Star - Smart Contract Audit Report

Summary

Star Audit Report Star is a new community-driven DeFi token on the Binance Smart Chain that pays out static rewards to holders and sends BNB to the team.

The Star contract is deployed at 0x973f652824e2808F9B5260512ff25dAa37d54A5d on the Binance Smartchain mainnet.

Notes on the Contract:
  • The total supply of the token is set to 100 million [100,000,000].
  • No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
  • At the time of writing this report, 19.76% of the total supply is in Pancakeswap liquidity.
  • 100% of the LP tokens are stored in an AdminUpgradeabilityProxy contract.
  • The AdminUpgradeabilityProxy contract is also in possession of 12% of the total supply.
  • 8.56% of the total supply has been sent to the Burn address.
  • The top five holders own a cumulative 4.56% of the total supply.

  • There is a tax fee and a liquidity fee on all transactions for any "non-excluded" address that participates in a transfer.
  • Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
  • The liquidity fee that is charged on transactions is stored in the contract address balance. The tokens are then swapped for BNB and sent in a 50/50 split between the team's Marketing wallet and Artist wallet.
  • Although swap and liquify verbiage and buyback verbiage exists in the code, there are no automatic liquidity adds or buyback functionality supported by the protocol.
  • As the project is implemented with Solidity v0.8.4, it is protected from overflows.

  • Ownership Controls:
  • Ownership has not been renounced.
  • The owner can modify the tax fee and liquidity fee to any percentages at any time.
  • The owner can exclude and include accounts from transfer fees and reward distribution.
  • The owner update the Marketing wallet and Artist wallet to any addresses at any time.
  • The owner can set and update a maximum transaction amount at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction. The owner can also include and exclude accounts from this transaction limit.
  • This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
  • The owner can update the minimum threshold needed for swapping tokens at any time.
  • The contract includes a "PrepareForPresale" function that allows the owner to set fees to 0, and set the max transaction amount to 100% of the total token supply. There is also an "afterPresale" function where the fees are restored and the maximum transaction amount is set to 0.3% of the total token supply.
  • The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function.
  • The unlock function has the potential to be used after ownership is renounced, which will restore ownership to the original owner that initially created the ownership lock. This can be used in a nefarious way by the project team to restore ownership and change fee structures.
  • We recommend that the unlock function is modified to set the "previous owner" = "address(0)" at the end of the unlock function to prevent it from being used more than once per lock.
Audit Findings Summary
  • No external threats were identified.
  • There are potential risks that exist for holders regarding the team's ability to retain control of the contract.
  • Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
  • Date: October 22nd, 2021

Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Function Graph

ERC20 Token Graph


Inheritence Chart

Multi-file Token


Functions Overview


 ($) = payable function
 # = non-constant function
 
 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Pub] getUnlockTime
    - [Pub] getTime
    - [Pub] lock #
       - modifiers: onlyOwner
    - [Pub] unlock #

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Int] IUniswapV2Router01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IUniswapV2Router02 (IUniswapV2Router01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 +  StarCoin (Context, IERC20, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcludedFromReward
    - [Pub] totalFees
    - [Pub] minimumTokensBeforeSwapAmount
    - [Pub] deliver #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Pub] excludeFromReward #
       - modifiers: onlyOwner
    - [Ext] includeInReward #
       - modifiers: onlyOwner
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] swapTokens #
       - modifiers: lockTheSwap
    - [Prv] buyBackTokens #
       - modifiers: lockTheSwap
    - [Prv] swapTokensForEth #
    - [Prv] swapETHForTokens #
    - [Prv] addLiquidity #
    - [Prv] _tokenTransfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Prv] _transferBothExcluded #
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _takeLiquidity #
    - [Prv] calculateTaxFee
    - [Prv] calculateLiquidityFee
    - [Prv] removeAllFee #
    - [Prv] restoreAllFee #
    - [Pub] isExcludedFromFee
    - [Pub] excludeFromFee #
       - modifiers: onlyOwner
    - [Pub] includeInFee #
       - modifiers: onlyOwner
    - [Ext] setTaxFeePercent #
       - modifiers: onlyOwner
    - [Ext] setLiquidityFeePercent #
       - modifiers: onlyOwner
    - [Ext] setMaxTxAmount #
       - modifiers: onlyOwner
    - [Ext] setNumTokensSellToAddToLiquidity #
       - modifiers: onlyOwner
    - [Ext] setMarketingAddress #
       - modifiers: onlyOwner
    - [Ext] setArtistAddress #
       - modifiers: onlyOwner
    - [Pub] setSwapAndLiquifyEnabled #
       - modifiers: onlyOwner
    - [Ext] prepareForPreSale #
       - modifiers: onlyOwner
    - [Ext] afterPreSale #
       - modifiers: onlyOwner
    - [Prv] transferToAddressETH #
    - [Ext]  ($)