Pegazus Finance - Smart Contract Audit Report
Pegazus ($PEG) is a new DeFi project that automatically provides rewards to users who hold the token via frictionless fee redistribution while implementing an automatic burn and donations.
Notes on the Contract:
Audit Findings Summary
- Pegazus's code implements and builds upon the fee-redistribution features pioneered by Reflect Finance.
- The total supply of the token is initially set to one quadrillion [1,000,000,000,000,000].
- There is a burn function that will allow holders to send tokens to the burn address. The burn address will participate in the reward distribution (as a regular holder) and increase proportionally to the rewards it receives (unless the owner specifically decides to exclude it). This is often used as a deflationary mechanism.
- There is a maximum transaction amount that is currently set to the total token supply, however the owner has the ability to modify the maximum transaction amount at any time.
- There is a 'tax fee', 'burn fee', and 'donation fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify these fees to any percentage at any time.
- A portion of the tax fee is redistributed to existing token holders instantly and automatically at the time of each transaction.
- The tokens collected from the 'burn fee' are automatically burned at the time of each transaction.
- The tokens collected from the 'donation fee' are automatically distributed across 3 different 'charity' wallets, where the addresses can be modified by the owner at any time.
- The SwapAndLiquify functionality seems to sell the $PEG and convert 100% of it to BNB. The charity addresses receive all of the BNB created from this process and no LP contributions are made within the contract.
- Given the current structure of the contract, the PancakeSwap V2 liquidity will continue to deplete unless liquidity is provided by individual contributions.
- The owner of the contract can exclude and include accounts from transfer fees.
- The owner of the contract can exclude and include accounts from the reward distribution.
- Ownership has not been renounced.
- The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function. Ownership can additionally be restored (even if ownership was previously renounced), by using the unlock function a second time.
- The contract utilizes SafeMath libraries along with following the BEP20 standard.
- No external threats were identified.
- We strongly recommend that the team renounces ownership without setting a lock.
- As with any token, please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
- Date: June 15th, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Int]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Pub] getUnlockTime - [Pub] getTime - [Pub] lock # - modifiers: onlyOwner - [Pub] unlock # + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + PegazusFinance (Context, IERC20, Ownable) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] totalBurn - [Pub] totalDonationBNB - [Pub] minimumTokensBeforeSwapAmount - [Pub] deliver # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Prv] _approve # - [Prv] _transfer # - [Prv] swapAndLiquify # - modifiers: lockTheSwap - [Prv] swapTokensForBNB # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateTaxFee - [Prv] calculateBurnFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Ext] setBurnFeePercent # - modifiers: onlyOwner - [Ext] setDonationFeePercent # - modifiers: onlyOwner - [Ext] setDonationAddress1 # - modifiers: onlyOwner - [Ext] setDonationAddress2 # - modifiers: onlyOwner - [Ext] setDonationAddress3 # - modifiers: onlyOwner - [Ext] setMaxTxPercent # - modifiers: onlyOwner - [Pub] getUnlockTimeSeconds - [Pub] getUnlockTimeDays - [Ext] setNumTokensSellToAddToLiquidity # - modifiers: onlyOwner - [Pub] setSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Prv] TransferCharityBNB # - [Ext] ($)