Plethori Token - Smart Contract Audit Report
Summary
Plethori is a new project which intends to build a decentralized cross-chain investment platform for open trading and creation of trustless ETFs.
For this audit we reviewed the project's token contract provided to us by the team. Source code is available below.
Please note we have not reviewed the project's staking platform.
.
Notes of the Token Contract:Notes on the Staking Contract: (Added May 1)
- The initial total supply is 100 million tokens.
- At the time of deployed, the team will receive the total supply.
- There is no way for tokens to be minted after deployment.
- No ownership-restricted functions are present.
- All public functions could be declared external instead of public to save a minimal amount of gas.
- The token contract complies with the ERC20 standard.
Users can stake their Plethori tokens in this contract to earn rewards in Plethori tokens. There is a 1.5% fee associated with making a deposit into the contract. The reward rate for deposits is hard-coded at 40% per year. Rewards will accrue once per day. There is a 0.5% fee associated with withdrawing from the contract No ownership-restricted functions are present. The team must manually provide the tokens to serve as rewards for this contract. Utilization of SafeMath to prevent overflow issues.
Audit Findings Summary:
- No threats from external attackers were identified.
- As with any presale, ensure trust in the team prior to investing.
- Ensure trust in the team as they will need to provide staking rewards manually (Added May 1)
- Date: April 28th, 2021.
- Update Date: May 1st, 2021 - Addition of analysis on Staking contract.
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | Pass |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
PLE Token Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Plethori
- [Pub] #
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] approve #
- [Ext] allowance
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] sub
- [Int] add
PLE Staking Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
+ [Lib] EnumerableSet
- [Prv] _add #
- [Prv] _remove #
- [Prv] _contains
- [Prv] _length
- [Prv] _at
- [Int] add #
- [Int] remove #
- [Int] contains
- [Int] length
- [Int] at
- [Int] add #
- [Int] remove #
- [Int] contains
- [Int] length
- [Int] at
+ [Int] IERC20
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] transfer #
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] Address
- [Int] isContract
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Pub] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] callOptionalReturn #
+ Ownable
- [Pub] #
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ PleStaking (Ownable)
- [Pub] #
- [Prv] updateAccount #
- [Pub] getPendingDivs
- [Pub] getNumberOfHolders
- [Pub] stake #
- [Pub] unstake #
- [Pub] claimDivs #
- [Pub] getStakersList