Vuzec - Audit Report

Audit Summary

Vuzec Audit Report Vuzec is a new DEX and platform where users can invest in Albums in the form of ERC1155 tokens.

For this audit, we reviewed the team's project at commit 8d8ca11c837d1266b7cfff8ba640b63e7ecb380b on the team's GitHub repository.

Audit Findings

Please ensure trust in the team prior to investing as they have some control in the ecosystem.
Date: February 3rd, 2022.
Updated: February 4th, 2022 to support changes from commit 52f354b920f9e8e6f316d235db8a7c2d25bbef9c to commit 8d8ca11c837d1266b7cfff8ba640b63e7ecb380b.

Finding #1 - WALM - High (Resolved)

Description: Any user can mint any amount of WALM tokens at any time.
Risk/Impact: Users can mint a large number of WALM tokens and subsequently drain its backed token from the liquidity pool.
Recommendation: Minting functionality should be limited to certain users or removed entirely.
Resolution: The team has updated minting functionality so that only a specified "router" address can receive minted tokens.

Finding #2 - WALM - High (Resolved)

Description: Anyone can call the onERC1155Received() function to mint any amount of WALM tokens to the "router" address as long as the ID passed in is the current ID in the contract and the operator address passed in is the router address.
Risk/Impact: Users can increase the total supply of the token to the maximum integer value by minting a large amount of tokens to the router address. This would prevent any further mints from occuring.
Recommendation: This function should only be permitted to be called by desired addresses.
Resolution: The team has updated the function so that the msg.sender is required to be the router address, preventing this issue from occurring.

Finding #3 - WALM, ALM, & Presale - Informational (Resolved)

Description: The following functions are declared public, but are never called internally:
		
WALM.withdraw, ALM.addAdmin(), Presale.instantInitializeOffering()
Recommendation: These functions can be declared external for additional gas savings on each call.
Resolution: The team has declared the above functions external.

Contracts Overview

UniswapV2ERC20 Contract:
  • The UniswapV2ERC20 contract implements the ERC20 standard for use as an LP token.
  • This contract utilizes a "permit" mechanism which allows the owner of the $BEAM-LP tokens to sign a transaction that enables another user to withdraw tokens and send them to the recipient. The recipient then submits the permit on behalf of the owner.
UniswapV2Factory Contract:
  • The UniswapV2Factory contract is responsible for the creation of liquidity pairs for two tokens, thereby enabling trading on the platform.
  • When creating a new trading pair, the UniswapPair initialize() function is called which allows the factory to specify the two ERC20 tokens that this pair will exchange.
  • Once the pool is created, its address is stored with a double mapping that takes both token addresses as input.
UniswapV2Pair Contract:
  • The UniswapV2Pair contract is the core Uniswap trading functionality.
  • Each UniswapV2Pair manages a liquidity pool made up of reserves of two ERC-20 tokens.
  • This contract is responsible for tracking the balance of both tokens in the pair, as well as mints and burns of the LP token.
  • Users can add liquidity by providing an equivalent value of each token and are minted an LP token in return. The LP tokens may be burned to receive the underlying assets at any time.
  • Users may also exchange one token for an equivalent amount of the other token based on the current market value.
  • A 0.3% fee is taken on an exchange between tokens.
UniswapV2Router02 Contract:
  • The UniswapV2Router02 contract is used to interact with liquidity pools that are created via the UniswapFactory contract.
  • UniswapV2Router02 routes orders to the user-determined pair contract to swap assets.
  • This contract performs requirement checks needed for swapping tokens, adding liquidity, and removing liquidity.
  • This contract also implements functionality to support ALM-USDC liquidity pools.
WALM Contract:
  • WALM is an ERC-20 token with an ID related to a specific ALM token.
  • The "router" address can call the onERC1155Received() function to mint any amount of WALM tokens as long as the ID passed matches the contract's ID.
  • No other minting functionality is present.
  • No burning functionality is present; however, tokens can be transferred to the 0x..dead address to reduce circulating supply, if desired.
  • The router address can burn its WALM tokens in order to receive an equal number of ALM tokens of the same ID given this contract has the corresponding ALM balance.
ALM Contract:
  • This contract is an ERC1155 token where each token ID represents an Album.
  • The owner is given the Admin role upon deployment.
  • Any user can create a new Album, specifying an owner, number of tokens to be sold, name, and symbol.
  • When an Album is created, a new WALM token with the name, symbol, and associated token id will be deployed.
  • The Album's "Artist" will be set to the specified owner.
  • 100,000 Albums will be minted; the specified number of tokens to be sold will be minted to the Presale contract, and the remainder will be minted to the owner.
  • Users can also choose to instantly initialize a presale for their token upon creating an Album, specifying the Album price in USDC and a sale end time.
  • An Admin can grant the Admin role to any address at any time.
  • An Admin can update the Presale contract address at any time.
Presale Contract:
  • Users can use this contract to list their Albums (ALM tokens) or to purchase actively listed Albums for their specified price.
  • Users can create a presale for their Album only once; they will specify a price in USDC and an end time for the sale.
  • When purchasing, users will input the desired token ID and a USDC amount; the appropriate number of Albums of the corresponding ID will then be minted to them.
  • A commission is taken from the sale and sent to the deployer of the contract; the remainder of the payment is sent to the artist.
  • The commission percentage is set upon deployment and cannot be updated.
  • Any unsold tokens can be claimed by the artist after the presale has ended.
  • The artist can also cancel a presale at any time and any unsold Albums will be transferred to them.

External Threat Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Centralization of Control
  • The team retains ownership controls outlined above.
  • PASS
    Delegate Call to Untrusted ContractN/APASS
    Dependence on Predictable VariablesN/APASS
    Deprecated OpcodesN/APASS
    Ether ThiefN/APASS
    ExceptionsN/APASS
    External CallsN/APASS
    Integer Over/UnderflowN/APASS
    Logical IssuesN/APASS
    Multiple SendsN/APASS
    SuicideN/APASS
    State Change External CallsN/APass
    Unchecked RetvalN/APASS
    User Supplied AssertionN/APASS
    Critical Solidity CompilerN/APASS
    Overall Contract Safety PASS

    UniswapV2Factory Contract

    BEP20 Token Graph

    Multi-file Token

    	
    					
     ($) = payable function
     # = non-constant function
      
     + [Int] IUniswapV2Factory 
        - [Ext] feeTo
        - [Ext] feeToSetter
        - [Ext] getPair
        - [Ext] allPairs
        - [Ext] allPairsLength
        - [Ext] createPair #
        - [Ext] setFeeTo #
        - [Ext] setFeeToSetter #
    
     + [Int] IUniswapV2Pair 
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
        - [Ext] DOMAIN_SEPARATOR
        - [Ext] PERMIT_TYPEHASH
        - [Ext] nonces
        - [Ext] permit #
        - [Ext] MINIMUM_LIQUIDITY
        - [Ext] factory
        - [Ext] token0
        - [Ext] token1
        - [Ext] getReserves
        - [Ext] price0CumulativeLast
        - [Ext] price1CumulativeLast
        - [Ext] kLast
        - [Ext] mint #
        - [Ext] burn #
        - [Ext] swap #
        - [Ext] skim #
        - [Ext] sync #
        - [Ext] initialize #
    
     + [Int] IUniswapV2ERC20 
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
        - [Ext] DOMAIN_SEPARATOR
        - [Ext] PERMIT_TYPEHASH
        - [Ext] nonces
        - [Ext] permit #
    
     + [Lib] SafeMath 
        - [Int] add
        - [Int] sub
        - [Int] mul
    
     +  UniswapV2ERC20 (IUniswapV2ERC20)
        - [Pub]  #
        - [Int] _mint #
        - [Int] _burn #
        - [Prv] _approve #
        - [Prv] _transfer #
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
        - [Ext] permit #
    
     + [Lib] Math 
        - [Int] min
        - [Int] sqrt
    
     + [Lib] UQ112x112 
        - [Int] encode
        - [Int] uqdiv
    
     + [Int] IERC20 
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
    
     + [Int] IUniswapV2Callee 
        - [Ext] uniswapV2Call #
    
     +  UniswapV2Pair (IUniswapV2Pair, UniswapV2ERC20)
        - [Pub] getReserves
        - [Prv] _safeTransfer #
        - [Pub]  #
        - [Ext] initialize #
        - [Prv] _update #
        - [Prv] _mintFee #
        - [Ext] mint #
           - modifiers: lock
        - [Ext] burn #
           - modifiers: lock
        - [Ext] swap #
           - modifiers: lock
        - [Ext] skim #
           - modifiers: lock
        - [Ext] sync #
           - modifiers: lock
    
     +  UniswapV2Factory (IUniswapV2Factory)
        - [Pub]  #
        - [Ext] allPairsLength
        - [Ext] createPair #
        - [Ext] setFeeTo #
        - [Ext] setFeeToSetter #
    
    							
     
    

    UniswapV2Router02 Contract

    BEP20 Token Graph

    Multi-file Token

    	
    					
     ($) = payable function
     # = non-constant function
      
     + [Int] IUniswapV2Factory 
        - [Ext] feeTo
        - [Ext] feeToSetter
        - [Ext] getPair
        - [Ext] allPairs
        - [Ext] allPairsLength
        - [Ext] createPair #
        - [Ext] setFeeTo #
        - [Ext] setFeeToSetter #
    
     + [Lib] TransferHelper 
        - [Int] safeApprove #
        - [Int] safeTransfer #
        - [Int] safeTransferFrom #
        - [Int] safeTransferETH #
    
     + [Int] IUniswapV2Router01 
        - [Ext] factory
        - [Ext] WETH
        - [Ext] ALM
        - [Ext] addLiquidity #
        - [Ext] addLiquidityALMandUSDC #
        - [Ext] addLiquidityETH ($)
        - [Ext] removeLiquidity #
        - [Ext] removeLiquidityETH #
        - [Ext] removeLiquidityUSDCandALM #
        - [Ext] removeLiquidityWithPermit #
        - [Ext] removeLiquidityETHWithPermit #
        - [Ext] swapExactTokensForTokens #
        - [Ext] swapTokensForExactTokens #
        - [Ext] swapExactETHForTokens ($)
        - [Ext] swapExactALMforUSDC #
        - [Ext] swapTokensForExactETH #
        - [Ext] swapExactUSDCForALM #
        - [Ext] swapExactTokensForETH #
        - [Ext] swapETHForExactTokens ($)
        - [Ext] quote
        - [Ext] getAmountOut
        - [Ext] getAmountIn
        - [Ext] getAmountsOut
        - [Ext] getAmountsIn
    
     + [Int] IUniswapV2Router02 (IUniswapV2Router01)
        - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
        - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
        - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
        - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
        - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
    
     + [Int] IUniswapV2Pair 
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
        - [Ext] DOMAIN_SEPARATOR
        - [Ext] PERMIT_TYPEHASH
        - [Ext] nonces
        - [Ext] permit #
        - [Ext] MINIMUM_LIQUIDITY
        - [Ext] factory
        - [Ext] token0
        - [Ext] token1
        - [Ext] getReserves
        - [Ext] price0CumulativeLast
        - [Ext] price1CumulativeLast
        - [Ext] kLast
        - [Ext] mint #
        - [Ext] burn #
        - [Ext] swap #
        - [Ext] skim #
        - [Ext] sync #
        - [Ext] initialize #
    
     + [Lib] SafeMath 
        - [Int] add
        - [Int] sub
        - [Int] mul
    
     + [Lib] UniswapV2Library 
        - [Int] sortTokens
        - [Int] pairFor
        - [Int] getReserves
        - [Int] quote
        - [Int] getAmountOut
        - [Int] getAmountIn
        - [Int] getAmountsOut
        - [Int] getAmountsIn
    
     + [Int] IERC20 
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] allowance
        - [Ext] withdraw #
        - [Ext] approve #
        - [Ext] transfer #
        - [Ext] transferFrom #
    
     + [Int] IWETH 
        - [Ext] deposit ($)
        - [Ext] transfer #
        - [Ext] withdraw #
    
     + [Int] IWALM 
        - [Ext] transfer #
        - [Ext] withdraw #
    
     + [Int] IERC165 
        - [Ext] supportsInterface
    
     + [Int] IERC1155 (IERC165)
        - [Ext] balanceOf
        - [Ext] balanceOfBatch
        - [Ext] setApprovalForAll #
        - [Ext] isApprovedForAll
        - [Ext] safeTransferFrom #
        - [Ext] safeBatchTransferFrom #
    
     + [Int] IERC1155Receiver (IERC165)
        - [Ext] onERC1155Received #
        - [Ext] onERC1155BatchReceived #
    
     +  UniswapV2Router02 (IUniswapV2Router02, IERC1155Receiver)
        - [Pub]  #
        - [Ext]  ($)
        - [Int] _addLiquidity #
        - [Ext] addLiquidity #
           - modifiers: ensure
        - [Ext] addLiquidityETH ($)
           - modifiers: ensure
        - [Ext] addLiquidityALMandUSDC #
           - modifiers: ensure
        - [Pub] removeLiquidity #
           - modifiers: ensure
        - [Pub] removeLiquidityETH #
           - modifiers: ensure
        - [Pub] removeLiquidityUSDCandALM #
           - modifiers: ensure
        - [Ext] removeLiquidityWithPermit #
        - [Ext] removeLiquidityETHWithPermit #
        - [Pub] removeLiquidityETHSupportingFeeOnTransferTokens #
           - modifiers: ensure
        - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
        - [Int] _swap #
        - [Ext] swapExactTokensForTokens #
           - modifiers: ensure
        - [Ext] swapTokensForExactTokens #
           - modifiers: ensure
        - [Ext] swapExactETHForTokens ($)
           - modifiers: ensure
        - [Ext] swapExactALMforUSDC #
           - modifiers: ensure
        - [Ext] swapTokensForExactETH #
           - modifiers: ensure
        - [Ext] swapExactTokensForETH #
           - modifiers: ensure
        - [Ext] swapExactUSDCForALM #
           - modifiers: ensure
        - [Ext] swapETHForExactTokens ($)
           - modifiers: ensure
        - [Int] _swapSupportingFeeOnTransferTokens #
        - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
           - modifiers: ensure
        - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
           - modifiers: ensure
        - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
           - modifiers: ensure
        - [Pub] quote
        - [Pub] getAmountOut
        - [Pub] getAmountIn
        - [Pub] getAmountsOut
        - [Pub] getAmountsIn
        - [Ext] onERC1155Received #
        - [Ext] onERC1155BatchReceived #
        - [Pub] supportsInterface
    							
     
    

    ALM Contract

    BEP20 Token Graph

    Multi-file Token

    		
     ($) = payable function
     # = non-constant function
      
     + [Int] IERC165 
        - [Ext] supportsInterface
    
     + [Int] IERC1155 (IERC165)
        - [Ext] balanceOf
        - [Ext] balanceOfBatch
        - [Ext] setApprovalForAll #
        - [Ext] isApprovedForAll
        - [Ext] safeTransferFrom #
        - [Ext] safeBatchTransferFrom #
    
     + [Int] IERC1155Receiver (IERC165)
        - [Ext] onERC1155Received #
        - [Ext] onERC1155BatchReceived #
    
     + [Int] IERC1155MetadataURI (IERC1155)
        - [Ext] uri
    
     + [Lib] Address 
        - [Int] isContract
        - [Int] sendValue #
        - [Int] functionCall #
        - [Int] functionCall #
        - [Int] functionCallWithValue #
        - [Int] functionCallWithValue #
        - [Int] functionStaticCall
        - [Int] functionStaticCall
        - [Int] functionDelegateCall #
        - [Int] functionDelegateCall #
        - [Int] verifyCallResult
    
     +  Context 
        - [Int] _msgSender
        - [Int] _msgData
    
     +  ERC165 (IERC165)
        - [Pub] supportsInterface
    
     +  ERC1155 (Context, ERC165, IERC1155, IERC1155MetadataURI)
        - [Pub]  #
        - [Pub] supportsInterface
        - [Pub] uri
        - [Pub] balanceOf
        - [Pub] balanceOfBatch
        - [Pub] setApprovalForAll #
        - [Pub] isApprovedForAll
        - [Pub] safeTransferFrom #
        - [Pub] safeBatchTransferFrom #
        - [Int] _safeTransferFrom #
        - [Int] _safeBatchTransferFrom #
        - [Int] _setURI #
        - [Int] _mint #
        - [Int] _mintBatch #
        - [Int] _burn #
        - [Int] _burnBatch #
        - [Int] _beforeTokenTransfer #
        - [Prv] _doSafeTransferAcceptanceCheck #
        - [Prv] _doSafeBatchTransferAcceptanceCheck #
        - [Prv] _asSingletonArray
    
     + [Lib] Counters 
        - [Int] current
        - [Int] increment #
        - [Int] decrement #
        - [Int] reset #
    
     + [Int] IAccessControl 
        - [Ext] hasRole
        - [Ext] getRoleAdmin
        - [Ext] grantRole #
        - [Ext] revokeRole #
        - [Ext] renounceRole #
    
     + [Lib] Strings 
        - [Int] toString
        - [Int] toHexString
        - [Int] toHexString
    
     +  AccessControl (Context, IAccessControl, ERC165)
        - [Pub] supportsInterface
        - [Pub] hasRole
        - [Int] _checkRole
        - [Pub] getRoleAdmin
        - [Pub] grantRole #
           - modifiers: onlyRole
        - [Pub] revokeRole #
           - modifiers: onlyRole
        - [Pub] renounceRole #
        - [Int] _setupRole #
        - [Int] _setRoleAdmin #
        - [Prv] _grantRole #
        - [Prv] _revokeRole #
    
     + [Lib] SafeMath 
        - [Int] tryAdd
        - [Int] trySub
        - [Int] tryMul
        - [Int] tryDiv
        - [Int] tryMod
        - [Int] add
        - [Int] sub
        - [Int] mul
        - [Int] div
        - [Int] mod
        - [Int] sub
        - [Int] div
        - [Int] mod
    
     + [Int] IERC20 
        - [Ext] totalSupply
        - [Ext] balanceOf
        - [Ext] transfer #
        - [Ext] allowance
        - [Ext] approve #
        - [Ext] transferFrom #
    
     + [Int] IERC20Metadata (IERC20)
        - [Ext] name
        - [Ext] symbol
        - [Ext] decimals
    
     +  ERC20 (Context, IERC20, IERC20Metadata)
        - [Pub]  #
        - [Pub] name
        - [Pub] symbol
        - [Pub] decimals
        - [Pub] totalSupply
        - [Pub] balanceOf
        - [Pub] transfer #
        - [Pub] allowance
        - [Pub] approve #
        - [Pub] transferFrom #
        - [Pub] increaseAllowance #
        - [Pub] decreaseAllowance #
        - [Int] _transfer #
        - [Int] _mint #
        - [Int] _burn #
        - [Int] _approve #
        - [Int] _beforeTokenTransfer #
        - [Int] _afterTokenTransfer #
    
     +  WALM (ERC20, IERC1155Receiver)
        - [Pub]  #
           - modifiers: ERC20
        - [Pub] decimals
        - [Pub] withdraw #
        - [Ext] onERC1155Received #
        - [Ext] onERC1155BatchReceived #
        - [Pub] supportsInterface
    
     + [Lib] TransferHelper 
        - [Int] safeApprove #
        - [Int] safeTransfer #
        - [Int] safeTransferFrom #
        - [Int] safeTransferETH #
    
     +  ALM (ERC1155, AccessControl)
        - [Pub]  #
           - modifiers: ERC1155
        - [Pub] addAdmin #
           - modifiers: IsAdmin
        - [Ext] setPreSaleContractAddress #
           - modifiers: IsAdmin
        - [Int] deploy #
        - [Ext] createAlbum #
        - [Ext] createAlbumAndInitializePresale #
        - [Ext] getAlbumExtraInfo
        - [Ext] getAlbumERC20Token
        - [Ext] testCheckWALMBalance
        - [Ext] getcurrentNFTCount
        - [Pub] supportsInterface
    
     +  Presale (IERC1155Receiver)
        - [Pub]  #
        - [Ext] initializeOffering #
           - modifiers: checkPrice
        - [Ext] cancelOffering #
        - [Ext] redeemRemainingALM #
        - [Pub] instantInitializeOffering #
           - modifiers: checkPrice
        - [Ext] buyALM #
        - [Int] calculateCommissions
        - [Int] cutPer10000
        - [Ext] onERC1155Received #
        - [Ext] onERC1155BatchReceived #
        - [Pub] supportsInterface
    
    							
    							

    Migrations Contract

    BEP20 Token Graph

    Multi-file Token

    	
     ($) = payable function
     # = non-constant function
      
     +  Migrations 
        - [Pub] setCompleted #
           - modifiers: restricted