SuperLauncher Staking - Smart Contract Audit Report

Summary

SuperLauncher Staking SuperLauncher Staking is a staking contract which is part of the larger SuperLauncher ecosystem. We previously reviewed the team's presale platform here and their Farm contracts here.

We reviewed SuperLauncher's Staking contract at commit 52f2bd2050816e8278920a3ba270138dbfe4886f on GitHub.

    Notes on the Contract:
  • Users can stake their LAUNCH tokens in this contract to earn further tokens as rewards.
  • Users also have the ability to stake on behalf of others.
  • Unstaking from the contract is a two-step process which also imposes a time delay.
  • Users must first request to unstake; then once the cooldown period has elapsed, the user will be able to unstake from the contract.
  • If a user only partially unstakes, their still-staked funds will be subject to the cooldown period.
  • Staking a second time will push back the user's redemption time.
  • Users can also claim their rewards at any time.
  • The end date for rewards will be set by the team upon deployment.
  • The emission manager can update the reward token emission rate, total staked amount, and underlying asset address.

  • The SuperEgg token can be minted up to a maximum amount. Any user may burn their own tokens.
  • The token also has functionality to take snapshots of the contract's state.
  • There are some functions which could be declared external instead of public to save a small amount of gas.
  • Utilization of SafeMath to prevent overflow issues.

Audit Findings Summary:
  • No security issues from external attackers were identified.
  • Ensure trust in the team as they have substantial control in the ecosystem
  • Date: July 12th, 2021

Combined Audit Results

Vulnerability Category Notes Result
Arbitrary Storage Write N/A PASS
Arbitrary Jump N/A PASS
Delegate Call to Untrusted Contract N/A PASS
Dependence on Predictable Variables N/A PASS
Deprecated Opcodes N/A PASS
Ether Thief N/A PASS
Exceptions N/A PASS
External Calls N/A PASS
Integer Over/Underflow N/A PASS
Multiple Sends N/A PASS
Suicide N/A PASS
State Change External Calls N/A PASS
Unchecked Retval N/A PASS
User Supplied Assertion N/A PASS
Critical Solidity Compiler N/A PASS
Overall Contract Safety   PASS


SvLaunch

Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview



 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IStakedAave 
    - [Ext] stake #
    - [Ext] redeem #
    - [Ext] cooldown #
    - [Ext] claimRewards #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Prv] callOptionalReturn #

 +  VersionedInitializable 
    - [Int] getRevision

 + [Lib] DistributionTypes 

 + [Int] IAaveDistributionManager 
    - [Ext] configureAssets #

 +  AaveDistributionManager (IAaveDistributionManager)
    - [Pub]  #
    - [Ext] configureAssets #
    - [Int] _updateAssetStateInternal #
    - [Int] _updateUserAssetInternal #
    - [Int] _claimRewards #
    - [Int] _getUnclaimedRewards
    - [Int] _getRewards
    - [Int] _getAssetIndex
    - [Pub] getUserAssetData

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20Detailed (IERC20)
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals

 +  ERC20 (Context, IERC20, IERC20Detailed)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _setName #
    - [Int] _setSymbol #
    - [Int] _setDecimals #
    - [Int] _beforeTokenTransfer #

 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Lib] Arrays 
    - [Int] findUpperBound

 + [Lib] Counters 
    - [Int] current
    - [Int] increment #
    - [Int] decrement #

 +  ERC20Snapshot (ERC20)
    - [Int] _snapshot #
    - [Pub] balanceOfAt
    - [Pub] totalSupplyAt
    - [Int] _beforeTokenTransfer #
    - [Prv] _valueAt
    - [Prv] _updateAccountSnapshot #
    - [Prv] _updateTotalSupplySnapshot #
    - [Prv] _updateSnapshot #
    - [Prv] _lastSnapshotId

 +  StakedToken (IStakedAave, ERC20Snapshot, VersionedInitializable, AaveDistributionManager)
    - [Pub]  #
       - modifiers: ERC20,AaveDistributionManager
    - [Ext] initialize #
       - modifiers: initializer
    - [Ext] stake #
    - [Ext] redeem #
    - [Ext] cooldown #
    - [Ext] claimRewards #
    - [Int] _transfer #
    - [Int] _updateCurrentUnclaimedRewards #
    - [Pub] getNextCooldownTimestamp #
    - [Ext] getTotalRewardsBalance
    - [Int] getRevision
    - [Ext] snapshot #

 +  SvLaunch (StakedToken)
    - [Pub]  #
       - modifiers: StakedToken


SuperEgg


Function Graph

Smart Contract Graph

Inheritence Chart

Smart Contract Inheritance

Functions Overview



 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 +  ERC20 (Context, IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _setupDecimals #
    - [Int] _beforeTokenTransfer #

 +  ERC20Burnable (Context, ERC20)
    - [Pub] burn #
    - [Pub] burnFrom #

 + [Lib] Math 
    - [Int] max
    - [Int] min
    - [Int] average

 + [Lib] Arrays 
    - [Int] findUpperBound

 + [Lib] Counters 
    - [Int] current
    - [Int] increment #
    - [Int] decrement #

 +  ERC20Snapshot (ERC20)
    - [Int] _snapshot #
    - [Pub] balanceOfAt
    - [Pub] totalSupplyAt
    - [Int] _beforeTokenTransfer #
    - [Prv] _valueAt
    - [Prv] _updateAccountSnapshot #
    - [Prv] _updateTotalSupplySnapshot #
    - [Prv] _updateSnapshot #
    - [Prv] _lastSnapshotId

 +  SuperEgg (ERC20Burnable, ERC20Snapshot, Ownable)
    - [Pub]  #
       - modifiers: ERC20
    - [Pub] mint #
       - modifiers: onlyOwner
    - [Int] _burn #
    - [Int] _beforeTokenTransfer #
    - [Ext] snapshot #
       - modifiers: onlyOwner