Vulnerability Category Notes Result Arbitrary Storage Write N/A PASS Arbitrary Jump N/A PASS Delegate Call to Untrusted Contract N/A PASS Dependence on Predictable Variables Decisions are made based on the block.timestamp environment variable which can
be manipulated by a malicious miner. This is extremley unlikely to occur.Warning Deprecated Opcodes N/A PASS Ether Thief N/A PASS Exceptions N/A PASS External Calls N/A PASS Integer Over/Underflow N/A PASS Multiple Sends N/A PASS Suicide N/A PASS State Change External Calls N/A Pass Unchecked Retval N/A PASS User Supplied Assertion N/A PASS Critical Solidity Compiler N/A PASS Overall Contract Safety PASS
Lottery Token - Smart Contract Audit Report
Summary
The Lottery Token is a new token where users have a chance of winning a large number of tokens by holding the token.
We reviewed Lottery Token's contract using code provided to us by the team. The team intends to keep the code closed-source. We have attempted to verify the bytecode match, however, as the last few lines cannot be replicated to match. This is likely due to slight compiler differences.
Features of the Contract:
- The total supply of the token is 1.25 million.
- No mint or burn functions exist, though the circulating supply can be decreased by sending tokens to 0x...dead.
- The lottery logic is ran on every transfer of the token.
- With every transaction of the token the contract will select a wallet anywhere from 1 to 9 positions from the current position. Once the tokens collected in the contract reaches 0.1% of the total supply, the currently selected wallet shall win those tokens and have them automatically deposited into their wallet.
- This process will eventaully increment through all the holders, then loop around to the beginning, skipping the owner and burn address.
- The lottery winner will receive all of the tokens held in the pool.
- 2% of the of the 6% fee charged on token transfers is redistributed to existing token holders instantly, 2% will be allocated to the lottery, and and the other 2% is burned from the total supply.
- Due to the logic behind these burns, a user transfering tokens will result in all users having slightly less tokens after the burn.
- The owner can exclude any address from the fee mechanism and the lottery.
- The team can set the minimum number of tokens to participate in the lottery, though the highest this number can be is 0.1% of the total supply.
- Utilization of SafeMath to prevent overflows.
Audit Findings Summary:
- The lottery function, to an extent, relies on predictable environment variables. This is common, albiet not best practice, but the probability of miners maliciously changing these variables is extremley low.
- Ensure trust in the team as they have notable control in the ecosystem.
- Date: April 15th, 2021.
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ LotteryToken (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] minimumHolding
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcludedFromReward
- [Pub] totalFees
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] setRequiredMinimum #
- modifiers: onlyOwner
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Ext] includeInReward #
- modifiers: onlyOwner
- [Pub] excludeFromFee #
- modifiers: onlyOwner
- [Pub] includeInFee #
- modifiers: onlyOwner
- [Ext] setTaxFeePercent #
- modifiers: onlyOwner
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] calculateTaxFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Pub] isExcludedFromFee
- [Int] _checkEligibility #
- [Prv] _moveLotteryPointer #
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #