Raini Staking - Smart Contract Audit Report
Summary
Raini has launched a token which we previously reviewed here. Now, the team has worked to develop a staking platform.
For this audit, we analyzed the project's Raini and Raini-LP staking contracts. We reviewed the contracts at 0xA240a29355EB847667178F860b13124DEf0e71C7 and 0x2927a1712f3Eb8ED22bBFeccaBB4392fC16A4f6A on the Ethereum Mainnet.Notes on the Contracts:These two contracts allow users to stake Raini tokens and Raini-LP tokens into the separate contracts. The two staking contracts are essentially identical, with the only differences being the naming of some functions and the reward rates of each. Users staking in the contracts will earn Rainbow and Unicorn points; which can later be redeemed for NFTs. (The NFT platform is still in development). Users can also purchase these points directly using ETH, which the team can later claim. There are no fees on the platform. The owner can set the rainbow/unicorn to ETH conversion rate, reward rate, minimum stake, and bonus variables at any time. The owner can also set addresses to have the minter role, burner role, or the admin (owner) role. The team has worked with us to improve the safety and efficiency of these contracts. SafeMath is properly utilized to prevent overflows.
Audit Findings Summary:
- No security issues from outside attackers were identified.
- Ensure trust in the team as they have notable control in the ecosystem.
- The team lead has completed KYC with our firm.
- Date: April 19th, 2021
- Update Date: April 20th, 2021 - Implementation of recommendations; deployment to mainnet.
Combined External Threat Results
Vulnerability Category | Notes | Result |
---|---|---|
Arbitrary Storage Write | N/A | PASS |
Arbitrary Jump | N/A | PASS |
Delegate Call to Untrusted Contract | N/A | PASS |
Dependence on Predictable Variables | N/A | PASS |
Deprecated Opcodes | N/A | PASS |
Ether Thief | N/A | PASS |
Exceptions | N/A | PASS |
External Calls | N/A | PASS |
Integer Over/Underflow | N/A | PASS |
Multiple Sends | N/A | PASS |
Suicide | N/A | PASS |
State Change External Calls | N/A | PASS |
Unchecked Retval | N/A | PASS |
User Supplied Assertion | N/A | PASS |
Critical Solidity Compiler | N/A | PASS |
Overall Contract Safety | PASS |
Details: RainiStakingPool
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
+ [Int] IERC165
- [Ext] supportsInterface
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] _callOptionalReturn #
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ ReentrancyGuard
- [Pub] #
+ [Int] IAccessControl
- [Ext] hasRole
- [Ext] getRoleAdmin
- [Ext] grantRole #
- [Ext] revokeRole #
- [Ext] renounceRole #
+ AccessControl (Context, IAccessControl, ERC165)
- [Pub] supportsInterface
- [Pub] hasRole
- [Pub] getRoleAdmin
- [Pub] grantRole #
- [Pub] revokeRole #
- [Pub] renounceRole #
- [Int] _setupRole #
- [Int] _setRoleAdmin #
- [Prv] _grantRole #
- [Prv] _revokeRole #
+ RainiStakingPool (AccessControl, ReentrancyGuard)
- [Pub] #
- [Pub] getRewardByDuration
- [Pub] getStaked
- [Pub] balanceOf
- [Pub] getCurrentBonus
- [Pub] getCurrentAvgBonus
- [Ext] setReward #
- modifiers: onlyOwner
- [Ext] setRainbowToEth #
- modifiers: onlyOwner
- [Ext] setBonus #
- modifiers: onlyOwner
- [Ext] setRainiToken #
- modifiers: onlyOwner
- [Ext] stake #
- modifiers: nonReentrant,balanceUpdate
- [Ext] withdraw #
- modifiers: nonReentrant,balanceUpdate
- [Ext] mint #
- modifiers: onlyMinter
- [Ext] buyRainbow ($)
- [Ext] burn #
- modifiers: nonReentrant,onlyBurner,balanceUpdate
- [Prv] calculateReward
- [Prv] calculateBonus
Details: RainiLPStakingPool
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
+ [Int] IERC165
- [Ext] supportsInterface
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] _callOptionalReturn #
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ ReentrancyGuard
- [Pub] #
+ [Int] IAccessControl
- [Ext] hasRole
- [Ext] getRoleAdmin
- [Ext] grantRole #
- [Ext] revokeRole #
- [Ext] renounceRole #
+ AccessControl (Context, IAccessControl, ERC165)
- [Pub] supportsInterface
- [Pub] hasRole
- [Pub] getRoleAdmin
- [Pub] grantRole #
- [Pub] revokeRole #
- [Pub] renounceRole #
- [Int] _setupRole #
- [Int] _setRoleAdmin #
- [Prv] _grantRole #
- [Prv] _revokeRole #
+ RainiLpStakingPool (AccessControl, ReentrancyGuard)
- [Pub] #
- [Pub] getRewardByDuration
- [Pub] getStaked
- [Pub] balanceOf
- [Pub] getCurrentBonus
- [Pub] getCurrentAvgBonus
- [Ext] setReward #
- modifiers: onlyOwner
- [Ext] setUnicornToEth #
- modifiers: onlyOwner
- [Ext] setBonus #
- modifiers: onlyOwner
- [Ext] setRainiLpToken #
- modifiers: onlyOwner
- [Ext] stake #
- modifiers: nonReentrant,balanceUpdate
- [Ext] withdraw #
- modifiers: nonReentrant,balanceUpdate
- [Ext] mint #
- modifiers: onlyMinter
- [Ext] buyUnicorn ($)
- [Ext] burn #
- modifiers: nonReentrant,onlyBurner,balanceUpdate
- [Prv] calculateReward
- [Prv] calculateBonus