Marinedoge - Smart Contract Audit Report
Marinedoge ($Marinedoge) is a new community-driven token on the Binance Smart Chain that pays out static rewards to holders.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 1 quadrillion $Marinedoge [1,000,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 100% of the total $Marinedoge token supply is in possession of the owner.
- There is a 'tax fee' and a 'liquidity fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify the these fees at any time. The tax fee may range from 0.0% to 2.0%; while the liquidity fee may range from 0.0% to 9.0%.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
- On each transfer that occurs while the minimum threshold (determined by the owner) is met, the protocol will spend 1% of its BNB balance toward buying $Marinedoge tokens that will subsequently be burned. The owner has the ability to enable and disable the Buyback functionality at any time. The owner also has control over the threshold that will determine when the Buyback functionality is applied.
- The liquidity fee that is charged on transactions is used to buy BNB via the "swaptokens" function which will be stored in the contract address. Upon each BNB purchase made by the contract address, a percentage (determined by the owner) will be sent to the 'marketing address'. This percentage of the BNB to be transferred can be modified by the owner to any amount at any time.
- A logical issue exists within the swapping functionality. If the liquidity fee is set (by the owner) to a number that is less than or equal to the 'Marketing Divisor', the resulting BNB to be transferred to the marketing address might be more than the contract balance can support which would result in the transaction reverting. If this functionality is used in such a way, it will allow the project team to receive all of the BNB in the contract address.
- Although the swap and liquify verbiage exists in the code, there are no "automatic liquidity adds" supported by the protocol; as the buyback mechanism is used instead.
- The owner of the contract can exclude and include accounts from fees and reward distribution.
- The owner has the ability to update the marketing address at any time.
- The owner has the ability to set and update a maximum transaction amount at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction. The owner can also include and exclude accounts from this transaction limit.
- This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The owner can activate the buyback functionality manually and bypass the token threshold at any time.
- The contract includes a "PrepareForPresale" function that allows the owner to set fees to 0, and set the max transaction amount to 100% of the total token supply. There is also an "afterPresale" function where the fees are restored and the maximum transaction amount is set to 0.3% of the total token supply.
- The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function.
- Ownership has not been renounced.
- The contract utilizes SafeMath libraries along with following the BEP20 standard.
- No external threats were identified.
- We recommend that the team renounces ownership after a successful launch.
- Buyback functionality may be susceptible to front-running; The team must monitor and if suspicious activity is detected, the team must disable the buyback system.
- Please ensure trust in the team prior to investing as they have notable control in the ecosystem.
- Further, ensure trust in the team as they have control of the contract's BNB balance that is accumulated from fees.
- Date: August 4th, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Pub]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Pub] getUnlockTime - [Pub] getTime - [Pub] lock # - modifiers: onlyOwner - [Pub] unlock # + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + Marinedoge (Context, IERC20, Ownable) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] minimumTokensBeforeSwapAmount - [Pub] buyBackUpperLimitAmount - [Pub] deliver # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Prv] _approve # - [Prv] _transfer # - [Ext] callmarine # - modifiers: onlyOwner - [Prv] swapTokens # - modifiers: lockTheSwap - [Prv] buyBackTokens # - modifiers: lockTheSwap - [Prv] swapTokensForEth # - [Prv] swapETHForTokens # - [Prv] addLiquidity # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateTaxFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Ext] setLiquidityFeePercent # - modifiers: onlyOwner - [Ext] setMaxTxAmount # - modifiers: onlyOwner - [Ext] setMarketingDivisor # - modifiers: onlyOwner - [Ext] setNumTokensSellToAddToLiquidity # - modifiers: onlyOwner - [Ext] setBuybackUpperLimit # - modifiers: onlyOwner - [Ext] setMarketingAddress # - modifiers: onlyOwner - [Pub] setSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Pub] setBuyBackEnabled # - modifiers: onlyOwner - [Ext] prepareForPreSale # - modifiers: onlyOwner - [Ext] afterPreSale # - modifiers: onlyOwner - [Prv] transferToAddressETH # - [Ext] ($)