath libraries along with following the ERC20 standard.
- As the project is deployed with Solidity v0.8.4, it is protected from overflows.
- No external threats were identified.
- We recommend that the team renounces ownership.
- Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
- Further, ensure trust in the team as they have control of the BNB that is accumulated from fees.
- Date: August 8th, 2021
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Prv] _setOwner #
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ FLOKI (Context, IERC20, Ownable)
- [Pub] #
- [Ext] initContract #
- modifiers: onlyOwner
- [Ext] openTrading #
- modifiers: onlyOwner
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcludedFromReward
- [Pub] totalFees
- [Pub] deliver #
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Ext] includeInReward #
- modifiers: onlyOwner
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapTokens #
- modifiers: lockTheSwap
- [Prv] sendETHToMarketing #
- [Prv] swapTokensForEth #
- [Prv] addLiquidity #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _takeLiquidity #
- [Prv] calculateTaxFee
- [Prv] calculateLiquidityFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Pub] isExcludedFromFee
- [Pub] excludeFromFee #
- modifiers: onlyOwner
- [Pub] includeInFee #
- modifiers: onlyOwner
- [Ext] setTaxFeePercent #
- modifiers: onlyOwner
- [Ext] setLiquidityFeePercent #
- modifiers: onlyOwner
- [Ext] setMarketingAddress #
- modifiers: onlyOwner
- [Prv] transferToAddressETH #
- [Pub] isRemovedSniper
- [Ext] _removeSniper #
- modifiers: onlyOwner
- [Ext] _amnestySniper #
- modifiers: onlyOwner
- [Ext] setFeeRate #
- modifiers: onlyOwner
- [Ext] ($)
- [Ext] emergencyWithdraw #
- modifiers: onlyOwner