Vulnerability Category Notes Result Arbitrary Storage Write N/A PASS Arbitrary Jump N/A PASS Delegate Call to Untrusted Contract N/A PASS Dependence on Predictable Variables Decisions are made based on the block.timestamp environment variable which can
be manipulated by a malicious miner. This is extremley unlikely to occur.
Warning Deprecated Opcodes N/A PASS Ether Thief N/A PASS Exceptions N/A PASS External Calls N/A PASS Integer Over/Underflow N/A PASS Multiple Sends N/A PASS Suicide N/A PASS State Change External Calls N/A Pass Unchecked Retval N/A PASS User Supplied Assertion N/A PASS Critical Solidity Compiler N/A PASS Overall Contract Safety PASS
Lottery Token - Audit Report
The Lottery Token is a new token where users have a chance of winning a large number of tokens by holding the token.
We reviewed Lottery Token's contract using code provided to us by the team. The team intends to keep the code closed-source. We have attempted to verify the bytecode match, however, as the last few lines cannot be replicated to match. This is likely due to slight compiler differences.
Features of the Contract:
- The total supply of the token is 1.25 million.
- No mint or burn functions exist, though the circulating supply can be decreased by sending tokens to 0x...dead.
- The lottery logic is ran on every transfer of the token.
- With every transaction of the token the contract will select a wallet anywhere from 1 to 9 positions from the current position. Once the tokens collected in the contract reaches 0.1% of the total supply, the currently selected wallet shall win those tokens and have them automatically deposited into their wallet.
- This process will eventaully increment through all the holders, then loop around to the beginning, skipping the owner and burn address.
- The lottery winner will receive all of the tokens held in the pool.
- 2% of the of the 6% fee charged on token transfers is redistributed to existing token holders instantly, 2% will be allocated to the lottery, and and the other 2% is burned from the total supply.
- Due to the logic behind these burns, a user transfering tokens will result in all users having slightly less tokens after the burn.
- The owner can exclude any address from the fee mechanism and the lottery.
- The team can set the minimum number of tokens to participate in the lottery, though the highest this number can be is 0.1% of the total supply.
- Utilization of SafeMath to prevent overflows.
Audit Findings Summary:
- The lottery function, to an extent, relies on predictable environment variables. This is common, albiet not best practice, but the probability of miners maliciously changing these variables is extremley low.
- Ensure trust in the team as they have notable control in the ecosystem.
- Date: April 15th, 2021.
($) = payable function # = non-constant function Int = Internal Ext = External Pub = Public + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + Context - [Int] _msgSender - [Int] _msgData + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Int]
# - [Pub] owner - [Pub] transferOwnership # - modifiers: onlyOwner + LotteryToken (Context, IERC20, Ownable) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] minimumHolding - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] setRequiredMinimum # - modifiers: onlyOwner - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] calculateTaxFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Int] _checkEligibility # - [Prv] _moveLotteryPointer # - [Prv] _approve # - [Prv] _transfer # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded #