PolyCash Token & Farm - Smart Contract Audit Report
Summary
PolyCash is new token and yield farming platform.
We reviewed PolyCash's contracts at the following addresses on the Polygon Mainnet:
Notes on the Token Contract:
- Currently, the total supply of the token is 4,630.
- 42.9% of the token's supply is in the liquidity pool.
- 42% of the token's supply is held in the MasterChef staking contract.
- No further tokens can be minted, though tokens can be burned.
- No ownership-related functions exist.
- Utilization of SafeMath throughout the platform to prevent overflow issues.
- Some gas optimizations can be achieved through marking functions external instead of public. As this contract is already deployed, this is informational.
- The contract utilizes SafeMath to prevent overflows.
Notes on the MasterChef Staking Contract:- Users can stake various tokens in this contract to earn rewards in the form of the project's native PolyCash token.
- Users can also earn further token rewards by refering others to deposit into the contract.
- The team will set the reward rate for each pool when added and can update it at any time. Rewards are created by minting tokens.
- The developers will be minted some tokens from rewards to incentivize further development.
As this contract is already deployed, this is informational.- Some gas optimizations can be achieved through marking functions external instead of public. As this contract is already deployed, this is informational.
- The team must exercise caution when adding tokens to avoid fee-on-transfer and ERC777-compliant tokens.
- Utilization of SafeMath to prevent overflow issues.
Audit Findings Summary
- No issues from external attackers were identified.
- Ensure trust in the team as they have some control in the ecosystem.
- Date: June 8th, 2021
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Details: Token Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ ERC20 (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] mint #
- modifiers: onlyOwner
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _burnFrom #
+ CashToken (ERC20)
- [Pub] mint #
- modifiers: onlyOwner
- [Pub] #
- modifiers: ERC20
- [Pub] maxTransferAmount
- [Pub] updateMaxTransferAmountRate #
- modifiers: onlyOperator
- [Pub] isExcludedFromAntiWhale
- [Pub] setExcludedFromAntiWhale #
- modifiers: onlyOperator
- [Int] _transfer #
- modifiers: antiWhale
- [Pub] transferOperator #
- modifiers: onlyOperator
- [Ext] delegates
- [Ext] delegate #
- [Ext] delegateBySig #
- [Ext] getCurrentVotes
- [Ext] getPriorVotes
- [Int] _delegate #
- [Int] _moveDelegates #
- [Int] _writeCheckpoint #
- [Int] safe32
- [Int] getChainId Details: MasterChef Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ ReentrancyGuard
- [Int] #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ ERC20 (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] mint #
- modifiers: onlyOwner
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _burnFrom #
+ CashToken (ERC20)
- [Pub] mint #
- modifiers: onlyOwner
- [Pub] #
- modifiers: ERC20
- [Pub] maxTransferAmount
- [Pub] updateMaxTransferAmountRate #
- modifiers: onlyOperator
- [Pub] isExcludedFromAntiWhale
- [Pub] setExcludedFromAntiWhale #
- modifiers: onlyOperator
- [Int] _transfer #
- modifiers: antiWhale
- [Pub] transferOperator #
- modifiers: onlyOperator
- [Ext] delegates
- [Ext] delegate #
- [Ext] delegateBySig #
- [Ext] getCurrentVotes
- [Ext] getPriorVotes
- [Int] _delegate #
- [Int] _moveDelegates #
- [Int] _writeCheckpoint #
- [Int] safe32
- [Int] getChainId
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] _callOptionalReturn #
+ [Int] IReferral
- [Ext] recordReferral #
- [Ext] getReferrer
+ MasterChef (Ownable, ReentrancyGuard)
- [Pub] #
- [Ext] poolLength
- [Ext] getPoolIdForLpToken
- [Ext] add #
- modifiers: onlyOwner,nonDuplicated
- [Ext] set #
- modifiers: onlyOwner
- [Pub] getMultiplier
- [Ext] pendingCash
- [Pub] canHarvest
- [Pub] getHarvestUntil
- [Pub] massUpdatePools #
- [Pub] updatePool #
- [Pub] deposit #
- modifiers: nonReentrant
- [Pub] withdraw #
- modifiers: nonReentrant
- [Int] payOrLockupPendingCASH #
- [Pub] emergencyWithdraw #
- modifiers: nonReentrant
- [Int] safeCashTransfer #
- [Ext] setDevAddress #
- modifiers: onlyOwner
- [Ext] setFeeAddress #
- modifiers: onlyOwner
- [Ext] setVaultAddress #
- modifiers: onlyOwner
- [Ext] updateEmissionRate #
- modifiers: onlyOwner
- [Ext] setReferralAddress #
- modifiers: onlyOwner
- [Ext] setReferralCommissionRate #
- modifiers: onlyOwner
- [Int] payReferralCommission #
- [Ext] updateStartBlock #
- modifiers: onlyOwner
- [Ext] updateVaultDepositShare #
- modifiers: onlyOwner Details: Referral Contract
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] _callOptionalReturn #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IReferral
- [Ext] recordReferral #
- [Ext] getReferrer
+ Referral (IReferral, Ownable)
- [Pub] recordReferral #
- modifiers: onlyOperator
- [Pub] getReferrer
- [Ext] updateOperator #
- modifiers: onlyOwner