Sleepy Sloth - Smart Contract Audit Report
Summary
Sleepy Sloth is a deflationary token with frictionless fee redistribution on the Binance Smart Chain.
We audited Sleepy Sloth's token contract, deployed at 0x86432b9bea373172c852d5bbab1c275fec3f15ae, and the project's IDO contract deployed at 0xDf6fF105CA36fc7E279b31bCF1c9b63f5A84a6EA on the BSC mainnet.
Overview of the Contracts:Audit Findings Summary
- The total supply of the token is one quadrillion. No tokens can be minted after deployment.
- There is a tax on transfers, the value of which will be set by the team.
- Users who hold tokens will automatically receive a portion of the fees from transfers instantly.
- Another portion of the the transfer fee shall be burned, reducing the total supply.
- By default, users are time-limited in their transactions; meaning they can only transfer the token once every 10 minutes. There is also a maximum number of tokens that can be moved in each transaction. These anti-bot mechanisms are intended to be removed shortly after the launch of the project, though the owner can re-enable them and update the time limit at any time.
- The owner can blacklist any address, preventing them from transfering tokens, as well as pause all transfers of the token.
- The owner has the ability to set the transaction fee that is used in the redistribution and the burn fee at any time. Each tax fee must be between 1% and 10%.
- Owners have the ability to exclude and include users from the fee mechanism.
- The IDO contract allows users to contribute BNB in order to be sent tokens at the presale price.
- Users can contribute a minimum of 0.1 BNB and a maximum of 1 BNB.
- There is a hard-cap of 100 BNB that can be raised through the IDO.
- The project team intends to airdrop presale participants tokens based on each purchaser's contribution as stored in the contract.
- Both contracts utilize Solidity 0.8.x which has built-in checks to prevent overflows.
- No security issues were detected in the analysis.
- As with any presale, ensure trust in the team prior to investing.
- Further, ensure trust in the team as they have substantial control in the ecosystem.
- The developer of the project is publicly known.
- Date: April 23th, 2021
- Update Date: April 30th, 2021 - Addition of anti-bot logic.
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | Pass |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Details: Token Contract
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ Token (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcluded
- [Pub] totalFees
- [Pub] totalBurn
- [Pub] deliver #
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Ext] excludeAccount #
- modifiers: onlyOwner
- [Ext] includeAccount #
- modifiers: onlyOwner
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _getTaxFee
- [Ext] _setTaxFee #
- modifiers: onlyOwner
- [Ext] _setBurnFee #
- modifiers: onlyOwner
- [Prv] _getMaxTxAmount
Details: IDO Contract
($) = payable function
# = non-constant function
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Prv] _verifyCallResult
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] EnumerableSet
- [Prv] _add #
- [Prv] _remove #
- [Prv] _contains
- [Prv] _length
- [Prv] _at
- [Int] add #
- [Int] remove #
- [Int] contains
- [Int] length
- [Int] at
- [Int] add #
- [Int] remove #
- [Int] contains
- [Int] length
- [Int] at
- [Int] add #
- [Int] remove #
- [Int] contains
- [Int] length
- [Int] at
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ IDO (Ownable)
- [Pub] sendBNB ($)
- [Ext] withdrawBNB #
- modifiers: onlyOwner
- [Ext] setIsActive #
- modifiers: onlyOwner
- [Ext] getAllocation
- modifiers: onlyOwner