Trunks Inu - Smart Contract Audit Report
Trunks Inu ($TRUNKS) is a new community-driven DeFi token that is an automatic liquidity providing protocol.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 1 billion $TRUNKS [1,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 100% of the total supply belongs to the owner as the contract was recently deployed.
- The owner must manually enable trading in order for trading to take place on the platform. Only accounts that are excluded from fees can trade when trading is set to disabled. Once trading is enabled, it can never be disabled.
- There is a liquidity fee, marketing fee, staking fee, and team fee on all transactions for any non-excluded address that participates in a transfer with Pancakeswap. A separate fee structure can be set by the team to apply different fee amounts depending on whether the user is buying or selling during the transfer.
- The fees charged during transfers with Pancakeswap are stored in the contract address balance. Once a threshold value of tokens (determined by the owner) is met, the tokens are swapped for BNB and sent back to the contract address.
- A portion of that BNB is used to automatically provide liquidity. Liquidity-adds are automatically done by selling the tokens collected as fees, pairing the received BNB with the token, and adding it as liquidity to the pair.
- The LP tokens received through this process are sent to the Burn address.
- The remaining BNB in the contract will be split amongst four wallets controlled by the team.
- The amount of gas per transaction when buying from Pancakeswap must not exceed the gas price limit of 70 Gwei.
- The contract enforces a transfer delay which prevents a transfer from occuring if the user is attempting to buy from Pancakeswap more than one time per block.
- Although the Safemath library is utilized, the contract is deployed with Solidity v0.8.x which has built-in overflow checks. Safemath could be safely removed to reduce contract size and increase gas savings.
- The owner can modify the liquidity fee, marketing fee, staking fee, and team fee to any percentages as long as the total percentages combined do not exceed 20%. This applies to both the buy and sell fee structures.
- The owner can exclude and include accounts from transfer fees.
- The owner can enable/disable the utilization of a maximum transaction amount when buying from or selling to Pancakeswap. The owner can exclude accounts from this maximum transaction amount.
- The owner can disable the gas limit restriction and transfer delay functionality. Once disabled, it can never be re-enabled.
- The owner can airdrop any amount of tokens to any addresses at any time
- The owner can enable/disable automatic liquidity adds at any time.
- The owner can update the threshold value needed to trigger an automatic liquidity add to any value between 1 thousand and 500 thousand tokens.
- The owner can update the Team wallet, Marketing wallet, and staking wallet to any addresses at any time.
- The owner can update the Automated Market Maker Pair contract address at any time.
- No external threats were identified.
- Further ensure trust in the team as they have notable control in the ecosystem.
- Further ensure trust as the owner owns 100% of the total supply.
- Date: December 2nd, 2021
|Arbitrary Storage Write||N/A||PASS|
|Centralization of Control||The owner can set total buy fees and sell fees up to 20%. The owner owns 100% of the total supply.||WARNING|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] mint # - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Int] IERC20Metadata (IERC20) - [Ext] name - [Ext] symbol - [Ext] decimals + ERC20 (Context, IERC20, IERC20Metadata) - [Pub]
# - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Int] _transfer # - [Int] _mint # - [Int] _burn # - [Int] _approve # - [Int] _beforeTokenTransfer # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + Ownable (Context) - [Pub] # - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner + [Lib] SafeMathInt - [Int] mul - [Int] div - [Int] sub - [Int] add - [Int] abs - [Int] toUint256Safe + [Lib] SafeMathUint - [Int] toInt256Safe + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + TrunksInu (ERC20, Ownable) - [Pub] # - modifiers: ERC20 - [Ext] ($) - [Ext] enableTrading # - modifiers: onlyOwner - [Ext] removeLimits # - modifiers: onlyOwner - [Ext] disableTransferDelay # - modifiers: onlyOwner - [Ext] airdropToWallets # - modifiers: onlyOwner - [Ext] updateSwapTokensAtAmount # - modifiers: onlyOwner - [Ext] updateMaxAmount # - modifiers: onlyOwner - [Pub] excludeFromMaxTransaction # - modifiers: onlyOwner - [Ext] updateSwapEnabled # - modifiers: onlyOwner - [Ext] updateBuyFees # - modifiers: onlyOwner - [Ext] updateSellFees # - modifiers: onlyOwner - [Pub] excludeFromFees # - modifiers: onlyOwner - [Ext] setAutomatedMarketMakerPair # - modifiers: onlyOwner - [Prv] _setAutomatedMarketMakerPair # - [Ext] updateMarketingWallet # - modifiers: onlyOwner - [Ext] updateTeamWallet # - modifiers: onlyOwner - [Ext] updateStakingAddress # - modifiers: onlyOwner - [Ext] isExcludedFromFees - [Int] _transfer # - [Prv] swapTokensForEth # - [Prv] addLiquidity # - [Prv] swapBack #