PocMon - Smart Contract Audit Report
PocMon ($MON) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 300 million $MON [300,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 56.81% of the total $MON token supply belongs to a token vesting contract.
- 8.3% of the total supply is in Pancakeswap liquidity.
- Of that liquidity, 81% of the LP tokens are stored in an ERC1967Proxy contract.
- 17.78% of the LP tokens belong to the PocMon contract address.
- There is a 'reflection fee', 'liquidity fee', and 'gem fee' on all transactions for any "non-excluded" address that participates in a transfer.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the reflection fee are removed from the circulating supply.
- The liquidity fee charged on transactions is stored in the contract and, once a threshold value (determined by the owner ) is met, is used to fund Pancakeswap liquidity. This functionality can be enabled/disabled by the owner.
- Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshold as determined by the owner is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
- The remaining portion of tokens in the contract are swapped for BNB and sent to the team's gem wallet. The proportion of tokens/BNB to add to liquidity and BNB to be sent to the gem wallet are based on the values of the liquidity fee and gem fee.
- The team must exercise caution when setting these fees as they have an affect on the automatic liquidty-adds.
- The contract address is the recipient of these LP tokens. This method will cause these LP tokens to be inaccessible, which is in an effective way to permanently lock the liquidity.
- If fees are applied to a user when they are buying tokens from Pancakeswap, they will be compensated for those fees in the form of the project team's GEM token which are minted to the recipient.
- The GEM token contract was out of scope for the purpose of this audit and was not reviewed by our team.
- The owner has the ability to modify the reflection fee, liquidity fee, and gem fee to any percentages as long as the total percentage of the three fees combined is under 15%.
- The owner of the contract can exclude and include accounts from transfer fees and reward distribution.
- The owner has the ability to set and update a maximum transaction amount to any value above 1,500,000 tokens at any time. This will impose a limit to the number of tokens that can be transferred during any given transaction.
- This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The owner has the ability to update the Pancakeswap Router address at any time.
- The owner of the contract does not have the ability to pause trading or restrict users from buying or selling their tokens.
- Ownership has not been renounced.
- As the project is implemented with Solidity v.8.0, it is protected from overflows.
- No external threats were identified.
- Please ensure trust in the team prior to investing as they have some control in the ecosystem.
- Date: October 16th, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + Ownable (Context) - [Pub]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner - [Prv] _setOwner # + [Lib] SafeMath - [Int] tryAdd - [Int] trySub - [Int] tryMul - [Int] tryDiv - [Int] tryMod - [Int] add - [Int] sub - [Int] mul - [Int] div - [Int] mod - [Int] sub - [Int] div - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Int] functionStaticCall - [Int] functionStaticCall - [Int] functionDelegateCall # - [Int] functionDelegateCall # - [Int] verifyCallResult + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] mint # - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + PocMon (Ownable, IERC20) - [Pub] # - modifiers: Ownable - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setReflectionFeePercent # - modifiers: onlyOwner - [Ext] setGemFeePercent # - modifiers: onlyOwner - [Ext] setLiquidityFeePercent # - modifiers: onlyOwner - [Pub] setMaxTxAmount # - modifiers: onlyOwner - [Pub] setSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Ext] reflectionFee - [Ext] gemFee - [Ext] liquidityFee - [Ext] ($) - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateReflectionFee - [Prv] calculateGemFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Ext] setRouterAddress # - modifiers: onlyOwner - [Ext] setNumTokensSellToAddToLiquidity # - modifiers: onlyOwner - [Ext] setGemWallet # - modifiers: onlyOwner - [Ext] gemWallet - [Pub] isExcludedFromFee - [Prv] _approve # - [Prv] _transfer # - [Prv] swapTokensForBnb # - [Prv] swapAndLiquify # - modifiers: lockTheSwap - [Prv] addLiquidity # - [Prv] _tokenTransfer # - [Int] _getBnbEquivalent - [Prv] _compensateFee # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # + [Int] IGEM - [Ext] compensateBnb #