Sleepy Sloth - Smart Contract Audit Report

Summary

Sleepy Audit Report Sleepy Sloth is a deflationary token with frictionless fee redistribution on the Binance Smart Chain.

We audited Sleepy Sloth's token contract, deployed at 0x86432b9bea373172c852d5bbab1c275fec3f15ae, and the project's IDO contract deployed at 0xDf6fF105CA36fc7E279b31bCF1c9b63f5A84a6EA on the BSC mainnet.

Overview of the Contracts:
  • The total supply of the token is one quadrillion. No tokens can be minted after deployment.
  • There is a tax on transfers, the value of which will be set by the team.
  • Users who hold tokens will automatically receive a portion of the fees from transfers instantly.
  • Another portion of the the transfer fee shall be burned, reducing the total supply.
  • By default, users are time-limited in their transactions; meaning they can only transfer the token once every 10 minutes. There is also a maximum number of tokens that can be moved in each transaction. These anti-bot mechanisms are intended to be removed shortly after the launch of the project, though the owner can re-enable them and update the time limit at any time.
  • The owner can blacklist any address, preventing them from transfering tokens, as well as pause all transfers of the token.
  • The owner has the ability to set the transaction fee that is used in the redistribution and the burn fee at any time. Each tax fee must be between 1% and 10%.
  • Owners have the ability to exclude and include users from the fee mechanism.

  • The IDO contract allows users to contribute BNB in order to be sent tokens at the presale price.
  • Users can contribute a minimum of 0.1 BNB and a maximum of 1 BNB.
  • There is a hard-cap of 100 BNB that can be raised through the IDO.
  • The project team intends to airdrop presale participants tokens based on each purchaser's contribution as stored in the contract.
  • Both contracts utilize Solidity 0.8.x which has built-in checks to prevent overflows.
Audit Findings Summary
  • No security issues were detected in the analysis.
  • As with any presale, ensure trust in the team prior to investing.
  • Further, ensure trust in the team as they have substantial control in the ecosystem.
  • The developer of the project is publicly known.
  • Date: April 23th, 2021
  • Update Date: April 30th, 2021 - Addition of anti-bot logic.

External Threat Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APass
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Details: Token Contract


ERC20 Token Graph

Multi-file Token

												
($) = payable function
 # = non-constant function
  
 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  Token (Context, IERC20, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcluded
    - [Pub] totalFees
    - [Pub] totalBurn
    - [Pub] deliver #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Ext] excludeAccount #
       - modifiers: onlyOwner
    - [Ext] includeAccount #
       - modifiers: onlyOwner
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Prv] _transferBothExcluded #
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _getTaxFee
    - [Ext] _setTaxFee #
       - modifiers: onlyOwner
    - [Ext] _setBurnFee #
       - modifiers: onlyOwner
    - [Prv] _getMaxTxAmount
							

Details: IDO Contract


ERC20 Token Graph

Multi-file Token

												
($) = payable function
 # = non-constant function
  
 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] EnumerableSet 
    - [Prv] _add #
    - [Prv] _remove #
    - [Prv] _contains
    - [Prv] _length
    - [Prv] _at
    - [Int] add #
    - [Int] remove #
    - [Int] contains
    - [Int] length
    - [Int] at
    - [Int] add #
    - [Int] remove #
    - [Int] contains
    - [Int] length
    - [Int] at
    - [Int] add #
    - [Int] remove #
    - [Int] contains
    - [Int] length
    - [Int] at

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  IDO (Ownable)
    - [Pub] sendBNB ($)
    - [Ext] withdrawBNB #
       - modifiers: onlyOwner
    - [Ext] setIsActive #
       - modifiers: onlyOwner
    - [Ext] getAllocation
       - modifiers: onlyOwner
							
-->