Yamsteers712V4 - Smart Contract Audit Report

Summary

Yamsteers is creating a new NFT with a presale on the Ethereum network.

For this audit, we reviewed Yamsteer's Yamsteers712V4 contract at address 0x01497e1932d81432485214b2360bbd8ccac715e8 on the Rinkeby testnet.

Notes on the Contract:
  • The max supply of Yamsteers712V4 is 10,000 $YMLS. The max supply cannot be changed.
  • There is no burning functionality present in the contract, however users can transfer their tokens to the 0x..dead address to reduce circulating supply, if desired.
  • The owner can pause or unpause the contract at any time. Public sale minting and token transfers cannot occur while the contract is paused. Presale minting can still occur while the contract is paused.
  • The owner can update the max mint amount to any number at any time.
  • While the presale has started, users can purchase up to 2 NFTs total. The owner can start and stop the presale at any time.
  • During the public sale, users can purchase up to the 'max mint amount' of tokens. Purchases during presale do not count towards the max mint amount.
  • In order to participate in the presale, the user must have a signature from the whitelist address. This signature can only be used by the address included in the signed message.
  • The owner can mint up to 100 'reserved' tokens at no cost. These are intended to be given to team members and for giveaways.
  • Any kind of token purchases cannot result in the total supply exceeding the max supply minus remaining reserved tokens.
  • The cost of minting, regardless of whether it is during the presale or public period, is .08 ETH per token.
  • The owner can enable or disable querying of token URIs at any time.
  • The owner can change the base URI at any time.
  • The owner can change the whitelist address at any time.
  • The owner can withdraw any amount of ETH in the contract to any address at any time.

  • As the contract is implemented with Solidity 0.8.x, it is protected from overflows.
Audit Findings Summary
  • No external threats were identified.
  • Please ensure trust in the team prior to investing as they have some control in the ecosystem.
  • Date: November 26th, 2021

Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Centralization of ControlThe owner has the permissions listed above.PASS
Critical Solidity CompilerN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
State Change External CallsN/APASS
SuicideN/APASS
Unbounded LoopN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Overall Contract Safety PASS

ERC20 Token Graph

Multi-file Token


 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 + [Int] IERC165 
    - [Ext] supportsInterface

 + [Int] IERC721 (IERC165)
    - [Ext] balanceOf
    - [Ext] ownerOf
    - [Ext] safeTransferFrom #
    - [Ext] transferFrom #
    - [Ext] approve #
    - [Ext] getApproved
    - [Ext] setApprovalForAll #
    - [Ext] isApprovedForAll
    - [Ext] safeTransferFrom #

 + [Int] IERC721Receiver 
    - [Ext] onERC721Received #

 + [Int] IERC721Metadata (IERC721)
    - [Ext] name
    - [Ext] symbol
    - [Ext] tokenURI

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Int] verifyCallResult

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Lib] Strings 
    - [Int] toString
    - [Int] toHexString
    - [Int] toHexString

 +  ERC165 (IERC165)
    - [Pub] supportsInterface

 +  ERC721 (Context, ERC165, IERC721, IERC721Metadata)
    - [Pub]  #
    - [Pub] supportsInterface
    - [Pub] balanceOf
    - [Pub] ownerOf
    - [Pub] name
    - [Pub] symbol
    - [Pub] tokenURI
    - [Int] _baseURI
    - [Pub] approve #
    - [Pub] getApproved
    - [Pub] setApprovalForAll #
    - [Pub] isApprovedForAll
    - [Pub] transferFrom #
    - [Pub] safeTransferFrom #
    - [Pub] safeTransferFrom #
    - [Int] _safeTransfer #
    - [Int] _exists
    - [Int] _isApprovedOrOwner
    - [Int] _safeMint #
    - [Int] _safeMint #
    - [Int] _mint #
    - [Int] _burn #
    - [Int] _transfer #
    - [Int] _approve #
    - [Prv] _checkOnERC721Received #
    - [Int] _beforeTokenTransfer #

 + [Int] IERC721Enumerable (IERC721)
    - [Ext] totalSupply
    - [Ext] tokenOfOwnerByIndex
    - [Ext] tokenByIndex

 +  ERC721Enumerable (ERC721, IERC721Enumerable)
    - [Pub] supportsInterface
    - [Pub] tokenOfOwnerByIndex
    - [Pub] totalSupply
    - [Pub] tokenByIndex
    - [Int] _beforeTokenTransfer #
    - [Prv] _addTokenToOwnerEnumeration #
    - [Prv] _addTokenToAllTokensEnumeration #
    - [Prv] _removeTokenFromOwnerEnumeration #
    - [Prv] _removeTokenFromAllTokensEnumeration #

 +  ERC721URIStorage (ERC721)
    - [Pub] tokenURI
    - [Int] _setTokenURI #
    - [Int] _burn #

 +  Pausable (Context)
    - [Pub]  #
    - [Pub] paused
    - [Int] _pause #
       - modifiers: whenNotPaused
    - [Int] _unpause #
       - modifiers: whenPaused

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Prv] _setOwner #

 + [Lib] Counters 
    - [Int] current
    - [Int] increment #
    - [Int] decrement #
    - [Int] reset #

 + [Lib] ECDSA 
    - [Prv] _throwError
    - [Int] tryRecover
    - [Int] recover
    - [Int] tryRecover
    - [Int] recover
    - [Int] tryRecover
    - [Int] recover
    - [Int] toEthSignedMessageHash
    - [Int] toTypedDataHash

 +  EIP712Whitelisting (Ownable)
    - [Pub]  #
    - [Pub] setWhitelistSigningAddress #
       - modifiers: onlyOwner

 +  Yamsteers712V4 (ERC721, ERC721Enumerable, ERC721URIStorage, Pausable, Ownable, EIP712Whitelisting)
    - [Pub]  #
       - modifiers: ERC721,EIP712Whitelisting
    - [Pub] pausePublicSale #
       - modifiers: onlyOwner
    - [Pub] unpausePublicSale #
       - modifiers: onlyOwner
    - [Int] _beforeTokenTransfer #
       - modifiers: whenNotPaused
    - [Int] _burn #
    - [Int] _baseURI
    - [Pub] tokenURI
    - [Pub] supportsInterface
    - [Pub] setmaxMintAmount #
       - modifiers: onlyOwner
    - [Pub] setBaseURI #
       - modifiers: onlyOwner
    - [Pub] setRevealed #
       - modifiers: onlyOwner
    - [Pub] preSaleSwitch #
       - modifiers: onlyOwner
    - [Pub] mint ($)
       - modifiers: whenNotPaused
    - [Pub] preSaleMint ($)
       - modifiers: requiresWhitelist
    - [Pub] teamMint ($)
       - modifiers: onlyOwner
    - [Pub] withdraw ($)
       - modifiers: onlyOwner