LilDogeFloki - Smart Contract Audit Report
LilDogeFloki ($LDF) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 100 trillion $LDF [100,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 51.75% of the total token supply has been sent to the 0x000...dead (burn) address.
- 9.56% of the total supply is in Pancakeswap liquidity.
- Of that liquidity, 86.15% of the LP tokens belong to Legion Network Vesting Contract.
- 13.25% of the LP tokens belong to the owner.
- There is a 'Tax Fee' and 'Liquidity Fee' on all transactions for any "non-excluded" address that participates in a transfer. The fees can be set by the owner at any time and cannot exceed 10% each. (Maximum total of 20% fees).
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the 'Tax Fee' are removed from the circulating supply.
- The tokens that are collected from the 'Liquidity Fee' that are charged on transactions will be stored in the contract address. Once the contract balance reaches a threshold value of $LDF tokens (determined by the owner), a portion of the tokens (determined by the owner) will be swapped for BNB that will be used to provide PancakeSwap Liquidity.
- Liquidity-adds are conducted automatically by selling half of the tokens allocated to liquidity, and pairing the received BNB with the token, and adding it to the liquidity pool corresponding to the LDF-BNB pair.
- The recipient of the newly created LP tokens is the owner of the contract. The team is responsible for locking these newly acquired LP tokens.
- An additional portion of the tokens are also swapped for BNB with the purpose of funding the team-controlled Dev wallet.
- A final portion of the tokens are also swapped for BNB with the purpose of funding the contract's BNB Rewards mechanism. This rewards wallet is defaulted to the deployer of the contract (owner), and is controlled by the team.
- As the contract implements the use of Safemath, it is protected from overflows/underflow issues.
- Ownership has not been renounced.
- The owner can modify the Tax fee and Liquidity fee to any percentages (up to 10%) at any time. The total fees cannot exceed 20%.
- The owner can add or remove addresses from the blacklist at any time. Addresses that are added to the blacklist cannot participate in transfers of the LDF Token.
- The owner can exclude and include accounts from transfer fees and reward distribution.
- The owner can update the threshold of tokens that must be held in the LDF Contract address in order to activate a swap (for liquidity adds) at any time.
- The owner can enable/disable the automatic swapping functionality at any time.
- The owner can set and update a maximum transaction amount at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction. The maximum transaction amount cannot be set to an amount greater than 50% of the circulating supply. The owner must exercise caution when setting this value to not lock out holders from participating in transfers.
- This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The owner can modify the address for the PancakeSwap Router at any time.
- The owner can modify the address for the PancakeSwap Pair at any time.
- The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function.
- The unlock function has the potential to be used after ownership is renounced, which will restore ownership to the original owner that initially created the ownership lock. This can be used in a nefarious way by the project team to restore ownership and change fee structures.
- We recommend that the unlock function is modified to set the "previous owner" = "address(0)" at the end of the unlock function to prevent it from being used more than once per lock.
- No external threats were identified.
- There are potential risks that exist for holders regarding the team's ability to retain control of the contract.
- If the team plans to renounce ownership, we recommend that they do so without ever calling the faulty lock functionality.
- Please ensure trust in the team prior to investing as they have substantial control in the ecosystem and have control of the BNB that is collected from fees.
- Date: November 6th, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Int]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Pub] geUnlockTime - [Pub] lock # - modifiers: onlyOwner - [Pub] unlock # + [Int] IPancakeswapFactory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IPancakeswapPair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] mint # - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IPancakeswapRouter01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IPancakeswapRouter02 (IPancakeswapRouter01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + LilDogeFloki (Context, IERC20, Ownable) - [Pub] # - [Ext] setPair # - modifiers: onlyOwner - [Ext] setRouter # - modifiers: onlyOwner - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Ext] addBotToBlackList # - modifiers: onlyOwner - [Ext] removeBotFromBlackList # - modifiers: onlyOwner - [Pub] isBlackListed - [Pub] blacklistSingleWallet # - modifiers: onlyOwner - [Pub] blacklistMultipleWallets # - modifiers: onlyOwner - [Pub] isBlacklisted - [Ext] unBlacklistSingleWallet # - modifiers: onlyOwner - [Pub] unBlacklistMultipleWallets # - modifiers: onlyOwner - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] deliver # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Prv] _approve # - [Pub] changeLimit # - modifiers: onlyOwner - [Ext] expectedRewards - [Prv] _transfer # - [Prv] swapAndLiquify # - modifiers: lockTheSwap - [Ext] BNBBalance - [Prv] swapTokensForBnb # - [Prv] addLiquidity # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateTaxFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Ext] setLiquidityFeePercent # - modifiers: onlyOwner - [Ext] setMaxTxPercent # - modifiers: onlyOwner - [Ext] setNumTokensSellToAddToLiquidity # - modifiers: onlyOwner - [Pub] setSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Ext] ($)