Raini Staking - Smart Contract Audit Report

Summary

Raini has launched a token which we previously reviewed here. Now, the team has worked to develop a staking platform.

For this audit, we analyzed the project's Raini and Raini-LP staking contracts. We reviewed the contracts at 0xA240a29355EB847667178F860b13124DEf0e71C7 and 0x2927a1712f3Eb8ED22bBFeccaBB4392fC16A4f6A on the Ethereum Mainnet.

Notes on the Contracts:
These two contracts allow users to stake Raini tokens and Raini-LP tokens into the separate contracts.
The two staking contracts are essentially identical, with the only differences being the naming of some functions and the reward rates of each.
Users staking in the contracts will earn Rainbow and Unicorn points; which can later be redeemed for NFTs. (The NFT platform is still in development).
Users can also purchase these points directly using ETH, which the team can later claim.
There are no fees on the platform.

The owner can set the rainbow/unicorn to ETH conversion rate, reward rate, minimum stake, and bonus variables at any time.
The owner can also set addresses to have the minter role, burner role, or the admin (owner) role.
The team has worked with us to improve the safety and efficiency of these contracts.
SafeMath is properly utilized to prevent overflows.

Audit Findings Summary:
No security issues from outside attackers were identified.
Ensure trust in the team as they have notable control in the ecosystem.
The team lead has completed KYC with our firm.
Date: April 19th, 2021
Update Date: April 20th, 2021 - Implementation of recommendations; deployment to mainnet.

Combined External Threat Results

Vulnerability Category	Notes	Result
Arbitrary Storage Write	N/A	PASS
Arbitrary Jump	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Deprecated Opcodes	N/A	PASS
Ether Thief	N/A	PASS
Exceptions	N/A	PASS
External Calls	N/A	PASS
Integer Over/Underflow	N/A	PASS
Multiple Sends	N/A	PASS
Suicide	N/A	PASS
State Change External Calls	N/A	PASS
Unchecked Retval	N/A	PASS
User Supplied Assertion	N/A	PASS
Critical Solidity Compiler	N/A	PASS
Overall Contract Safety		PASS

Details: RainiStakingPool

Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview



 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Int] IERC165 
    - [Ext] supportsInterface

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] _callOptionalReturn #

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 +  ReentrancyGuard 
    - [Pub]  #

 + [Int] IAccessControl 
    - [Ext] hasRole
    - [Ext] getRoleAdmin
    - [Ext] grantRole #
    - [Ext] revokeRole #
    - [Ext] renounceRole #

 +  AccessControl (Context, IAccessControl, ERC165)
    - [Pub] supportsInterface
    - [Pub] hasRole
    - [Pub] getRoleAdmin
    - [Pub] grantRole #
    - [Pub] revokeRole #
    - [Pub] renounceRole #
    - [Int] _setupRole #
    - [Int] _setRoleAdmin #
    - [Prv] _grantRole #
    - [Prv] _revokeRole #

 +  RainiStakingPool (AccessControl, ReentrancyGuard)
    - [Pub]  #
    - [Pub] getRewardByDuration
    - [Pub] getStaked
    - [Pub] balanceOf
    - [Pub] getCurrentBonus
    - [Pub] getCurrentAvgBonus
    - [Ext] setReward #
       - modifiers: onlyOwner
    - [Ext] setRainbowToEth #
       - modifiers: onlyOwner
    - [Ext] setBonus #
       - modifiers: onlyOwner
    - [Ext] setRainiToken #
       - modifiers: onlyOwner
    - [Ext] stake #
       - modifiers: nonReentrant,balanceUpdate
    - [Ext] withdraw #
       - modifiers: nonReentrant,balanceUpdate
    - [Ext] mint #
       - modifiers: onlyMinter
    - [Ext] buyRainbow ($)
    - [Ext] burn #
       - modifiers: nonReentrant,onlyBurner,balanceUpdate
    - [Prv] calculateReward
    - [Prv] calculateBonus

Details: RainiLPStakingPool

Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview



 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Int] IERC165 
    - [Ext] supportsInterface

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] _callOptionalReturn #

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 +  ReentrancyGuard 
    - [Pub]  #

 + [Int] IAccessControl 
    - [Ext] hasRole
    - [Ext] getRoleAdmin
    - [Ext] grantRole #
    - [Ext] revokeRole #
    - [Ext] renounceRole #

 +  AccessControl (Context, IAccessControl, ERC165)
    - [Pub] supportsInterface
    - [Pub] hasRole
    - [Pub] getRoleAdmin
    - [Pub] grantRole #
    - [Pub] revokeRole #
    - [Pub] renounceRole #
    - [Int] _setupRole #
    - [Int] _setRoleAdmin #
    - [Prv] _grantRole #
    - [Prv] _revokeRole #

 +  RainiLpStakingPool (AccessControl, ReentrancyGuard)
    - [Pub]  #
    - [Pub] getRewardByDuration
    - [Pub] getStaked
    - [Pub] balanceOf
    - [Pub] getCurrentBonus
    - [Pub] getCurrentAvgBonus
    - [Ext] setReward #
       - modifiers: onlyOwner
    - [Ext] setUnicornToEth #
       - modifiers: onlyOwner
    - [Ext] setBonus #
       - modifiers: onlyOwner
    - [Ext] setRainiLpToken #
       - modifiers: onlyOwner
    - [Ext] stake #
       - modifiers: nonReentrant,balanceUpdate
    - [Ext] withdraw #
       - modifiers: nonReentrant,balanceUpdate
    - [Ext] mint #
       - modifiers: onlyMinter
    - [Ext] buyUnicorn ($)
    - [Ext] burn #
       - modifiers: nonReentrant,onlyBurner,balanceUpdate
    - [Prv] calculateReward
    - [Prv] calculateBonus

Go Home