Super Meditate Me NFT - Smart Contract Audit Report

Summary

Super Meditate Me NFT Audit Report Super Meditate Me NFT is a dynamically priced single NFT that pays previous purchasers royalties.

We audited the project team's AutonomousNFT contract using code provided by the project team.

Notes on the Contract:
  • This contract is used to facilitate the purchase of one Super Meditate Me NFT.
  • The Super Meditate Me NFT is minted to the owner on deployment, and anyone can purchase it at any time.
  • The initial purchase price of the NFT is set on deployment, but will increase each time the NFT is purchased.
  • The purchase price of the NFT is dictated by the previous amount that was used to purchase the NFT with an additional 0.0005 ETH on top.
  • The purchaser is able to provide more ETH than required to purchase the NFT, and the price is adjusted accordingly.
  • The NFT is transferred from the current owner to the next purchaser without any approvals needed.
  • The purchaser can choose to mint a Collectors token at no additional cost.
  • The purchaser is due royalties for any purchases made after the purchaser's initial purchase.
  • Royalties are calculated by dividing the purchase amount evenly among all the previous purchasers.
  • Any purchaser can withdraw their due royalties from the contract at any time.
  • The contract maintains a withdrawn balance for each user that is increased by the amount the user is withdrawing before the transfer occurs in order to properly prevent re-entrancy attacks.
  • The owner is able to set the token URI for the Super Meditate Me NFT at any time.
  • As the contract is implemented with Solidity v0.8.x, it is protected from overflows.

Audit Findings Summary
  • No security threats from outside attackers were identified.
  • Ensure trust in the team as they have some control in the ecosystem.
  • Date: November 4th, 2021

External Threat Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Smart Contract Graph

Multi-file Token

												
($) = payable function
 # = non-constant function

 + [Int] IERC165 
    - [Ext] supportsInterface

 + [Int] IERC721 (IERC165)
    - [Ext] balanceOf
    - [Ext] ownerOf
    - [Ext] safeTransferFrom #
    - [Ext] transferFrom #
    - [Ext] approve #
    - [Ext] getApproved
    - [Ext] setApprovalForAll #
    - [Ext] isApprovedForAll
    - [Ext] safeTransferFrom #

 + [Int] IERC721Receiver 
    - [Ext] onERC721Received #

 + [Int] IERC721Metadata (IERC721)
    - [Ext] name
    - [Ext] symbol
    - [Ext] tokenURI

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Strings 
    - [Int] toString
    - [Int] toHexString
    - [Int] toHexString

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  ERC721 (Context, ERC165, IERC721, IERC721Metadata)
    - [Pub]  #
    - [Pub] supportsInterface
    - [Pub] balanceOf
    - [Pub] ownerOf
    - [Pub] name
    - [Pub] symbol
    - [Pub] tokenURI
    - [Int] _baseURI
    - [Pub] approve #
    - [Pub] getApproved
    - [Pub] setApprovalForAll #
    - [Pub] isApprovedForAll
    - [Pub] transferFrom #
    - [Pub] safeTransferFrom #
    - [Pub] safeTransferFrom #
    - [Int] _safeTransfer #
    - [Int] _exists
    - [Int] _isApprovedOrOwner
    - [Int] _safeMint #
    - [Int] _safeMint #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _transfer #
    - [Int] _approve #
    - [Int] _setApprovalForAll #
    - [Prv] _checkOnERC721Received #
    - [Int] _beforeTokenTransfer #

 +  ERC721URIStorage (ERC721)
    - [Pub] tokenURI
    - [Int] _setTokenURI #
    - [Int] _burn #

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Int] _transferOwnership #

 + [Lib] Counters 
    - [Int] current
    - [Int] increment #
    - [Int] decrement #
    - [Int] reset #

 +  AutonomousNFT (ERC721URIStorage, Ownable)
    - [Pub]  #
       - modifiers: ERC721,Ownable
    - [Pub] purchase ($)
    - [Pub] withdraw #
    - [Pub] withdrawAll #
    - [Pub] updateTokenUri #
       - modifiers: onlyOwner
    - [Pub] getBalance
    - [Pub] getMinPrice
    - [Pub] getTotalBalance
       - modifiers: onlyOwner
    - [Pub] getOwner
    - [Pub] isCollector
    - [Pub] getTotalCollectors
    - [Int] _calculateBalance
    - [Int] _addToCollectors #
    - [Int] _mintCollectorsToken #