Guzzler - Smart Contract Audit Report
Summary
Guzzler ($GZLR) is a new community-driven DeFi token that provides automatic liquidity adds and pays out static rewards to holders.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is set to 100 billion $GZLR [100,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- There was no token allocation for our team to analyze as the contract has yet to be deployed to the mainnet.
- The owner must manually enable trading in order for trading to take place on the platform. Only accounts that are excluded from fees can trade when trading is set to disabled. Once trading is enabled, it can never be disabled.
- There is a tax fee, liquidity fee, and marketing fee on all transactions for any non-excluded address that participates in a transfer with Uniswap. A separate fee structure can be set by the team to apply different fee amounts depending on whether the user is buying or selling during the transfer.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
- The liquidity fee and marketing fee charged during transfers with Uniswap are stored in the contract address balance. Once a threshold value of 50 million tokens (0.05% of the total supply) is met, the tokens are swapped for ETH and sent back to the contract address.
- A portion of the ETH is used to automatically provide liquidity. Liquidity-adds are automatically done by selling the tokens collected as fees, pairing the received ETH with the token, and adding it as liquidity to the pair.
- The LP tokens received through this process are sent to the Liquidity wallet controlled by the team. The team is responsible for locking these newly acquired LP tokens.
- The remaining ETH in the contract will be sent to the Marketing wallet.
- The amount of gas per transaction when buying from Uniswap must not exceed the gas price limit of at least 300 Gwei set by the team.
- The contract enforces a transfer delay which prevents a transfer from occuring if the user is attempting to buy from Uniswap more than one time per block.
- As the contract is implemented with Solidity v0.8.x, it is protected from overflows.
Ownership Controls:- The owner can modify the tax fee, liquidity fee, and marketing fee for both buy and sell fee structures. The total fee percentages combined must be 20% or less for the buy fees and 30% or less for the sell fees.
- The owner can exclude and include accounts from transfer fees and reward distribution.
- The owner can enable/disable the utilization of a maximum transaction amount of 500 million tokens (0.5% of the total supply) when buying from or selling to Uniswap. The owner can exclude accounts from this maximum transaction amount.
- The owner can enable/disable the utilization of a maximum wallet amount which prevents a transaction from occuring if the buyer's balance will exceed 1 billion tokens (1% of the total supply) after the transaction takes place.
- The owner can update the gas price limit to any value greater than 300 Gwei. The owner can enable/disable this gas limit restriction.
- The owner can disable the transfer delay functionality. Once disabled, it can never be re-enabled.
- The owner can utilize the buyBackTokens() function to swap any amount of ETH in the contract for $GZLR tokens and subsequently send those tokens to the burn address.
- The owner can withdraw any ERC20 tokens erroneously sent to the contract.
- The owner can airdrop any amount of tokens to any addresses at any time
- The owner can enable/disable automatic liquidity adds at any time.
- The owner can update the Marketing wallet and Liquidity wallet to any addresses at any time.
- The owner can update the Automated Market Maker Pair contract address at any time.
- No external threats were identified.
- Please ensure trust in the team as they have notable control in the ecosystem.
- Date: November 24th, 2021
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Centralization of Control | The owner can set total buy fees up to 20% and total sell fees up to 30%. | WARNING |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unbounded Loop | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Pub] getUnlockTime
- [Pub] getTime
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ GZLR (Context, IERC20, Ownable)
- [Pub] #
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Pub] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Pub] approve #
- [Ext] transferFrom #
- [Ext] increaseAllowance #
- [Ext] decreaseAllowance #
- [Ext] isExcludedFromReward
- [Ext] totalFees
- [Ext] enableTrading #
- modifiers: onlyOwner
- [Ext] minimumTokensBeforeSwapAmount
- [Pub] setAutomatedMarketMakerPair #
- modifiers: onlyOwner
- [Prv] _setAutomatedMarketMakerPair #
- [Ext] setProtectionSettings #
- modifiers: onlyOwner
- [Ext] setGasPriceLimit #
- modifiers: onlyOwner
- [Ext] disableTransferDelay #
- modifiers: onlyOwner
- [Ext] reflectionFromToken
- [Ext] airdropToWallets #
- modifiers: onlyOwner
- [Ext] removeLimits #
- modifiers: onlyOwner
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Pub] excludeFromMaxTransaction #
- modifiers: onlyOwner
- [Pub] includeInReward #
- modifiers: onlyOwner
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapBack #
- modifiers: lockTheSwap
- [Prv] swapTokensForBNB #
- [Prv] addLiquidity #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _takeLiquidity #
- [Prv] calculateTaxFee
- [Prv] calculateLiquidityFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Ext] isExcludedFromFee
- [Ext] excludeFromFee #
- modifiers: onlyOwner
- [Ext] includeInFee #
- modifiers: onlyOwner
- [Ext] setBuyFee #
- modifiers: onlyOwner
- [Ext] setSellFee #
- modifiers: onlyOwner
- [Ext] setMarketingAddress #
- modifiers: onlyOwner
- [Ext] setLiquidityAddress #
- modifiers: onlyOwner
- [Pub] setSwapAndLiquifyEnabled #
- modifiers: onlyOwner
- [Ext] buyBackTokens #
- modifiers: onlyOwner
- [Ext] ($)
- [Ext] transferForeignToken #
- modifiers: onlyOwner