SavePlanetEarth - Smart Contract Audit Report
Summary
SavePlanetEarth ($SPE) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.
Notes on the Contract:Ownership Controls:
- The total supply of the token is set to 1 billion $SPE [1,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 40.95% of the total supply has been sent to the 0x..dead address.
- 20.84% of the total supply belongs to the deployer.
- 3.13% of the total supply is in Pancakeswap BUSD liquidity.
- Of that liquidity, 100% of the LP tokens belong to an unverified contract.
- 2.65% of the total supply is in Pancakeswap BNB liquidity.
- Of that liquidity, 95.91% of the LP tokens belong to an unverified contract.
- There is a tax fee, liquidity fee, and dev fee on all transactions for any "non-excluded" address that participates in a transfer with Pancakeswap, or any address that is buying from/selling to a contract address. A separate fee structure can be set by the team to apply different fee amounts depending on whether the user is buying or selling during the transfer.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
- The tokens collected from the liquidity fee during transfers are stored in the contract address balance. Once the threshold value (determined by the owner) is met, a swap will occur for the purpose of funding Pancakeswap liquidity. This functionality can be disabled by the owner at any time.
- Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshold as determined by the owner is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
- The recipient of the newly created LP tokens is the team's 'LiqWalletAddress'. We recommend that the team lock these newly acquired LP tokens.
- The tokens collected from the dev fee are allocated to the team's dev wallet.
- As the project is deployed with Solidity v0.8.7, it is protected from overflows.
Audit Findings Summary
- Ownership has not been renounced.
- The owner can set the tax fee, liquidity fee, and dev fee on buying transactions to any percentage as long as the combined total fees are less than 10%. This same logic applies to the owner's ability to set the fee percentage on selling transactions.
- The owner can disable all buying/selling transactions with Pancakeswap at any time.
- The owner can exclude and include accounts from transfer fees and reward distribution.
- The owner can set and update a maximum transaction percent at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction.
- This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The owner can enable/disable the swap and liquify functionality at any time.
- The owner can update the minimum threshold needed for swapping tokens at any time.
- The owner can enable/disable transfer fees on all transactions at any time.
- The owner can withdraw any BNB or BEP20 tokens erroneously sent to the contract address at any time.
- The owner can update the team's LiqWallet and DevWallet to any addresses at any time.
- The owner can blacklist any addresses from being able to participate in transfers.
- The owner can update the Pancakeswap Pair and Router addresses at any time.
- No external threats were identified.
- Please ensure trust in the team prior to investing as they have notable control in the ecosystem.
- Date: October 18th, 2021
- Updated: January 21st, 2022 to reflect the contract's new mainnet address.
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _transferOwnership #
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Int] functionStaticCall
- [Int] functionStaticCall
- [Int] functionDelegateCall #
- [Int] functionDelegateCall #
- [Int] verifyCallResult
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ TestSavePlanetEarth (Context, IERC20, Ownable)
- [Pub] #
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Pub] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
- [Ext] increaseAllowance #
- [Ext] decreaseAllowance #
- [Ext] isExcludedFromReward
- [Ext] totalFees
- [Ext] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Ext] includeInReward #
- modifiers: onlyOwner
- [Prv] _transferBothExcluded #
- [Ext] excludeFromFee #
- modifiers: onlyOwner
- [Ext] includeInFee #
- modifiers: onlyOwner
- [Ext] setBuyTaxFeePercent #
- modifiers: onlyOwner
- [Ext] setBuyDevFeePercent #
- modifiers: onlyOwner
- [Ext] setBuyLiquidityFeePercent #
- modifiers: onlyOwner
- [Ext] setSellTaxFeePercent #
- modifiers: onlyOwner
- [Ext] setSellDevFeePercent #
- modifiers: onlyOwner
- [Ext] setSellLiquidityFeePercent #
- modifiers: onlyOwner
- [Ext] setMaxTxPercent #
- modifiers: onlyOwner
- [Ext] setSwapAndLiquifyEnabled #
- modifiers: onlyOwner
- [Ext] setSwapEnabled #
- modifiers: onlyOwner
- [Ext] setDevWalletAddress #
- modifiers: onlyOwner
- [Ext] setLiqWalletAddress #
- modifiers: onlyOwner
- [Ext] setNumTokensSellToAddToLiquidity #
- modifiers: onlyOwner
- [Ext] setContractFeesEnabled #
- modifiers: onlyOwner
- [Prv] _setRouter #
- [Ext] setRouter #
- modifiers: onlyOwner
- [Ext] ($)
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _takeLiquidity #
- [Prv] _takedev #
- [Prv] calculateTaxFee
- [Prv] calculateDevFee
- [Prv] calculateLiquidityFee
- [Prv] removeAllFee #
- [Ext] isExcludedFromFee
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapAndLiquify #
- modifiers: lockTheSwap
- [Prv] swapTokensForEth #
- [Prv] addLiquidity #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Pub] setIsPair #
- modifiers: onlyOwner
- [Ext] setIsBanned #
- modifiers: onlyOwner
- [Ext] withdrawalToken #
- modifiers: onlyOwner
- [Ext] withdrawalBNB #
- modifiers: onlyOwner