uPlexa - Smart Contract Audit Report

Summary

uPlexa is a blockchain with a focus on privacy. The uPlexa project is expanding to offer Wrapped uPlexa and a staking contract for Wrapped uPlexa on both Ethereum and the Binance Smart Chain.

Notes on the contracts:

The uPlexa token is 1 to 1 representative of the uPlexa coin on the project's native blockchain.

There are no tokens at the time of deployment.

The token can only be minted by the owner, which is intended to be a bridge developed by the team to migrate tokens onto each blockchain.

The contract's burnSwap function will enable cross-chain transfers through the project's bridge by allowing users to burn tokens along with a specialized note generated by the project's web UI.

There is a 1% tax on transfers of the token which are sent to a wallet controlled by the team.

Users can stake ETH-uPlexa / BNB-uPlexa liquidity provider tokens into the uPlexa Reaper staking contract into order to earn rewards in uPlexa.

The project team can add different types of tokens for staking, and can update the reward rates for each token, as well as extend the staking period.

The team must manually provide the rewards that the contract will distribute to stakers. They have signaled their intent to bring tokens across the bridge to fund these rewards.

The tokens-per-block allocation rates have been set up (on testnet) to properly to account for the different blocktimes of BSC and Ethereum.

Some public functions may be declared external to save a small amount of gas on each transaction.

Utilization of SafeMath (or similarily safe functions) across all contracts to prevent overflows.

Audit Findings Summary:

• No security issues from outside attackers were identified.
• Users must trust the team as they have some level of control and their bridge will be used for cross-chain interaction.
• Date: April 3rd, 2021

Combined External Threat Results

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] _callOptionalReturn #

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  ERC20 (Context, IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Prv] _transfer #
    - [Int] _transferStandard #
    - [Int] _transferFromExcluded #
    - [Prv] _getTValues
    - [Prv] _doTax #
    - [Pub] isExcluded
    - [Pub] totalFees
    - [Pub] taxWallet
    - [Int] _mint #
    - [Int] _multiMint #
    - [Pub] burnSwap #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _changeTaxWallet #
    - [Int] _excludeAccount #
    - [Int] _includeAccount #
    - [Int] _setupDecimals #
    - [Int] _beforeTokenTransfer #

 +  WrappeduPlexa (ERC20, Ownable)
    - [Pub] mint #
       - modifiers: onlyOwner
    - [Pub] multiMint #
       - modifiers: onlyOwner
    - [Pub] changeTaxWallet #
       - modifiers: onlyOwner
    - [Pub] excludeAccount #
       - modifiers: onlyOwner
    - [Pub] includeAccount #
       - modifiers: onlyOwner
							

 ($) = payable function
 # = non-constant function
 
 Int = Internal
 Ext = External
 Pub = Public

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 + [Lib] SafeERC20 
    - [Int] safeTransfer #
    - [Int] safeTransferFrom #
    - [Int] safeApprove #
    - [Int] safeIncreaseAllowance #
    - [Int] safeDecreaseAllowance #
    - [Prv] _callOptionalReturn #

 +  Ownable (Context)
    - [Int]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  ERC20 (Context, IERC20)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Prv] _transfer #
    - [Int] _transferStandard #
    - [Int] _transferFromExcluded #
    - [Prv] _getTValues
    - [Prv] _doTax #
    - [Pub] isExcluded
    - [Pub] totalFees
    - [Pub] taxWallet
    - [Int] _mint #
    - [Int] _multiMint #
    - [Pub] burnSwap #
    - [Int] _burn #
    - [Int] _approve #
    - [Int] _changeTaxWallet #
    - [Int] _excludeAccount #
    - [Int] _includeAccount #
    - [Int] _setupDecimals #
    - [Int] _beforeTokenTransfer #

 +  WrappeduPlexa (ERC20, Ownable)
    - [Pub] mint #
       - modifiers: onlyOwner
    - [Pub] multiMint #
       - modifiers: onlyOwner
    - [Pub] changeTaxWallet #
       - modifiers: onlyOwner
    - [Pub] excludeAccount #
       - modifiers: onlyOwner
    - [Pub] includeAccount #
       - modifiers: onlyOwner

 +  upxReaper (Ownable)
    - [Pub]  #
    - [Ext] poolLength
    - [Pub] newPeriod #
       - modifiers: onlyOwner
    - [Pub] add #
       - modifiers: onlyOwner
    - [Pub] set #
       - modifiers: onlyOwner
    - [Pub] getMultiplier
    - [Ext] pendingUPX
    - [Pub] massUpdatePools #
    - [Pub] updatePool #
    - [Pub] deposit #
    - [Pub] withdraw #
    - [Pub] emergencyWithdraw #
    - [Int] safeUPXTransfer #
							

• Go Home