Fino DAO Token

Smart Contract Audit Report

Audit Summary

Fino DAO Token is a new ERC20 token with an elastic supply and automatic LP adds.

For this audit, we reviewed the FinoToken contract at 0x6c9ae5d6746ee1b6bd03310079aa11d8ec409212 on the Binance Smart Chain Mainnet.

Audit Findings

Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
Date: February 14th, 2022.

Contract Overview

• The maximum allowed supply of $FINO is 340,282,366,920,938,463,463,374,607,431,768,211,455 tokens.
• The owner may trigger a manual rebase; this serves as a frictionless token redistribution which automatically adds tokens for all token holders at the time of each total supply change.
• The rebase function properly calls sync() on the PancakeSwap Pair contract to prevent theft-of-liquidity attacks which have occurred with other rebase tokens.
• Users may not burn their tokens, though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
• The current supply of the token is 5,332,510,872 tokens.
• 18.03% of the total supply is held in a user's wallet.
• 13.78% of the total supply is held in a user's wallet.
• 9.01% of the total supply is held in a user's wallet.
• 4.55% is held in Pancake Swap liquidity.
• 4.51% of the total supply is held in a user's wallet.
• 3.88% of the LP tokens are held in a Crowdsale contract.


• When the sender or recipient is not fee exempt, there is a Liquidity fee, Treasury fee, Burn fee, and Risk Free Value fee on buys.
• When the sender or recipient is not fee exempt, there is an additional "sell Treasury" fee and "sell Risk Free Value" fee added in addition to the base fees on sells.
• The team may also enable fees on all transfers.
• Only addresses on the "fee exempt list" are able to transfer tokens until the team has set the initial distribution as finished.
• Only addresses on the fee exempt list may sell more than the "max sell transaction amount" during any one sell.
• Addresses on the fee exempt list are exempt from fees. The Treasury wallet, the RiskFreeValue address, the deployer, and the contract are set as fee exempt on deployment.
• During transfers, a "swapback" is performed under the following conditions:
  • The contract's token balance has met a threshold.
  • The transfer is not a purchase.
  • Swapping functionality is enabled.
  • The fees are non-zero.
• If the liquidity during the swapback is greater than the target value, initially 50% of the circulating supply, no liquidity will be added. Otherwise the liquidity fee is used for a liquidity-add.
• The team may choose whether the liquidity is added added to a BUSD or BNB pair.
• A liquidity-add is funded by selling half of the tokens collected as liquidity fees, pairing the received BNB or BUSD with the token, and adding it as liquidity to the BNB or BUSD pair.
• The LP tokens received are sent to a specified Auto Liquidity Receiver address. We recommend that the team lock these LP tokens.
• The remaining contract balance is converted to BUSD and BNB where subsequently the BNB Treasury fee is sent to the Treasury address and BUSD Risk Free Value fee is sent to the Risk Free Value address.
• Also during transfers, if a "next rebase" time has passed, auto rebase is enabled, and the transfer is not to the 0x...dead address tokens are automatically added to the total supply. The newly added tokens are distributed proportionally amongst holders in a frictionless manner.
• The amount of tokens added is dependent on the current total supply, and the ratio between the "reward yield" and the "reward yield denominator"; this ratio defaults to 0.044% of the current total supply.


• The owner may change the Treasury, Risk Free Value, and Auto Liquidity Receiver addresses at any time.
• The owner may add or remove an address from the fee exempt list at any time.
• The owner may end the initial distribution period at any time.
• The owner may toggle swapback functionality at any time.
• The owner may change the target liquidity value and the contract threshold required to swapback at any time.
• The owner may withdraw all BNB and tokens in the contract at any time.
• The owner may toggle the auto rebase functionality and update the rebase frequency and the new rebase timestamp at any time.
• The owner may update the reward yield and the reward yield denominator at any time.
• The owner may update the max sell transaction amount at any time.
• The owner may toggle the liquidity between BUSD and BNB at any time.
• The owner may toggle fees on normal transfers at any time.


• The contract utilizes SafeMath to prevent overflow.
• The contract is ERC20 compliant; all standard functionality is present.

External Threat Results

Inheritence Chart

Function Graph

Functions Overview

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Lib] SafeMathInt 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] abs

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] transfer #
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod

 + [Int] InterfaceLP 
    - [Ext] sync #

 + [Lib] Roles 
    - [Int] add #
    - [Int] remove #
    - [Int] has

 +  ERC20Detailed (IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals

 + [Int] IDEXRouter 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 + [Int] IDEXFactory 
    - [Ext] createPair #

 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 +  FinoToken (ERC20Detailed, Ownable)
    - [Pub]  #
       - modifiers: ERC20Detailed
    - [Ext]  ($)
    - [Ext] totalSupply
    - [Ext] allowance
    - [Pub] balanceOf
    - [Ext] checkFeeExempt
    - [Ext] checkSwapThreshold
    - [Int] shouldRebase
    - [Int] shouldTakeFee
    - [Pub] shouldSwapBack
    - [Pub] getCirculatingSupply
    - [Pub] getLiquidityBacking
    - [Pub] isOverLiquified
    - [Pub] manualSync #
    - [Ext] transfer #
       - modifiers: validRecipient
    - [Int] _basicTransfer #
    - [Int] _transferFrom #
    - [Ext] transferFrom #
       - modifiers: validRecipient
    - [Prv] _swapAndLiquify #
    - [Prv] _addLiquidity #
    - [Prv] _addLiquidityBusd #
    - [Prv] _swapTokensForBNB #
    - [Prv] _swapTokensForBusd #
    - [Int] swapBack #
       - modifiers: swapping
    - [Int] takeFee #
    - [Ext] decreaseAllowance #
    - [Ext] increaseAllowance #
    - [Ext] approve #
    - [Prv] _rebase #
    - [Prv] coreRebase #
    - [Ext] manualRebase #
       - modifiers: onlyOwner
    - [Pub] setAutomatedMarketMakerPair #
       - modifiers: onlyOwner
    - [Ext] setInitialDistributionFinished #
       - modifiers: onlyOwner
    - [Ext] setFeeExempt #
       - modifiers: onlyOwner
    - [Ext] setTargetLiquidity #
       - modifiers: onlyOwner
    - [Ext] setSwapBackSettings #
       - modifiers: onlyOwner
    - [Ext] setFeeReceivers #
       - modifiers: onlyOwner
    - [Ext] clearStuckBalance #
       - modifiers: onlyOwner
    - [Ext] rescueToken #
       - modifiers: onlyOwner
    - [Ext] setAutoRebase #
       - modifiers: onlyOwner
    - [Ext] setRebaseFrequency #
       - modifiers: onlyOwner
    - [Ext] setRewardYield #
       - modifiers: onlyOwner
    - [Ext] setFeesOnNormalTransfers #
       - modifiers: onlyOwner
    - [Ext] setIsLiquidityInBnb #
       - modifiers: onlyOwner
    - [Ext] setNextRebase #
       - modifiers: onlyOwner
    - [Ext] setMaxSellTransaction #
       - modifiers: onlyOwner

• Go Home