Steam Exchange - Smart Contract Audit Report
Summary
Steam Exchange ($STEAMX) is a new DeFi token on the Binance Smart Chain that pays out static rewards to holders.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is initially set to one hundred billion $STEAMX [100,000,000,000].
- No minting or burn functions are present; and holders are not allowed to send tokens to the burn address.
- At the time of writing, 62.5% of the total $STEAMX supply is in the Presale contract.
- 24.91% of the total $STEAMX supply is in a token vesting contract. This is assumed to be allocated for the various team wallets.
- The remaining 12.5% of the total $STEAMX supply is in possession of the owner.
- There is a 5% 'tax fee' and 5% 'liquidity fee' on all transactions for any "non-excluded" address that participates in a transfer.
- The tax fee is redistributed to existing token holders instantly and automatically at the time of each transaction.
- The liquidity fee that is charged on transactions is stored in the contract and, once a threshold value (of 0.03% of the total supply) is met, activates a "Swap and Liquify". This functionality can be enabled/disabled by the owner.
- The "Swap and Liquify" does NOT automatically add liquidity to the LP. Intead, the function converts half of the contract’s $STEAMX balance to BNB, and then sends that new amount of BNB to the "SX Wallet" while the other half of the $STEAMX remains in the contract address.
- The contract implements an "Anti-Whale" feature which (When 'enabled' by the owner), does not allow transactions that are more than 0.1% of the total token supply to be completed. In addition, this feature prevents token holders that own 0.5% of the total supply or more, from selling any more than 20% of their $STEAMX balance at a time. After a sell is completed by a holder with over 0.5% of the total supply, they must wait 24 hours before conducting another sell.
- About 25% of the total $STEAMX supply will be in the team's control through various "team" wallets. These tokens are controlled by unicrypt's token vesting contract where the they vest on a 6 month linear unlock schedule. The breakdown is as follows:
- Research Wallet: 7,000,000,000 $STEAMX
- Operations Wallet: 6,000,000,000 $STEAMX
- Infrastructure: 5,000,000,000 $STEAMX
- Advertising: 4,000,000,000 $STEAMX
- Team: 3,000,000,000 $STEAMX
- The owner has the ability to set these wallets to new addresses at any time.
- In addition to the team wallets listed above, the owner will also have the ability to set the addresses for the "RFI wallet" and "SX Wallet" at any time.
- The owner of the contract can exclude and include accounts from transfer fees and reward distribution.
- The owner has the ability to use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function. Ownership can additionally be restored (even if ownership was previously renounced), by using the unlock function a second time.
- Ownership has not been renounced.
- The contract utilizes SafeMath libraries along with following the ERC20 standard.
- As the project is implemented with solidity version ^0.8.0, it is protected from overflows.
- No external vulnerabilities were identified within the smart contract's code.
- After a successful deployment, we strongly recommend that the team renounces ownership.
- As with any presale, please ensure trust in the team prior to investing as they have substantial control within the ecosystem and the token supply.
- Date: July 4th, 2021
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Pub] getUnlockTime
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ SteamExchange (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcludedFromReward
- [Pub] totalFees
- [Pub] startNukingTheWhales #
- modifiers: onlyOwner
- [Pub] enableFees #
- modifiers: onlyOwner
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Ext] includeInReward #
- modifiers: onlyOwner
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapAndLiquify #
- modifiers: lockTheSwap
- [Prv] swapTokensForEth #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _takeLiquidity #
- [Prv] getCurrentDayTax
- [Int] calculateLiquidityFee
- [Int] calculateRfiFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Pub] isExcludedFromFee
- [Ext] excludeFromBoth #
- modifiers: onlyOwner
- [Pub] excludeFromFee #
- modifiers: onlyOwner
- [Pub] includeInFee #
- modifiers: onlyOwner
- [Pub] setresearchWallet #
- modifiers: onlyOwner
- [Pub] setoperationsWallet #
- modifiers: onlyOwner
- [Pub] setinfrastructureWallet #
- modifiers: onlyOwner
- [Pub] setmarketingWallet #
- modifiers: onlyOwner
- [Pub] setteamWallet #
- modifiers: onlyOwner
- [Pub] setrfiWallet #
- modifiers: onlyOwner
- [Pub] setsxWallet #
- modifiers: onlyOwner
- [Pub] setSwapAndLiquifyEnabled #
- modifiers: onlyOwner
- [Ext] ($)