Vanity Marketplace - Smart Contract Audit Report

Summary

Vanity Marketplace is the marketplace associated with the Vanity token ($VNY) contract that is used for buying, selling, and trading custom wallet addresses as wrapped NFTs.

For this audit we reviewed the project's Marketplace contract using code that was provided to us by the team.

Notes on the Contract:
The contract is used to support $VNY payments to purchase wrapped NFTs via the team's marketplace.
When a user makes a purchase using the platform, the tokens are stored in the contract address and are allocated as follows:
30% of the tokens are burned.
15% are sent to the $VNY contract address and, once a threshold value of 500,000 $VNY tokens is reached, it will trigger the contract's automatic liquidity adding functionality where half the tokens are sold for BNB and paired with the remaining tokens to add to liquidity.
10% are swapped for BNB and sent to a wallet controlled by the team.
The remaining 45% are swapped for BNB and sent to the contract address to support the buyback functionality.
The owner has the ability to update these percentages to any values at any time.
The contract does not include any logic to ensure that the percentages will total 100%, so the team must exercise caution when changing these variables.
The owner can update the team's wallet address at any time.
The owner can utilize a buyback feature to transfer a specified amount of BNB from the contract address which will be swapped for $VNY tokens and subsequently burned.
As the project is implemented with Solidity v0.8.0, it is protected from overflows.

Audit Findings Summary
No external threats were identified.
Date: August 26th, 2021

Audit Results

Vulnerability Category	Notes	Result
Arbitrary Storage Write	N/A	PASS
Arbitrary Jump	N/A	PASS
Delegate Call to Untrusted Contract	N/A	PASS
Dependence on Predictable Variables	N/A	PASS
Deprecated Opcodes	N/A	PASS
Ether Thief	N/A	PASS
Exceptions	N/A	PASS
External Calls	N/A	PASS
Flash Loans	N/A	PASS
Integer Over/Underflow	N/A	PASS
Multiple Sends	N/A	PASS
Oracles	N/A	PASS
Suicide	N/A	PASS
State Change External Calls	N/A	PASS
Unchecked Retval	N/A	PASS
User Supplied Assertion	N/A	PASS
Critical Solidity Compiler	N/A	PASS
Overall Contract Safety		PASS

Function Graph

ERC20 Token Graph

Inheritence Chart

Multi-file Token

Functions Overview


 ($) = payable function
 # = non-constant function
 
    - [Int] _msgData

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Prv] _setOwner #

 +  ReentrancyGuard 
    - [Pub]  #

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Int] IERC20Metadata (IERC20)
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals

 +  ERC20 (Context, IERC20, IERC20Metadata)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Int] _transfer #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _beforeTokenTransfer #
    - [Int] _afterTokenTransfer #

 +  ERC20Burnable (Context, ERC20)
    - [Pub] burn #
    - [Pub] burnFrom #

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] _callOptionalReturn #

 + [Int] IPancakeSwapV2Router02 
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidityETH ($)

 +  Vanity (Ownable, ReentrancyGuard)
    - [Pub]  #
    - [Ext] pay #
    - [Prv] swapTokensForEth #
    - [Prv] swapETHForTokens #
    - [Ext] buyback #
       - modifiers: onlyOwner
    - [Prv] transferToAddressETH #
    - [Ext] setTeamWallet #
       - modifiers: onlyOwner
    - [Ext] setTeamPercent #
       - modifiers: onlyOwner
    - [Ext] setContractWallet #
       - modifiers: onlyOwner
    - [Ext] setContractPercent #
       - modifiers: onlyOwner
    - [Ext] setBurnPercent #
       - modifiers: onlyOwner
    - [Ext] setDivider #
       - modifiers: onlyOwner
    - [Ext]  ($)

Go Home