SuperLauncher Staking - Smart Contract Audit Report
Summary
SuperLauncher Staking is a staking contract which is part of the larger SuperLauncher ecosystem. We previously reviewed the team's presale platform here and their Farm contracts here.
We reviewed SuperLauncher's Staking contract at commit 52f2bd2050816e8278920a3ba270138dbfe4886f on GitHub.
Notes on the Contract:
Audit Findings Summary:- Users can stake their LAUNCH tokens in this contract to earn further tokens as rewards.
- Users also have the ability to stake on behalf of others.
- Unstaking from the contract is a two-step process which also imposes a time delay.
- Users must first request to unstake; then once the cooldown period has elapsed, the user will be able to unstake from the contract.
- If a user only partially unstakes, their still-staked funds will be subject to the cooldown period.
- Staking a second time will push back the user's redemption time.
- Users can also claim their rewards at any time.
- The end date for rewards will be set by the team upon deployment.
- The emission manager can update the reward token emission rate, total staked amount, and underlying asset address.
- The SuperEgg token can be minted up to a maximum amount. Any user may burn their own tokens.
- The token also has functionality to take snapshots of the contract's state.
- There are some functions which could be declared external instead of public to save a small amount of gas.
- Utilization of SafeMath to prevent overflow issues.
- No security issues from external attackers were identified.
- Ensure trust in the team as they have substantial control in the ecosystem
- Date: July 12th, 2021
Combined Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
SvLaunch
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Int] IStakedAave
- [Ext] stake #
- [Ext] redeem #
- [Ext] cooldown #
- [Ext] claimRewards #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
+ [Lib] SafeERC20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Prv] callOptionalReturn #
+ VersionedInitializable
- [Int] getRevision
+ [Lib] DistributionTypes
+ [Int] IAaveDistributionManager
- [Ext] configureAssets #
+ AaveDistributionManager (IAaveDistributionManager)
- [Pub] #
- [Ext] configureAssets #
- [Int] _updateAssetStateInternal #
- [Int] _updateUserAssetInternal #
- [Int] _claimRewards #
- [Int] _getUnclaimedRewards
- [Int] _getRewards
- [Int] _getAssetIndex
- [Pub] getUserAssetData
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC20Detailed (IERC20)
- [Ext] name
- [Ext] symbol
- [Ext] decimals
+ ERC20 (Context, IERC20, IERC20Detailed)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _setName #
- [Int] _setSymbol #
- [Int] _setDecimals #
- [Int] _beforeTokenTransfer #
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
+ [Lib] Arrays
- [Int] findUpperBound
+ [Lib] Counters
- [Int] current
- [Int] increment #
- [Int] decrement #
+ ERC20Snapshot (ERC20)
- [Int] _snapshot #
- [Pub] balanceOfAt
- [Pub] totalSupplyAt
- [Int] _beforeTokenTransfer #
- [Prv] _valueAt
- [Prv] _updateAccountSnapshot #
- [Prv] _updateTotalSupplySnapshot #
- [Prv] _updateSnapshot #
- [Prv] _lastSnapshotId
+ StakedToken (IStakedAave, ERC20Snapshot, VersionedInitializable, AaveDistributionManager)
- [Pub] #
- modifiers: ERC20,AaveDistributionManager
- [Ext] initialize #
- modifiers: initializer
- [Ext] stake #
- [Ext] redeem #
- [Ext] cooldown #
- [Ext] claimRewards #
- [Int] _transfer #
- [Int] _updateCurrentUnclaimedRewards #
- [Pub] getNextCooldownTimestamp #
- [Ext] getTotalRewardsBalance
- [Int] getRevision
- [Ext] snapshot #
+ SvLaunch (StakedToken)
- [Pub] #
- modifiers: StakedToken
SuperEgg
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] tryAdd
- [Int] trySub
- [Int] tryMul
- [Int] tryDiv
- [Int] tryMod
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ ERC20 (Context, IERC20)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _setupDecimals #
- [Int] _beforeTokenTransfer #
+ ERC20Burnable (Context, ERC20)
- [Pub] burn #
- [Pub] burnFrom #
+ [Lib] Math
- [Int] max
- [Int] min
- [Int] average
+ [Lib] Arrays
- [Int] findUpperBound
+ [Lib] Counters
- [Int] current
- [Int] increment #
- [Int] decrement #
+ ERC20Snapshot (ERC20)
- [Int] _snapshot #
- [Pub] balanceOfAt
- [Pub] totalSupplyAt
- [Int] _beforeTokenTransfer #
- [Prv] _valueAt
- [Prv] _updateAccountSnapshot #
- [Prv] _updateTotalSupplySnapshot #
- [Prv] _updateSnapshot #
- [Prv] _lastSnapshotId
+ SuperEgg (ERC20Burnable, ERC20Snapshot, Ownable)
- [Pub] #
- modifiers: ERC20
- [Pub] mint #
- modifiers: onlyOwner
- [Int] _burn #
- [Int] _beforeTokenTransfer #
- [Ext] snapshot #
- modifiers: onlyOwner