GoesUpHigher - Smart Contract Audit Report

Summary

GoesUpHigher is a new token project that rebases based on the market cap of Bitcoin.

We audited GoesUpHigher's contracts at commit ab0bec7138cbe1ce71553b3f8f9e237f8ef5632d on GitHub.

Notes on the Token Contract:

The initial supply of the token is 21 million, sent to the deployer's address upon deployment.

The token will rebase based upon the market cap of Bitcoin plus 1%.

Transfers of the token are initially disabled until the team indicates token distribution has been completed.

The rebase function properly calls sync() on the Uniswap pair contract(s) to prevent theft-of-liquidity attacks which have occured with other rebase tokens. The owner can add/remove other liquidity pools to this list to sync them after rebases.

The owner has the ability to update the Master & LP addresses at any time; as well as some variables used in calculating the rebase.

Utilization of SafeMath to prevent overflows.

Master Contract:

This contract holds the logic that controls the rebases. Anyone call call the rebase() function to trigger a rebase after the set time period has elapsed.

A rebase can occur every 4 hours if the difference between the GUH price and BTC price is above a threshold set by the team.

The owner has the ability to update the GoesUpHigher token addresses and oracle addresses at any time; as well as some variables used in calculating the rebase.

Utilization of SafeMath to prevent overflows.

Oracle Contracts:

These three contracts represents the price oracle used in the rebase calculations.

The Market and BTC oracles used to get the price of the GUH token and BTC are Uniswap TWAP (Time-Weighted Average Price) Oracle implementaitons, which are secure from manipulation by flash loans.

The functions to update prices can only be called by the owner or an address set as the 'controller' by the team. This is intended to be the Master contract.

The SimpleOracle is a basic contract which allows the owner to provide data, and have that data be referenced on-chain. This is not intended for production use.

The owner of the contract can set the address of the controller and transfer ownership. No other ownership-restricted functions are present.

Audit Findings Summary:

No issues from outside attackers were identified.

Ensure trust in the project team as they have notable power in the ecosystem.

Date: May 14th, 2021.

Combined Audit Results

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] SafeMath 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] mod

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] transfer #
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] ILP 
    - [Ext] sync #

 +  ERC20Detailed (IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals

 + [Lib] SafeMathInt 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] abs

 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 +  GUH (ERC20Detailed, Ownable)
    - [Ext] rebase #
       - modifiers: onlyMaster
    - [Pub]  #
       - modifiers: ERC20Detailed
    - [Ext] setMaster #
       - modifiers: onlyOwner
    - [Ext] setLP #
       - modifiers: onlyOwner
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
       - modifiers: validRecipient,initialDistributionLock
    - [Ext] allowance
    - [Ext] transferFrom #
       - modifiers: validRecipient
    - [Ext] approve #
       - modifiers: initialDistributionLock
    - [Ext] increaseAllowance #
       - modifiers: initialDistributionLock
    - [Ext] decreaseAllowance #
       - modifiers: initialDistributionLock
    - [Ext] setInitialDistributionFinished #
       - modifiers: onlyOwner
    - [Ext] enableTransfer #
       - modifiers: onlyOwner

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] SafeMath 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] mod

 + [Lib] SafeMathInt 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] abs

 + [Lib] UInt256Lib 
    - [Int] toInt256Safe

 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Int] IOracle 
    - [Ext] getData
    - [Ext] update #

 + [Int] IGuh 
    - [Ext] totalSupply
    - [Ext] rebase #

 +  Master (Ownable)
    - [Pub]  #
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Ext] setRebaseLocked #
       - modifiers: onlyOwner
    - [Pub] canRebase
    - [Pub] cooldownExpiryTimestamp
    - [Ext] rebase #
    - [Int] incrementTargetRate #
    - [Int] setTargetRateBTC #
    - [Pub] getRebaseValues
    - [Int] computeSupplyDelta
    - [Int] withinDeviationThreshold
    - [Ext] setMarketOracle #
       - modifiers: onlyOwner
    - [Ext] setMarketOracleBTC #
       - modifiers: onlyOwner
    - [Ext] addTransaction #
       - modifiers: onlyOwner
    - [Ext] removeTransaction #
       - modifiers: onlyOwner
    - [Ext] setTransactionEnabled #
       - modifiers: onlyOwner
    - [Ext] transactionsSize
    - [Int] externalCall #

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] SafeMath 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] mod

 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] mint #
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Lib] Babylonian 
    - [Int] sqrt

 + [Lib] FixedPoint 
    - [Int] encode
    - [Int] encode144
    - [Int] div
    - [Int] mul
    - [Int] fraction
    - [Int] decode
    - [Int] decode144
    - [Int] reciprocal
    - [Int] sqrt

 + [Lib] UniswapV2Library 
    - [Int] sortTokens
    - [Int] pairFor
    - [Int] getReserves
    - [Int] quote
    - [Int] getAmountOut
    - [Int] getAmountIn
    - [Int] getAmountsOut
    - [Int] getAmountsIn

 + [Lib] UniswapV2OracleLibrary 
    - [Int] currentBlockTimestamp
    - [Int] currentCumulativePrices

 +  MarketOracle (Ownable)
    - [Pub]  #
    - [Pub] getGuhBnbRate
    - [Pub] getBusdBnbRate
    - [Ext] update #
       - modifiers: onlyControllerOrOwner
    - [Ext] getData
    - [Ext] setController #
       - modifiers: onlyOwner

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 + [Lib] SafeMath 
    - [Int] mul
    - [Int] div
    - [Int] sub
    - [Int] add
    - [Int] mod

 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] mint #
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Lib] Babylonian 
    - [Int] sqrt

 + [Lib] FixedPoint 
    - [Int] encode
    - [Int] encode144
    - [Int] div
    - [Int] mul
    - [Int] fraction
    - [Int] decode
    - [Int] decode144
    - [Int] reciprocal
    - [Int] sqrt

 + [Lib] UniswapV2Library 
    - [Int] sortTokens
    - [Int] pairFor
    - [Int] getReserves
    - [Int] quote
    - [Int] getAmountOut
    - [Int] getAmountIn
    - [Int] getAmountsOut
    - [Int] getAmountsIn

 + [Lib] UniswapV2OracleLibrary 
    - [Int] currentBlockTimestamp
    - [Int] currentCumulativePrices

 +  MarketOracleBTC (Ownable)
    - [Pub]  #
    - [Pub] getBtcbBnbRate
    - [Pub] getBusdBnbRate
    - [Ext] update #
       - modifiers: onlyControllerOrOwner
    - [Ext] getData
    - [Ext] setController #
       - modifiers: onlyOwner

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public
 
 +  Ownable 
    - [Pub]  #
    - [Pub] owner
    - [Pub] isOwner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Int] IOracle 
    - [Ext] getData
    - [Ext] update #

 +  SimpleOracle (IOracle, Ownable)
    - [Ext] setData #
       - modifiers: onlyOwner
    - [Ext] getData
    - [Ext] update #

• Go Home