|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||Pass|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
SuperBase Token - Audit Report
SummarySuperBase is a new rebase token.
We reviewed SuperBase at 0x92E1b3BfA290c65C42a5ba55eAaF8408f0f9dd34 on the Ethereum mainnet.
Notes on the Contract:
The SuperBase token rebases based on data provided by the team. Tokens can only be minted via the rebase function. The rebase function can only be called by an address which is either the contract's owner and has the rebaser role. The contract uses the fee-redistribution method from RFI. The contract charges an fee on transfers; the proceeds of which are partially redistributed to existing token holders instantly and automatically at the time of each transaction. The other portion of the fee charged on transactions is stored in the contract and, once a threshold value is met, used to fund UniSwap liqudity. Liquidity-adds are funded by selling half of the tokens collected as fees, pairing the received ETH with the token, and adding it as liquidity to the ETH pair. The owner can exclude any address from the fee mechanism. There is an additional fee incurred on selling the token, which the owner can update. The team can update the fees incurred on transfers at any time as well as the address of the rebaser. The owner/rebaser provides the supply delta (change in SushiSwap/UniSwap liquidity) manually when rebasing. The owner of the contract can exclude and include users from the fee mechanism. The rebase function properly calls sync() on the Uniswap pair contract(s) to prevent theft-of-liquidity attacks which have occured with other rebase tokens. The owner can add/remove other liquidity pools to this list to sync them after rebases. Some functions can be declared external instead of public to save some gas. The contract utilizes SafeMath libraries to prevent overflows along with following the ERC20 standard.
Audit Findings Summary:
No security issues from external attackers were identified. Investing requires placing substantial trust in the project team as they have significant control over the ecosystem and must provide rebase data manually. Date: April 30th, 2021. Update May 1st - The team has retained 22% of the supply. Ensure trust in the team as these tokens are unlocked.
($) = payable function # = non-constant function + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Context - [Int] _msgSender - [Int] _msgData + Ownable (Context) - [Int]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner + Rebasable (Ownable) - [Int] # - [Pub] Rebaser - [Pub] transferRebasership # - modifiers: onlyOwner + [Int] IUniswapV2Factory - [Ext] createPair # + [Int] IUniswapV2Pair - [Ext] sync # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) + SUPERBASE (Ownable, Rebasable) - [Pub] # - modifiers: Ownable,Rebasable - [Pub] totalSupply - [Pub] getSellBurn - [Pub] getTxBurn - [Int] _isWhitelisted - [Int] _isUniswapPairAddress - [Ext] setWhitelistedTo # - modifiers: onlyOwner - [Ext] setTxFee # - modifiers: onlyOwner - [Ext] setFYFee # - modifiers: onlyOwner - [Ext] setSellFee # - modifiers: onlyOwner - [Ext] setBurnTop # - modifiers: onlyOwner - [Ext] setBurnBottom # - modifiers: onlyOwner - [Ext] setWhitelistedFrom # - modifiers: onlyOwner - [Ext] setUniswapPairAddress # - modifiers: onlyOwner - [Ext] addfuturePool # - modifiers: onlyOwner - [Ext] maxScalingFactor - [Int] _maxScalingFactor - [Pub] transfer # - [Pub] transferFrom # - [Pub] balanceOf - [Ext] balanceOfUnderlying - [Ext] allowance - [Pub] approve # - [Ext] increaseAllowance # - [Ext] decreaseAllowance # - [Prv] _approve # - [Pub] isExcluded - [Pub] totalFees - [Pub] reflect # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Ext] excludeAccount # - modifiers: onlyOwner - [Ext] includeAccount # - modifiers: onlyOwner - [Prv] _transfer # - [Ext] ($) - [Prv] swapAndLiquifyForEth # - modifiers: lockTheSwap - [Prv] swapTokensForEth # - [Prv] addLiquidityForEth # - [Prv] _transferStandard # - [Prv] _transferStandardSell # - [Prv] _transferStandardTx # - [Prv] _transferToExcluded # - [Prv] _transferToExcludedSell # - [Prv] _transferToExcludedTx # - [Prv] _transferFromExcluded # - [Prv] _transferFromExcludedSell # - [Prv] _transferFromExcludedTx # - [Prv] _transferBothExcluded # - [Prv] _transferBothExcludedSell # - [Prv] _transferBothExcludedTx # - [Prv] _scaling - [Prv] _reflectFee # - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRValues2 - [Prv] _getRate - [Prv] _getCurrentSupply - [Ext] _setRewardAddress # - modifiers: onlyOwner - [Ext] rebase # - modifiers: onlyRebaser - [Pub] getCurrentPoolAddress - [Pub] getCurrentPairTokenAddress - [Ext] _setMaxTxAmount # - modifiers: onlyOwner - [Ext] _setMinTokensBeforeSwap # - modifiers: onlyOwner - [Ext] _setAutoSwapCallerFee # - modifiers: onlyOwner - [Pub] updateSwapAndLiquifyEnabled # - modifiers: onlyOwner - [Ext] _enableTrading # - modifiers: onlyOwner + [Lib] SBASESafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod - [Int] ceil - [Int] divRound