Gemit Token - Smart Contract Audit Report

Summary

egoD Audit Report Gemit ($GEMIT) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.

For this audit, we reviewed the project team's GEMIT and GemitOwnerWrapper contracts deployed at 0xa91a840ee787bb773922f961b6c5cd2a564f535d and 0x44ccb89cd635da0c69e6be4657961c48d6c6256d, respectively, on the Binance Smart Chain mainnet.

Notes on the Contract:
The total supply of the token is initially set to one hundred million $GEMIT [100,000,000].
At the time of writing this report, 27.96% of the total $GEMIT supply is held in the 0x..1 address, 8.62% is held in PancakeSwap, 6.26% is held in a GemitTimedThresholdLock contract, and 4.74% is held in an unverified contract.
Of the current LP token supply, 68.57% is locked in a DxSale token locker, 20.8% is held by a GemitTimedLock contract, and 9.7% is held by the GemitOwnerWrapper contract. The LP tokens in the DxSale locker and GemitTimedLock contract are both locked until July 12th, 2025.
The owner of the Gemit contract is the GemitOwnerWrapper contract, which sets limitations on which owner-specific functions can be called and limitations on certain passed parameters.
No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
This token includes anti-whale logic, stopping users from executing transfers above a certain max transaction amount. In addition, users will be blocked from receiving transfers if it results in their token balance exceeding a max wallet amount.
The max transaction and max wallet amounts can be changed by the owner at any time. The GemitOwnerWrapper contract prevents these amounts to be set to less than 1% of total supply.
The owner can exclude any address from anti-whale logic at any time.
The owner, 0x1 address, 0x..dead address, and PancakeSwap address are excluded from anti-whale logic.

There is a 'tax fee' and 'liquidity fee' on all transactions for any 'non-excluded' address that participates in a transfer. These fees can be changed; however, the GemitOwnerWrapper contract prevents the combined amount from these fees to exceed 9%.
Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the 'tax fee' are removed from the circulating supply.
The liquidity fee charged on transactions is stored in the contract and, once a threshold value is met, used to fund PancakeSwap liquidity.
Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshhold as determined by the owner is met), then pairing the received BNB with the token, and adding it as liquidity to the PancakeSwap pair.
The recipient of these newly created LP tokens (as a result of this process) is the GemitOwnableWrapper contract. We recommend the LP tokens are locked at the time of acquisition.
The owner of the contract can exclude accounts from transfer fees and reward distribution.
The owner can update the router address at any time.
The GemitOwnableWrapper prevents locking, unlocking, and transferring/renouncing ownership of the Gemit contract.
The owner has the ability to withdraw any BNB erroneously sent to this contract.
The owner has the ability to withdraw any tokens, including $GEMIT, from this contract at any time.

The owner of the GemitOwnerWrapper contract can also withdraw any BNB or tokens within the GemitOwnerWrapper contract.
Ownership of the GemitOwnerWrapper contract can be transferred by its owner at any time.
Many functions can be declared external for gas saving purposes, but this is purely informational as these contracts have already been deployed.
The token contract utilizes SafeMath libraries along with following the ERC20 standard.
Audit Findings Summary
No external vulnerabilities were identified.
Please ensure trust in the team prior to investing as they have some control in the ecosystem.
Date: November 29th, 2021

Audit Results

Vulnerability Category	Notes	Result
Arbitrary Storage Write	N/A	PASS
Arbitrary Jump	N/A	PASS
Centralizaiton of Control	There are some owner specific privileges which are listed above.	PASS
Critical Solidity Compiler	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Deprecated Opcodes	N/A	PASS
Ether Thief	N/A	PASS
Exceptions	N/A	PASS
External Calls	N/A	PASS
Flash Loans	N/A	PASS
Integer Over/Underflow	N/A	PASS
Multiple Sends	N/A	PASS
Oracles	N/A	PASS
State Change External Calls	N/A	PASS
Suicide	N/A	PASS
Unbounded Loop	N/A	PASS
Unchecked Retval	N/A	PASS
User Supplied Assertion	N/A	PASS
Overall Contract Safety		PASS

Details: Gemit Contract

ERC20 Token Graph

Multi-file Token


 ($) = payable function
 # = non-constant function
 
 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] getUnlockTime
    - [Pub] lock #
       - modifiers: onlyOwner
    - [Pub] unlock #

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Int] IUniswapV2Router01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IUniswapV2Router02 (IUniswapV2Router01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 +  GEMIT (Context, IERC20, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcludedFromReward
    - [Pub] isExcludedFromAntiWhaleFrom
    - [Pub] isExcludedFromAntiWhaleTo
    - [Pub] totalFees
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Pub] excludeFromReward #
       - modifiers: onlyOwner
    - [Ext] includeInReward #
       - modifiers: onlyOwner
    - [Prv] _transferBothExcluded #
    - [Pub] excludeAddressFromFee #
       - modifiers: onlyOwner
    - [Pub] excludeAddressWhaleFrom #
       - modifiers: onlyOwner
    - [Pub] excludeAddressWhaleTo #
       - modifiers: onlyOwner
    - [Ext] setLiquidityFeePercent #
       - modifiers: onlyOwner
    - [Pub] setMaxTxPercent #
       - modifiers: onlyOwner
    - [Pub] setMaxWalletTokenPercent #
       - modifiers: onlyOwner
    - [Pub] setSwapAndLiquifyEnabled #
       - modifiers: onlyOwner
    - [Ext]  ($)
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _takeLiquidity #
    - [Prv] calculateTaxFee
    - [Prv] calculateLiquidityFee
    - [Prv] removeAllFee #
    - [Prv] restoreAllFee #
    - [Pub] isExcludedFromFee
    - [Prv] swapTokensForEth #
    - [Prv] _transferToExcluded #
    - [Prv] _approve #
    - [Prv] _transferFromExcluded #
    - [Prv] addLiquidity #
    - [Prv] _tokenTransfer #
    - [Prv] _transferStandard #
    - [Prv] _transfer #
    - [Prv] swapAndLiquify #
       - modifiers: lockTheSwap
    - [Ext] setTaxFeePercent #
       - modifiers: onlyOwner
    - [Pub] setRouterAddress #
       - modifiers: onlyOwner
    - [Ext] prepareForPreSale #
       - modifiers: onlyOwner
    - [Ext] afterPreSale #
       - modifiers: onlyOwner
    - [Pub] recoverERC20 #
       - modifiers: onlyOwner
    - [Ext] extractBNB #
       - modifiers: onlyOwner

Details: GemitOwnerWrapper Contract