| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
FesBNB - Smart Contract Audit Report
Summary
FesBNB is a new community-driven DeFi token on the Binance Smart Chain that provides automatic liquidity adds and pays holders dividends in BNB.
Overview of the Contract:Audit Findings Summary
- The total supply of the token is set to 100 million $FesBNB [100,000,000].
- No mint or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 41.75% of the total supply is held in the FesBNB Staking Contract. This contract was out of scope for the purpose of this audit.
- 3.05% of the total supply has been sent to the Burn address.
- The next two holders own a cumulative 5% of the total supply.
- 29.2% of the total supply is in Pancakeswap liquidity.
- Of that liquidity, 96.26% of the LP tokens are stored in an ERC1967Proxy contract.
- 3.57% of the LP tokens have been sent to the Burn address.
- There is a "Marketing Fee", "Liquidity Fee", "Rewards Fee", "Buyback fee", "Development fee", "Staking fee", "Burn fee", and an "NFT holder fee" for any "non-excluded" address that participates in a transfer. Fees are increased when selling to Pancakeswap based on the current "sell penalty" of the contract.
- The fees charged on transactions are stored in the contract address balance. Once the threshold value of 50,000 tokens (0.05% of the total supply) is met, a percentage of those tokens are burned based on the current burn fee percentage. The remaining tokens are swapped for BNB and sent back to the contract address.
- In the current fee allocation, 3.5% of the BNB is sent to the project team's "Staking Rewards" contract, 1% is used to automatically provide liquidity, 1% is sent to the team's Marketing wallet, 1% is sent to the team's Development wallet, and 2.5% is applied toward funding the dividend rewards for those who are eligible. If the NFT holder fee (which is currently 0%) is modified to any percentage other than 0%, then that percentage of BNB will be sent to the team's "NFT Holder Rewards" Contract.
- If the buyback fee is set to 0% and there is more than 1 BNB in the contract, the remaining BNB will be sent to the Staking Rewards contract. If the buyback fee is set to any percentage other than 0%, the remaining BNB will remain in the contract.
- Liquidity-adds are automatically done by selling the tokens collected as liquidity fees, pairing the received BNB with the token, and adding it as liquidity to the pair.
- The LP tokens received through this process are sent to the "Liquidity Wallet" which is currently set to the Burn address.
- A user must hold 100 tokens to be eligible for dividends. This is 0.0001% of the total token supply.
- BNB dividends can be claimed manually by kicking off the claim cycle, which will process all eligible token holders.
- Alternatively, a user can manually claim dividends as an individual.
- There is a wait-time of 1200 seconds (20 minutes) between claiming dividend rewards.
- Claimed dividends are sent to the user's wallet address.
- The contract utilizes the SafeMath library to prevent overflows along with following the BEP20 standard.
Ownership Controls:- The owner can modify each fee percentage up to the following values:
- Marketing fee: 3%
- Liquidity fee: 4%
- Rewards fee: 5%
- Buyback fee: 2%
- Development fee: 2%
- Staking fee: 8%
- Burn fee: 3%
- NFT holder fee: 5%
- Although these fee caps exist, the combined total fee percentage must be less than 20% when set by the owner.
- The owner can exclude any address from fees at any time.
- The owner can exclude (and include) any address from dividends at any time.
- The owner can update the "sell penalty", which is enforced during sell transactions to Pancakeswap, up to 1.5x the standard fee amount.
- The owner can utilize the buyBackTokens() function to swap any amount of BNB in the contract for $FesBNB tokens and subsequently send those tokens to the burn address.
- The owner can withdraw any BEP20 tokens erroneously sent to the contract.
- The owner can Airdrop any amount of tokens to any user's wallet at any time.
- The owner can enable/disable the swap and liquify functionality at any time.
- The owner can update the amount of time a user must wait between claiming dividends to a value between 20 minutes and 24 hours (in seconds).
- The owner can update the PancakeswapV2Router and Automated Market Maker Pair contract addresses at any time.
- The owner can update the Marketing address, Liquidity address, and Development address to any addresses at any time. Please note that the Liquidity Address is the recipient of the LP tokens. The stability of the liquidity pool can be at risk if these LP tokens are not properly locked/burned.
- The owner can update the Staking Rewards contract and NFT holder Rewards contract to any address at any time.
- The owner can update the maximum amount of gas used for processing to a value between 200,000 and 500,000 at any time.
- No security threats were identified.
- Please ensure trust in the team as they have notable control in the ecosystem.
- Date: October 22nd, 2021
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Lib] IterableMapping
- [Pub] get
- [Pub] getIndexOfKey
- [Pub] getKeyAtIndex
- [Pub] size
- [Pub] set #
- [Pub] remove #
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Int] IERC20Metadata (IERC20)
- [Ext] name
- [Ext] symbol
- [Ext] decimals
+ ERC20 (Context, IERC20, IERC20Metadata)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _beforeTokenTransfer #
+ [Int] DividendPayingTokenOptionalInterface
- [Ext] withdrawableDividendOf
- [Ext] withdrawnDividendOf
- [Ext] accumulativeDividendOf
+ [Int] DividendPayingTokenInterface
- [Ext] dividendOf
- [Ext] distributeDividends ($)
- [Ext] withdrawDividend #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Lib] SafeMathInt
- [Int] mul
- [Int] div
- [Int] sub
- [Int] add
- [Int] abs
- [Int] toUint256Safe
+ [Lib] SafeMathUint
- [Int] toInt256Safe
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ DividendPayingToken (DividendPayingTokenInterface, DividendPayingTokenOptionalInterface, Ownable)
- [Ext] ($)
- [Pub] distributeDividends ($)
- [Ext] withdrawDividend #
- [Int] _withdrawDividendOfUser #
- [Ext] dividendOf
- [Pub] withdrawableDividendOf
- [Ext] withdrawnDividendOf
- [Pub] accumulativeDividendOf
- [Int] _increase #
- [Int] _reduce #
- [Int] _setBalance #
+ FesBNB (ERC20, Ownable)
- [Pub] #
- modifiers: ERC20
- [Ext] ($)
- [Ext] excludeFromDividends #
- modifiers: onlyOwner
- [Ext] includeInDividends #
- modifiers: onlyOwner
- [Ext] addPresaleAddressForExclusions #
- modifiers: onlyOwner
- [Ext] emergencyPresaleAddressUpdate #
- modifiers: onlyOwner
- [Pub] excludeFromMaxTransaction #
- modifiers: onlyOwner
- [Ext] updateSwapEnabled #
- modifiers: onlyOwner
- [Ext] updateSellPenalty #
- modifiers: onlyOwner
- [Ext] airdropToWalletsWithAmounts #
- modifiers: onlyOwner
- [Ext] updateFees #
- modifiers: onlyOwner
- [Ext] updateUniswapV2Router #
- modifiers: onlyOwner
- [Pub] excludeFromFees #
- modifiers: onlyOwner
- [Ext] setAutomatedMarketMakerPair #
- modifiers: onlyOwner
- [Prv] _setAutomatedMarketMakerPair #
- [Ext] updateMarketingWallet #
- modifiers: onlyOwner
- [Ext] updateLiquidityWallet #
- modifiers: onlyOwner
- [Ext] updateDevelopmentWallet #
- modifiers: onlyOwner
- [Ext] updateStakingRewardsContract #
- modifiers: onlyOwner
- [Ext] updateNftHolderRewardsContract #
- modifiers: onlyOwner
- [Ext] updateGasForProcessing #
- modifiers: onlyOwner
- [Ext] updateClaimWait #
- modifiers: onlyOwner
- [Ext] getClaimWait
- [Ext] getTotalDividendsDistributed
- [Ext] enableTrading #
- modifiers: onlyOwner
- [Ext] isExcludedFromFees
- [Ext] withdrawableDividendOf
- [Ext] dividendTokenBalanceOf
- [Ext] removeLimits #
- modifiers: onlyOwner
- [Ext] getAccountDividendsInfo
- [Ext] getAccountDividendsInfoAtIndex
- [Ext] processDividendTracker #
- [Ext] claim #
- [Ext] getLastProcessedIndex
- [Ext] getNumberOfDividendTokenHolders
- [Ext] getNumberOfDividends
- [Int] _transfer #
- [Prv] swapTokensForEth #
- [Prv] addLiquidity #
- [Int] swapBack #
- [Ext] buyBackTokens #
- modifiers: onlyOwner
- [Pub] rescueTokens #
- modifiers: onlyOwner
+ DividendTracker (DividendPayingToken)
- [Pub] #
- [Ext] excludeFromDividends #
- modifiers: onlyOwner
- [Ext] includeInDividends #
- modifiers: onlyOwner
- [Ext] updateClaimWait #
- modifiers: onlyOwner
- [Ext] getLastProcessedIndex
- [Ext] getNumberOfTokenHolders
- [Pub] getAccount
- [Ext] getAccountAtIndex
- [Prv] canAutoClaim
- [Ext] setBalance #
- modifiers: onlyOwner
- [Ext] process #
- [Pub] processAccount #
- modifiers: onlyOwner