|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||Pass|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
OurGlass - Smart Contract Audit Report
OurGlass is a new competitor in the meme-coin space that has gained a large community following in a short timeframe.We audited OurGlass's token contract at 0x9c9d4302a1a550b446401e56000f76bc761c3a33 on the Binance Smart Chain mainnet, and their staking contract using code provided to us by the team.
Notes on the Token Contract:
Notes on the Staking Contract:
- The total supply of the token is set to one quadrillion.
- No mint or burn functions are present; though the circulating supply can be reduced by sending tokens to the burn address, if desired.
- As of the date of this report, ~6.2% of the token's supply has been sent to the burn address.
- Pancakeswap holds ~11% of the token's supply as liquidity.
- 92% of liquidity has been locked in an unverified contract.
- The next largest holder has ~5.9%.
- Users who hold tokens will automatically receive a portion the fees from a transaction tax on each transfer.
- A portion of the fee charged on transactions is stored in the contract and, once a threshold value is met, used to fund PancakeSwap liqudity.
- Liquidity-adds are funded by selling half of the tokens collected as fees, pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
- The owner of the contract will receive the LP tokens added from this process.
- There is a transfer limit of 5 trillion tokens per transaction.
- The owner of the contract can exclude and include users from transfer fees, update the maximum transaction amount, and update the fee percentages to any value.
- Some functions could have been declared external instead of public to save some gas, but as this is already deployed this is merely informational.
- The contract utilizes SafeMath libraries to prevent overflows along with following the BEP20 standard.
- Users can deposit their GLASS tokens in this contract in order to earn further rewards in GLASS.
- Users can refer other users to deposit. To do so, they must have deposited at least 1 million tokens.
- The largest depositer and one pseudo-randomly chosen user will receive a reward each day .
- The randomness function, to an extent, relies on predictable environment variables. This is common, albiet not best practice; but the probability of miners maliciously changing these variables is extremley low.
- The team has worked with us to improve this contract for gas optimization and resolve issues around unbounded loops.
- SafeMath is utilized to prevent overflow issues.
Audit Findings Summary:
- No security issues were identified in our analysis.
- Ensure trust in the team as they have substantial control in the ecosystem and hold a modest number of tokens. We strongly recommend renouncing ownership.
- Be aware of the relatively low amount of liquidity available.
- Date: May 19th, 2021
- Update Date: May 25th, 2021 - Minor changes to the staking contract. Substantial issues exist.
- Update Date: June 14th, 2021 - Substantial logic rewrite to the staking contract to resolve numerous issues.
Details: OurGlass Token Contract
($) = payable function # = non-constant function + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + Context - [Int] _msgSender - [Int] _msgData + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Int]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Pub] geUnlockTime - [Pub] lock # - modifiers: onlyOwner - [Pub] unlock # + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] mint # - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + OurGlass (Context, IERC20, Ownable) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] deliver # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Prv] _transferBothExcluded # - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Ext] setLiquidityFeePercent # - modifiers: onlyOwner - [Ext] setMaxTxPercent # - modifiers: onlyOwner - [Pub] setSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Ext] ($) - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateTaxFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Prv] _approve # - [Prv] _transfer # - [Prv] swapAndLiquify # - modifiers: lockTheSwap - [Prv] swapTokensForEth # - [Prv] addLiquidity # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded #
Details: OurStake Staking Contract
($) = payable function # = non-constant function + OurGame - [Pub]
# - [Ext] ($) - [Ext] changeDev # - modifiers: onlyDev - [Ext] setMinRandDeposit # - modifiers: onlyDev - [Ext] setMinDaysStale # - modifiers: onlyDev - [Pub] clearStaleUsers # - [Int] _popUser # - [Ext] timeToReward - [Ext] random - [Int] _random - [Ext] trySendReward # - [Int] _trySendReward # - [Int] _deposit # - [Ext] deposit # - [Ext] deposit # - [Pub] getRewards - [Int] _rewardUsers # - [Ext] claim # - [Ext] dripRewards # - [Int] _dripRewards # - [Int] _getRewardDrip - [Ext] getRewardDrip - [Ext] getDayDripEstimate - [Ext] getTotalRewards - [Ext] userInfo - [Ext] userInfoTotals - [Ext] contractInfo - [Ext] getGlassBalancePool - [Int] _getGlassBalancePool - [Int] _getGlassBalance - [Ext] getGlassBalance + [Lib] SafeMath - [Int] mul - [Int] div - [Int] sub - [Int] add + [Int] IBEP20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] transfer # - [Ext] approve # - [Ext] transferFrom #