MetacyFinance - Smart Contract Audit Report
Summary
MetacyFinance ($MTF) is a new BEP-20 token on the Binance Smart Chain that is an automatic liquidity-providing protocol.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is set to 10 billion $MTF [10,000,000,000].
- No mint functions are accessible beyond deployment.
- The owner can burn their own tokens to reduce the total supply.
- At the time of writing this report, 54.1% of the total supply belongs to the owner.
- The remaining 45.9% of the total supply belongs to an unverified contract.
- There is a Liquidity fee, Marketing fee, Charity fee, and Dev fee on all transfers via Pancakeswap where neither the sender nor the recipient is excluded from fees. A separate fee structure can be set by the team to apply different fee percentages depending on whether the user is buying or selling during the transfer.
- The tokens collected from the liquidity fee during transfers are stored in the contract address balance. Once the threshold value of tokens (0.0000005 ether) is met, a swap will occur for the purpose of funding Pancakeswap liquidity.
- Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshold number of tokens is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
- The recipient of the newly created LP tokens is the team's Liquidity wallet. We strongly recommend that the team locks these newly acquired LP tokens.
- The tokens collected from the Marketing fee, Charity fee, and Dev fee are swapped for BNB and sent to the team's Marketing wallet, Charity wallet, and Dev wallet respectively.
- Any remaining tokens in the contract are sent to the Dev wallet, while any remaining BNB in the contract is sent to the Marketing wallet.
- As the contract is deployed with Solidity v0.8.10, it is protected from overflows/underflows.
- Some gas optimizations can be achieved through declaring functions external instead of public, and some state variables constant. As this contract is already deployed, this is merely informational.
Ownership Controls:- Ownership has not been renounced.
- The owner can modify the Liquidity fee, Marketing fee, Charity fee, and Dev fee for both fee structures to any percentages at any time.
- The owner can exclude and include accounts from transfer fees.
- The owner can pause all trading at any time.
- The owner can enable/disable transfer fees at any time.
- The owner can call the triggerTax() function which will set the amount of tokens allocated for team wallets to 0.
- The owner can add/remove accounts from a blacklist which prevents them from being able to participate in transfers.
- The owner can update the team's Charity wallet, Marketing wallet, and Dev wallet to any addresses at any time.
- No external threats were identified.
- Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
- Date: January 6th, 2022.
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Centralization of Control | WARNING | |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritance Chart
Functions Overview
($) = payable function
# = non-constant function
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Int] IERC20Metadata (IERC20)
- [Ext] name
- [Ext] symbol
- [Ext] decimals
+ Context
- [Int] _msgSender
- [Int] _msgData
+ ERC20 (Context, IERC20, IERC20Metadata)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _beforeTokenTransfer #
- [Int] _afterTokenTransfer #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _setOwner #
+ Pausable (Context)
- [Pub] #
- [Pub] paused
- [Int] _pause #
- modifiers: whenNotPaused
- [Int] _unpause #
- modifiers: whenPaused
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ CoinToken (ERC20, Ownable, Pausable)
- [Pub] ($)
- modifiers: ERC20
- [Prv] handleTax #
- [Int] _transfer #
- [Pub] triggerTax #
- modifiers: onlyOwner
- [Pub] pause #
- modifiers: onlyOwner
- [Pub] unpause #
- modifiers: onlyOwner
- [Pub] burn #
- modifiers: onlyOwner
- [Pub] enableBlacklist #
- modifiers: onlyOwner
- [Pub] disableBlacklist #
- modifiers: onlyOwner
- [Pub] exclude #
- modifiers: onlyOwner
- [Pub] removeExclude #
- modifiers: onlyOwner
- [Pub] setBuyTax #
- modifiers: onlyOwner
- [Pub] setSellTax #
- modifiers: onlyOwner
- [Pub] setTaxWallets #
- modifiers: onlyOwner
- [Pub] enableTax #
- modifiers: onlyOwner
- [Pub] disableTax #
- modifiers: onlyOwner
- [Pub] isBlacklisted
- [Pub] isExcluded
- [Ext] ($)